Version 1.5

The comp.security.pgp FAQ


5. Message Signatures


5.1 What is message signing?

Let's imagine that you received a letter in the mail from someone you know named John Smith. How do you know that it was really John who sent you the letter and not someone else who simply forged his name? With PGP, it is possible to apply a digital signature to a message that is impossible to forge. If you already have a trusted copy of John's public encryption key, you can use it to check the signature on the message. It would be impossible for anybody but John to have created the signature, since he is the only person with access to the secret key necessary to create the signature. In addition, if anybody has tampered with an otherwise valid message, the digital signature will detect the fact. It protects the entire message.

5.2 How do I sign a message and keep it readable?

Sometimes you are not interested in keeping the contents of a message secret, you only want to make sure that nobody tampers with it, and to allow others to verify that the message is really from you. For this, you can use clear signing. Clear signing only works on text files, it will not work on binary files. The command format is:
pgp -sat +clearsig=on <filename>

The output file will contain your original unmodified text, along with section headers and an armored PGP signature. In this case, PGP is not required to read the file, only to verify the signature.

You should be careful when you "clearsign" a text file like this. Some mail programs might alter your message when it is being sent, for example because there are very long lines in the message. This will invalidate the signature on the message. Also, using 8-bit characters in your message can cause problems; some versions of PGP will think the file is actually a binary file, and refuse to clearsign it.

For this reason, PGP 2.6.3i will automatically ASCII armor messages with very long lines in it.

5.3 Can't you just forge a signature by copying the signature block to another message?

No. The reason for this is that the signature contains information (called a "message digest" or a "one-way hash") about the message it's signing. When the signature check is made, the message digest from the message is calculated and compared with the one stored in the encrypted signature block. If they don't match, PGP reports that the signature is bad.

5.4 Are PGP signatures legally binding?

It has become legal in many places now. At least one company is using PGP digital signatures on contracts to provide "quick agreement" via E-mail, allowing work to proceed without having to wait for the paper signature.

In the USA, the state of Utah adopted its Digital Signature Act (the "1995 Utah Act") on February 27, 1995. It was signed by Michael Leavitt, Governor of Utah, on March 9, 1995, and took effect on May 1,1995. Utah was the first legal system in the world to adopt a comprehensive statute enabling electronic commerce through digital signatures. Thereafter, the 1996 amendment became effective on April 29, 1996.

Other USA states are also working on implementing this technology for commerce, like Georgia, Washington and Illinois, ect. Apart from Utah, currently California and Virgina have bills or laws enabling this technology.

The Georgia law is available from: http://www.cc.emory.edu/BUSINESS/gds.html

The Washington law is available from: http://access.wa.net/sb6423_info/index.html

The California law is available from: http://www.ss.ca.gov/digsig/digsig.htm.

In many jurisdictions, a prior agreement in writing to accept valid digital signatures as binding is itself binding. If you are going to be swapping many digitally-signed agreements with another party, this approach may be useful. You might want to check with a lawyer in your country if the digital signatures will be used for important or valuable contracts.

5.5 Is the date on a PGP signature reliable?

No. The date and time you see when you verify a PGP signature on a file (often called a timestamp) is the time and date the computer was set to when the signature was created. On most computers, it is extremely easy to reset the date and time to any time you want, so you can generate documents with a forged timestamp.

For this reason, you can use a so-called digital notary or time-stamping service. This is a system that does nothing but sign documents you send to it, after inserting a date and time somewhere in the text. The service uses a numbering scheme which makes it impossible to insert timestamps at a later time. One such service is run by Matthew Richardson. For more information about it, please see http://www.itconsult.co.uk/stamper.htm.

[ Previous | Next | Table of Contents | About this FAQ | Glossary ]


Copyright © 1996 by Arnoud Engelfriet.
Last updated: 22 Oct 1998.
Comments, additions and suggestions can be sent to <faq-admin@mail.pgp.net>.
This FAQ was generated by Orb v1.3 for OS/2.