Re: Using client certificates for signing from Mitar on 2016-02-23 (public-webappsec@w3.org from February 2016)

From: Mitar <mmitar@gmail.com>
Date: Mon, 22 Feb 2016 21:42:31 -0800
To: Martin Thomson <martin.thomson@gmail.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <CAKLmikMyLe4sf7L9_foWChQ4pcbh6WHBKpuWnv=48vmZakVLcg@mail.gmail.com>

Hi!

On Mon, Feb 22, 2016 at 4:24 PM, Martin Thomson
<martin.thomson@gmail.com> wrote:
> You don't *need* a certificate to sign.  WebCrypto is enough.

You do. Because your certificate is signed by the state CA. And this
makes your digital signature legally equivalent to the normal
signature for almost any purpose. At least some countries in Europe
have such laws.


Mitar

-- 
http://mitar.tnode.com/
https://twitter.com/mitar_m

Received on Tuesday, 23 February 2016 05:43:00 UTC