E-signature is great. I am not sure what service level is across Europe, but in my country it is half-baked due to:
1) software or plugins for signing should be available for free
2)All authorities have to accept same key (here in my country is huge problem with this. Governement offices and institutions accept different keys. Banks doesnt accept anything at all.)
3) Connected systems needs to be automated. its not acceptable to have manual verification and 12 hours sync between e-private-mailboxes (not fully related to esign).
4) if i can send form signed with e-signature it has to be delivered with appropriate automated feedback (meesage delivered,accepted,rejected)
5) they force users to use windows, internet explorer and expensive software, timestamps.
Sounds like Australia. The government forced business owners to use AUSKey for all goverment-business online communication. It was exactly as he described.
1) For simple crypto middleware, have a look at OpenSC - it was created precisely for solving the proprietary middleware problem
2) All the software used in Estonia is open source, available on Github (@open-eid) (same for Belgium, Portugal etc). I can only say that open source eID software does not happen "just because" but needs a bit of pushing. Might take a few years and some personal input, but the outcome shall be good.
3) There are efforts for collaboration on universal and open standards and interfaces (W3C for example) that should make the proprietary vendor locked solutions a nuisance of history
This is actually pretty neat. In Sweden our "BankID" digital signature system is really popular (using digital signature files or 2FA to do your taxes, log into your bank or apply for credit cards), and it's always kinda odd when I notice the kind of backwards half-assed solutions used in other countries. Having it all work intra-nationally would be really cool!
Had to do some googling, but looks like the Swedish BankID isn't the same thing as the Norwegian BankID. Unfortunately the Norwegian BankID never rolled out digital signature files to customers, so we can only use hardware token and a mobile solution to authenticate/sign.
Personally, I'm surprised anyone trusts a mobile phone or its software for anything important. Malware is so prevalent on Android, half the androids are still vulnerable to StageFright vulnerabilities (and will never be fixed, just phased out), and I know that there are exploits for iPhones as well (because I'm familiar with companies who sell those exploits to governments - but I don't know the specifics of any exploit).
AFAIK, Norway and Israel are the only two countries that require an electronic signature be done by a certified secure hardware element. And I think that's the right way.
I will have to agree that the Swedish system works really well. Most of the population is using 2FA for banking and dealing with the government. In contrast, my US bank made me log in with a password to pay my bills.
I hope we get to use your BankID system here in Germany then because our system using the chip in our ID is a nightmare. I was an early adopter but never got it to work properly.
Part of eIDAS is e-signatures for things like documents, the other part is interoperability between the eID systems of the member states so that e.g. Dutch farmers living near the border can use their eHerkenning[1] account to log in to Belgian government services and vice versa.
I think that means that my Estonian e-residency card will actually be on equal footing with the (expensive) "qualified signature" cards issued by some German trust centers.
On the one hand, eIDAS (the e-signature part) is definitely a good thing as it will replace a lot of weak national signature laws with something modestly safe. On the other hand it will also replace strict signature laws (e.g. german) with something much weaker.
In the core of e-signatures is the so called human-machine transfer (Schneiers term). A human expresses his legal declaration of intent through a machine.
In germany this required a (certified) qualified signature unit and software which de-facto meant
certified smartcard from certified trustcenter with secure pin entry (on the card-reader, not the computer).
According to eIDAS this can be replaced with much more weaker forms like server-side keys and signature after 2FA.
And this is where folks from DocuSign (and others) will come in and place cryptographic signature on documents exchange for username+password+click (maybe with 2FA, I doubt that).
So you formerly needed smartcard (possession) with PIN (knowledge).
Now you may only need username+password (knowledge) and maybe a second factor like mobile phone.
I doubt that having control over a smartphone is on the same security level as control over a class 2/class 3 smartcard reader.
eIDAS is not downgrading signature laws with weaker technology - it merely allows more "flavors" of technology to participate in the e-signature market which has been stalling in EU due to the eSign directive from 1999.
eIDAS will allow for more companies to go paperless because most signatures do not require security level of smart card backed qualified electronic signature (QES) - so in those instances DocuSign approach with username/password would be sufficient. For the transactions that require high level of trust (think notarized) QES from eID will still be needed e.g. at least one startup (Crayonic.com) is trying to make eIDAS QES as usable while making it more secure.
eIDAS has different levels of trust and a service (from a country or company) can require a high level of trust to perform an operation, for example using a smartcard.
I didn't read anything about the notion of trust levels in the directives text. Can you point me to the law?
As far as I can see, any signature that is/appears to be qualified (regardless how it came to life) is considered equal to a signature under notary oversight (at least in germany) and shifts the burden of proof. This is heavy!
That is the my main issue with EU law making. They're aiming low to get everyone onboard, but countries that have already laws like that are likely to be overruled to something less. It's great for creating a united marked withing EU, but I just wish they would aim higher. Why settle for less when state of the art already exists and is widely used.
Many EU states are already issuing keypairs to their citizens, usually in a smartcard that is their national ID. This initiative is supposed to get states to recognize each others' keys.
There's not blockchain; entities can simply sign a timestamp to a document, and then people and other entities can either trust it or not. From what I understand, a private company can be licensed as an "verified" timestamper, and then sell its services to other companies or individuals.
I think they should only be allowed with HSM's, from cheap smartcards to full-on tamper-resistant, if it's anything of significant value unless someone opts out of them. The amount of compromises of PC's, servers, and web apps means I trust an electronic signature way less than a physical one. Need extra security especially on the RNG's, timestamps, keys, and signatures.
Note: It will probably help that the best providers of inexpensive, secure IC's are European and already all over those markets.
If the host PC is compromised, does a cheap smartcard help? Just capture the PIN (like you would a password when they logon to their bank) and replay at will? Maybe if the user is very careful to only keep their smartcard in for the minimum time required it helps.
So long as other bank protections are in place, it shouldn't be a step backwards. If it's used to move all liability to the consumer though, then it's a problem.
If you use a smartcard, you should use a class2/class3 card reader with pin-pad and never enter the pin on you computer. So the machine can replace the hash that is to be signed, but cannot intercept and replay the PIN.
It's not always possible but should be whenever possible. The concept is called a trusted path: an unspoofable, un-interceptable interface between the user and the security-critical part of the system. Was required for all high-assurance security under the Orange Book. Still used in some HSM and payment sectors.
Example for other readers on p4 under Luna PCI and Igenico reader that looks like it's a kid's pocket calculator haha:
If the PIN is to access it, then it at least limits the number of times the credential can be used. The credential doesn't leave the smartcard. Plus, there's security schemes like Flicker that remove basically the whole system on top of hardware from TCB. So, you can put PIN check on it.
But is reliance on proprietary security mechanisms really a sensible solution? The individual has to rely on the security, with no way to verify that there aren't any backdoors in the smartcard, for example.
You're already relying on proprietary mechanisms. They're just highly insecure. Adding in a more trustworthy component to reduce risk makes sense. It's what CPU and system vendors try to do with things like TPM and NX bits. Much better schemes out there, though.
Genuine question: how do companies like DocuSign, HelloSign, etc. provide eSignatures without any kind of key authentication? Are they really legally binding?
The first time I was researching this some time last year, because a client wanted this, I almost fell off of my chair.
The recommended "solutions" all of which were being used at least somewhere in the mortgage industry were convoluted processes around people either drawing their signatures with their mouse, uploading a scan of their signature as a picture, or, the most ridiculous, just typing their name and then (optionally) choosing a cursive font so it looks like a fancy signature.
This, of course, is robbing the signature of all of it's original intent of reproducability by just a single person to, you know, prove that you signed yourself, and replaces it, usually, with the ability to receive mail to a certain email address and might as well just consist of a "secure" link to the document and an OK button.
All of these solutions were claimed to be legally binding according to the ESIGN act [0].
If you want to verify the identity of a signature, get a notary or a witness. Signatures were never intended for that.[fn]
Signatures became common as a legal formality in an age when many people were illiterate and signed their name with an "X" (which is still legal in the US). As with everything else in the US, there's a ton of racial history around the "X" signature that isn't relevant here, other than it's been known for hundreds of years that a plain signature isn't enough to verify the identity of the signer.
Instead, the signature came about as a formality to make clear to everyone involved that the person signing a document intended it to have legal effect. It's the difference between writing a note saying "I'll sell you my house for $100" and a signed contract --- there might be a question whether you intended the note to be binding, but there's no question that you intended a signed contract to be binding.
[fn] By contrast, things like signet rings that were able to produce easy-to-verify but hard-to-copy wax impressions have been used for identity verification. Same for name stamps in certain parts of the world.
I'll readily admit my ignorance on the finer points of signatures and what you wrote makes sense to me, but using the hope that an email address will reach the intended recipient, and the intended recipient only, as your trust anchor, the whole system is basically no better than sending an email that says
> If you agree to buy this house for $100, just click reply, type your name and then hit send.
All the fancy PDF displays and contract-signing-skeumorphisms just create a fuzzy-warm feeling, but don't actually do anything.
Which seemed a little odd to me as a way to authorize parts of a mortgage.
Not sure how these companies work, but what if you could click a link over SSL to view signing details, IP address and what email address the user had validated, etc.? If you combine that with your own validation process before handing them over to the e-signature folks, wouldn't that be enough?
Absent national PKI like what the EU appears to be working on, I don't really see how else you could expect it to work.
Additionally, while the "original intent" is reproducibility, it's not really difficult to duplicate a signature, and physical signatures are only really secure with neutral, third-party human witnesses.
1) software or plugins for signing should be available for free
2)All authorities have to accept same key (here in my country is huge problem with this. Governement offices and institutions accept different keys. Banks doesnt accept anything at all.)
3) Connected systems needs to be automated. its not acceptable to have manual verification and 12 hours sync between e-private-mailboxes (not fully related to esign).
4) if i can send form signed with e-signature it has to be delivered with appropriate automated feedback (meesage delivered,accepted,rejected)
5) they force users to use windows, internet explorer and expensive software, timestamps.