The Historical Situation
Deeds are fundamental legal instruments. A validly executed deed constitutes a binding promise to abide by the intention of the written text. The execution ceremony of a deed requires that the written document be signed, sealed by the executor of the deed and delivered to the grantee.
Deeds are powerful. They are more powerful than contracts, as they do not require that consideration be paid by the grantee of the deed for the promise to be binding.
Company directors have the power to enter into deeds on behalf of their incorporated members. Deeds of arrangement, deeds of settlement and deeds of non-disclosure are routinely entered into by directors.
Historically, an affixed seal was held to be entirely sufficient for deed execution, and to in fact hold more evidential weight than a written signature. Signatures became more important, and popular, as literacy rates increased.
As offices modernised, seals (at least in Western nations) became less and less fashionable. Instead, countersigned signatures replaced seals. A witness attesting to the application of a signature to a deed with their (second) signature was held to be a satisfactory replacement for a personal or corporate seal for the purpose of deed execution.
As the information revolution took off, we entered the world of electronic and digital signatures.
The Certificate Authority Scheme
A Certificate Authority (CA) is an organization that validates the identities of entities (such as websites, email addresses, companies, or individual persons) and binds them to cryptographic keys through the issuance of electronic documents, known as digital certificates.
When the digital certificate is presented to a third party (such as when that person accesses the certificate-holder’s website), the recipient can:
- cryptographically confirm the CA’s digital signature via the CA’s public key, and
- use the certificate to confirm:
- that signed content was sent by someone in possession of the corresponding private key, and
- that the information has not been altered since it was signed.
The Mistake
The CA scheme was designed fundamentally for the protection of messages in transit. It wasn’t originally intended as a means for signing documents at rest.
The architects of the CA scheme made a mistake when they called the key material they attached to messages “digital signatures“ because people eventually assumed that they were suitable as digital signatures on documents as well.
There's a problem with this.
Legal instruments, such as deeds and contracts, can be relevant for long periods of time. Conversely, digital certificates and the signatures based on them, are not necessarily always going to be secure. Many are already known to be compromised, and are listed on a Certificate Revocation List (CRL) of the issuing CA.
Also, the public key component is exposed, and that constitutes an attack vector. Many certificates have already been compromised, but the real issue is with the advent of quantum computing.
Quantum computation will bring about a major advance in the ability of computers to attack Public Key Infrastructure (PKI). As that happens over the next few years, it becomes possible for executors of legal instruments to repudiate the execution. They can simply say, “I didn't sign that. It must have been hacked.” Now you have to prove that they did, which is not possible as quantum computation becomes sufficiently powerful.
Other Problems
The security implications are not the only problem with CA based digital signatures.
They are also quite difficult to manage. Most users don’t have the ability to correctly protect private keys, or the patience to learn how to.
This leads to further problems. Because key (and therefore certificate) management is difficult, digital signature service providers tend to facilitate users signing document with the service provider’s certificate rather that the user’s certificate. So, when it comes to an analysis of the forensics in the signature, the trail leads to the service provider rather than the counterparty to the agreement. Any surrounding information that the service provider might have as to the identity of the user is in their system, rather than in the signature itself.
This means also that the evidence is off the trusted path, and may or may not be protected cryptographically. Proving any attachment between the executed document and the person who allegedly executed it becomes complex and problematic.
Seals
Digital Seals avoid all of the problems with digital signatures.
- They achieve very high standards of non-repudiation, which is definitely the name of the game when it comes to remote execution of legal documents.
- Users are not required to manage their own keys.
- Users’ identity keys are contained securely within the infrastructure, which users can bind to and use as necessary. This means that they cannot lose their keys. Also, neither the private nor the public part of the key pair is exposed, which means that the keys provide zero attack surface and will survive the advent of quantum computing.
- The management and application of a digital seal becomes a simple element of a user interface. The user can then apply the seal to execute a deed, contract or other legal document and the seal contains all of the necessary forensic information with respect to the identity of the user and their intention to be bound by the terms of the instrument.
- All of the forensic provenance information is on the trusted path and may be verified by a variety of means. A seal is unique and cannot be forged or counterfeited.
To learn more about Digital Seals: