This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

[tb@MIT.EDU (Thomas Bushnell, BSG)] Re: RMS is at it again





[drepper, Please forward to the entire libc-hacker list for me ]

=?ISO-8859-1?Q?Fran=E7ois_Pinard?= <pinard@iro.umontreal.ca> writes:

> [Ulrich Drepper]
> > tb@MIT.EDU (Thomas Bushnell, BSG) writes:
> 
> > > Ah.  Alas, digital signatures are not legally valid in the US or any
> > > other country that I know of.  
> 
> > Ehm, isn't your president signing today the digital signature act (or
> > however you are calling this thing)?
> 
> I heard that this is limited to "smart cards".

I checked up on the legislation.

It is not limited to smart cards.  It basically says that a digital
signature has to be accepted as broadly as a regular pen-and-ink
signature, even in the context of a law which specifies that a written
signature is required.  (It happens that transfer of copyright is such
a law.)  So you can now legally transfer copyright with a digital
signature.

That is unfortunately not good enough for our purposes yet.  As with
any signature, you have to prove that the real person signed it.
Right now we do not have a good enough infrastructure for digital
signatures to satisfy most courts, except for the cases where you can
assert that Joe Schmoe gave you his PGP key (or fingerprint) when you
met him in person.  The validation problem remains; it is not clear
how the courts will handle it, and until we know, it's probably better
to stick with written signatures wherever possible.





Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]