[15802] in cryptography@c2.net mail archive
Re: dual-use digital signature vulnerability
daemon@ATHENA.MIT.EDU (Jerrold Leichter)
Wed Jul 21 11:27:16 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 19 Jul 2004 12:02:42 -0400 (EDT)
From: Jerrold Leichter <jerrold.leichter@smarts.com>
To: Anne & Lynn Wheeler <lynn@garlic.com>
Cc: Jerrold Leichter <jerrold.leichter@smarts.com>,
Sean Smith <sws@cs.dartmouth.edu>,
Amir Herzberg <herzbea@macs.biu.ac.il>, cryptography@metzdowd.com
In-Reply-To: <6.1.2.0.2.20040719090749.03cac8e0@mail.comcast.net>
| note that some of the online click-thru "contracts" have been making
| attempt to address this area; rather than simple "i agree"/"disagree"
| buttons ... they put little checkmarks at places in scrolled form .... you
| have to at least scroll thru the document and click on one or more
| checkmarks .... before doing the "i agree" button. a digital signature has
| somewhat higher integrity than simple clicking on the "i agree" button ...
| but wouldn't subsume the efforts to demonstrate that a person was required
| to make some effort to view document. Of course in various attack scenarios
| ... simple checkmark clicks could be forged. However, the issue being
| addressed isn't a forging attack ... it is person repudiating that they
| read the T&Cs before hitting the "I agree" button.
...which makes for an interesting example of thw way in which informal
understandings don't necessarily translate well when things are automated.
The law school professor of a friend of mine told a story about going to rent
an apartment. The landlord was very surprised to watch him sign it with only
a glance - not only was this guy a law professor, but he had done a stint as a
Housing Court judge. "Aren't you going to read it before signing?" "No -
it's not enforceable anyway." (This is why there have been cases of landlords
who refused to rent to lawyers - a refusal that was upheld!)
If you are offered a pre-drafted contract on a take-it-or-leave it basis -
the technical name is an "adhesion contract", I believe - and you really need
whatever is being contracted for, you generally *don't* want to read the
thing too closely....
When you buy a house these days, at least some lawyers will have you initial
every page of the agreement. Not that there is anything in there you want to
read too closely either. (The standard terms for the purchase of a house in
Connecticut have you agree not to "use or store" gasoline on the property. I
pointed out to my lawyer - who had actually been on the committee that last
reviewed the standard form - that as written this meant I couldn't drive my
car into the garage, or even the driveway. His basic response was "Don't
worry about it.")
The black-and-white of a written contract makes things appear much more
formal and well-defined than they actually are. The real world rests on many
unwritten, even unspoken, assumptions and "ways of doing business". It's
just the way people are built. When digital technologies only *seem* to match
existing mechanisms, all kinds of problems arise. Despite such sayings as
"You can't tell a book by its cover", we trust others based on appearances
all the time. Twenty years ago, if a company had printed letterhead with a
nice logo, you'd trust them to be "for real". Every once in a while, a con
man could abuse this trust - but it was an expensive undertaking, and most
people weren't really likely to ever see such an attack.
Today, a letterhead or a nice business card mean nothing - even when they are
on paper, as opposed to being "just bits". It's really, really difficult to
come up with formal, mechanized equivalents of these informal, intuitive
mechanisms.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com