We have GOT TO make things simpler

Tony Lane codeguro at gmail.com
Fri Oct 4 19:08:14 CEST 2019


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 10/4/19 3:35 AM, Stefan Claas wrote:
> And do those 20 companies business with their customers were GnuPG
> signatures are legally binding, like real signatures on letters?

_At least_ 20 fortune 500 businesses _that I know of_. Mind you, I'm not even counting governments.
And yes, it is recognized by the US government at the very least. See https://lists.gnupg.org/pipermail/gnupg-users/2018-September/060987.html and https://app.leg.wa.gov/RCW/default.aspx?cite=42.45.130


> That for example is the case with eIDAS conform digital signatures
> here in Europe.

Digital signatures are, in general, legally binding.
If for instance a government official who's known to use PGP signatures signs off on a treasonous act, that signature can be used against him or her in court of law.
But it can also be used for contracts.
e-signature  is a legal concept used to capture a person’s intent to be legally bound by the terms of an agreement or contract.
While a digital signature is  a mathematical algorithm. A cryptographic technology used to make data tamper evident, digitally sign of documents.
Even the "newer" signatures that are the Elliptic Curves are recognized as per FIPS-186-4, see:
https://www.federalregister.gov/documents/2015/10/20/2015-26539/federal-information-processing-standard-fips-186-4-digital-signature-standard-request-for-comments#h-9
and notably https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
-----BEGIN PGP SIGNATURE-----

iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXZd8fgAKCRDo8fj9gx4T
02ZvAgjW4j3F1vJna5KRq2po8xW6qmds0u8wUIJNDnQ46nBecy7nxTVyRNgMqdTq
kG19RhDdWvQZ850hmeAK6KJiYUAR+gIJAQ7YSL91Ncopuj8Eeamlh/KBpHfsrCS9
KT/7ZaFhKusw8fOz5XjvQxTksxeJrDsAYvIyufjdu837ri+qEqXWMWSd
=Lx49
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list