Problem with faked-system-time option
jerome at jeromebaum.com
Thu Jun 16 02:41:29 CEST 2011
>> Actually, no. It's still evidence. It's just not evidence that says
>> "this document existed on the 10th of July". It's evidence that says
>> "someone who was at any point in time in possession of this key, and
>> who has the ability to manipulate the timestamp (or was in possession
>> at the actual time listed in the signature), is claiming that the
>> document existed on the 10th of July".
> You're moving the goalposts: you're changing the terms of what the
> statement is meant to prove. By moving the statement from "A is true"
> to "Tom claims A is true", you've moved it back to something both
> parties stipulate -- presumably, Tom and Jerry both will agree that Tom
> claims A is true. Etc., etc.
So, I'm stating my point? I'm seeing a lot of unqualified statements
(like "it's not evidence"). Yes, you could argue that it should be
read as: "it's not evidence [for fact X]", but being explicit can be a
> Simply put, if both parties agree that "X, and X indicates the truth of
> A, therefore A," then X is evidence for A. As soon as one party objects
> to either the fact (X) or the deduction (the inferential rule), then it
> becomes simply a claim to be evaluated by a jury. Claiming that "well,
> it becomes evidence, just evidence for a different thing," is the sort
> of thing that, while true, kind of misses the point.
Which point? Your point? I was making my own point (per above), not
addressing yours. My point was that I see a lot of talking past each
other and most of that is due to implicit statements. I think if we
all are a bit more explicit (e.g. what is something evidence for? for
whom is something "good enough"? in what context are we proving
something? -- i.e. yes, we *do* need context!) then we'll have a much
more efficient discussion.
>> What tricks would those be?
> At this point, you need to ask a contract lawyer. I know enough
> contract lawyers to be certain they are very on top of their game, and
> they've already given thought to the subject of repudiating electronic
> documents -- but I haven't been fascinated enough to go to law school,
You: Lawyers are able to repudiate electronic signatures with some magic tricks.
Me: Please, show me those tricks.
You: Go ask a lawyer. I only know lawyers are smart people and it
would be in their interests (really?) to repudiate electronic
*documents*. (emphasis mine, obviously)
>> Oh, and I am pretty sure that a timestamp created in accordance with
>> federal electronic signature laws would be considered reliable and be
>> very difficult to dispute.
> As I am given to understand, the major problem with creating documents
> in perfect accordance with all extant law and precedent is just how
> difficult it is to keep track of everything that's applicable. It
> sounds nice and simple to say "create something in accordance with
> signature laws and applicable precedent," but my understanding is that's
> a highly nontrivial task.
Not really. My CPA sends me an electronic invoice that is "in
accordance with signature laws and applicable precedent". In fact, my
ISP does as well, and so does my mobile carrier. Federal electronic
signature laws are pretty simple and easy to understand. There's even
a brochure I think. :)
email jerome at jeromebaum.com
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
More information about the Gnupg-users