-----Jones, Virginia wrote-----
<snip>
Unless what is used is a scanned image of the actual signature, in which
case it would be considered an accurate depiction.
<snip>
------reply--------
Except that attaching a scanned image of a signature is NOT the same as
signing something (digitally or otherwise).
Anyone can scan someone else's signature and embed it into a wordprocessing
document. This can easily be done without the knowledge, permission or
approval of the 'signer'. It would be impossible to build a system where
only an authorised person can attach an image or a signature to a document.
SImply put, a proper Digital Signature is a two part system - A 'public'
key (known to everyone), and a 'private' key (known only to me). "Signing"
a document is really the process of encrypting the document. The two keys
are complementary - If i "sign" something with my private key, anyone can
decrypt it using my public key. If someone signs something with my public
key, only I can decrypt it, using my private key.
There is a short description of this complicated process at
http://www.agimo.gov.au/publications/2002/07/online_auth/pki.
John Lovejoy
[log in to unmask]
My own words, not theirs.
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance