Source on Signer Authentication

"Signer authentication: To provide good evidence of who participated in a
transaction, a signature should indicate by whom a document or message is
signed and be difficult for any other person to produce without
authorization" [1, p. 8].

With respect to assymmetric cryptosystems,

"Signer authentication: If a public and private key pair is associated with
an identified signer as described below [document goes on to describe
certificates and CAs], a digital signature by the private key effectively
identifies the signer with the message.  The digital signature cannot be
forged by a person other than the proper signer, unless the proper signer
loses control of the private key..." [1, p.10].

[1] M. Baum & R. Schwartz. (Eds.) Digital Signature Guidelines: Legal
Infrastructure for Certification Authorities and Secure Electronic Commerce.
American Bar Association, Section of Science and Technology, 1996. Available
at: http://www.abanet.org/scitech/ec/isc/dsgfree.html

John Boyer
Software Development Manager
UWI.Com -- The Internet Forms Company

Received on Friday, 22 October 1999 17:46:26 UTC