Emails are discovery able to be used as any written document. The signature being electronic rather than live does not hinder someone from using it in a case headed towards or engaged in a court of law.
There are three basic issues with electronic communications of any type:
#1) The sender's identity must be confirmed (are you who you say you are?)
#2) The contents of the e-mail must be confirmed not to have been altered by another person
#3) The sender must not be able to repudiate that he/she sent the e-mail. (Wait a minute, somebody else was at my computer and sent that e-mail...)
Digitially signing the document allows for "two-factor" or "three-factor" validation of the above
The three factors are simply: something you have, something you know, something you are.
Something you have: a token, smartcard, or something else along those lines. It's something you physically must have on your person (an unauthorized person wouldn't have that token)
Something you know: a PIN, a password, a passphrase, or something else that you, and nobody else knows. (An unauthorized person wouldn't know that piece of information that is in your head and in your head alone)
Something you are: your signature, your fingerprint, your retinal scan, your DNA pattern, or something else (An unauthorized person wouldn't be able to have a piece of you that would be needed to validate that it is, in fact, you that is present at the computer sending the e-mail)
Obviously, somebody could steal the token from you. But they wouldn't necessarily have the PIN that went with the token. And they wouldn't have your fingerprint.
Somebody might be able to look over your shoulder and get the PIN, but they wouldn't have the token that went with the PIN...unless they simultaneously stole the token from you at the same time.
Somebody might be able to kill you, cut your hand off, and use your fingerprint, but they wouldn't know the PIN or have the token that went with the fingerprint.
Two factor authentication relies on the fact that the odds of somebody having two of the three factors is very small. Three factor authentication relies on the fact that the odds of somebody having all three factors is infinitely small. NOT THAT IT COULDN'T HAPPEN, but the odds are somewhere around the odds of winning the lottery.
What happens with a digitally signed message is that you write the message and then "sign" it. The contents of the messsage is run through a computer algorithm that assigns a code to the message that is the signature. If any of the contents of the message is changed, when the recipient of the message runs it through the same algorithm, the code would change. So, therefore, it's known that the message contents are exactly what you sent. The signature can be verified against a trusted "registry," therefore, it can be verified that you sent it. So you end up having nonrepudiation and validation of the contents.
The above is not fully technically accurate, but to be fully accurate, we'd have to discuss hash algorithms, public key cryptography, and a bunch of other topics that are way to "geek-like" to get into here.
You can google MD5, PKI, DES, AES, and public key cryptography if you want some more technical explanations of the topic.
Bottom line: if the document is digitally signed, it's legal. If not, it wouldn't stand up in court.
Contrary to what you may think, even after looking at that goofy picture of me...I have not always been the perfect little angel with his finger stuck in his ear...LOL If anyone is thankful for God's grace, it's me!
Man, I have been in the heat way too long...what was the question?
In a court of law... suppose I was being accused of a crime and my alibi is that I was at home on the interent at the time the crime took place.
Is just "being" on the internet, posting on GSC, a lawful alibi to prove my alibi or do my posts have to be "signed"?
First,
You're not supposed
to un-hijack this thread!!!
Secondly...
If you wanted to prove that your computer was in use during the time in question (according to your system's clock), you can look at the system log on your machine. For Windows XP it's: Control Panel -- Administrative Tools -- Event Viewer -- System.
If you wanted to prove that your computer was in use on the Internet at that time (according to the system's clock), you can look at certain entries on the system log.
If you wanted to prove that your computer went to certain web sites at that time (according to the system's clock), you can look at your Internet history.
If you wanted to prove that somebody from your IP address and with a cookie registered to you (how many of us log off when we're actually done?) logged onto www.greasespotcafe.com/ipb, you could have Paw's web server logs subpoena'd.
But if you wanted to prove that it was YOU that was accessing that website from that computer at that given time, you'd have to use some type of digital signature scheme like I outlined above. Otherwise, you (or they) could suppose that it was actually somebody else on your computer at that time accessing this website. And it couldn't be proven otherwise.
(Now the next question is, why are you looking for an alibi??? Hmmmm??? Inquiring minds want to know! )
OK, so meanwhile, back to our regularly scheduled thread hijack!
In theory, if I had a witnesses(es), they could support my alibi.
However, in the absence of witnesses, from everything I've read in other GSC threads, in a court of law, postings can and are used (as outlined by CK above).
Why would you scream at me for breaking an unwritten rule?
I am completely curious as to what can and cannot be proven regarding email and postings NOT because I need an alibi. All I can say right now is that I'm working on a project and I am willing to expend as much research as needed to assure that the final outcome is truthful... truthful, as in the whole truth and nothing but the truth.
If everything you've posted on this thread is true, I'll need to rethink the strategy for my project People with money to burn can access almost anything. I'm not one of those people.
So, excuse me for unhijacking this thread in an effort to learn something new.
I wouldn't be at all surprised to see that I've now killed this thread, as it seems to be habit with me lately.
Not too many things "surprise" me, but that doesn't mean I don't ask "why".
I believe MarkO was kidding with you about un-hijacking the thread, even if he did yell it, I do believe he meant humor there. You've done nothing wrong, nothing at all. :)
Amazingrace, in theory and even what the law does in absolutes there can be fuzzy lines. Law, no way, yes way! In law there is a line that you can dance on the top of but it's like a pen head and if forgotten can be your downfall. If you get a bit too risky or big headed you can topple off that pen head in a heartbeat.
So anything put to print can have an impact. Intent is a big thing in the real world of encounters. Although with things of $ value they are no longer an action but the consequences to the players are very real.
I'm not a legal student, yet I've been employed in ways that have had me working with the FBI for over a year and on my second assignment was very involved with the Federal Trade Commissioner and our Attorney General so I am not ignorant to real life in ways of a party's 'means, intent, legal position, proof, etc'. And we posters know our words are not private once the Add Reply button is clicked.
But intent is only so good with $. An electronic signature is required to take the next step in some matters of protest.
(disclaimer for one time only if I obey myself)
Normally I don't like to boast, if it appears I do then you don't know me. And why would I be so confident of that? My buds wouldn't need to think of why, they just know it. But others here and eyes reading but not posting don't know why I wouldn’t do such a thing. That I see myself so lacking I'd be embarrassed to do so. But that person has been getting her foot kicked by me regularly so if you just happen to notice a change and you still don't know me I reckon you'll just have to deal with it.
Recommended Posts
ChattyKathy
Emails are discovery able to be used as any written document. The signature being electronic rather than live does not hinder someone from using it in a case headed towards or engaged in a court of law.
Link to comment
Share on other sites
markomalley
They are if they are digitally signed.
There are three basic issues with electronic communications of any type:
#1) The sender's identity must be confirmed (are you who you say you are?)
#2) The contents of the e-mail must be confirmed not to have been altered by another person
#3) The sender must not be able to repudiate that he/she sent the e-mail. (Wait a minute, somebody else was at my computer and sent that e-mail...)
Digitially signing the document allows for "two-factor" or "three-factor" validation of the above
The three factors are simply: something you have, something you know, something you are.
Something you have: a token, smartcard, or something else along those lines. It's something you physically must have on your person (an unauthorized person wouldn't have that token)
Something you know: a PIN, a password, a passphrase, or something else that you, and nobody else knows. (An unauthorized person wouldn't know that piece of information that is in your head and in your head alone)
Something you are: your signature, your fingerprint, your retinal scan, your DNA pattern, or something else (An unauthorized person wouldn't be able to have a piece of you that would be needed to validate that it is, in fact, you that is present at the computer sending the e-mail)
Obviously, somebody could steal the token from you. But they wouldn't necessarily have the PIN that went with the token. And they wouldn't have your fingerprint.
Somebody might be able to look over your shoulder and get the PIN, but they wouldn't have the token that went with the PIN...unless they simultaneously stole the token from you at the same time.
Somebody might be able to kill you, cut your hand off, and use your fingerprint, but they wouldn't know the PIN or have the token that went with the fingerprint.
Two factor authentication relies on the fact that the odds of somebody having two of the three factors is very small. Three factor authentication relies on the fact that the odds of somebody having all three factors is infinitely small. NOT THAT IT COULDN'T HAPPEN, but the odds are somewhere around the odds of winning the lottery.
What happens with a digitally signed message is that you write the message and then "sign" it. The contents of the messsage is run through a computer algorithm that assigns a code to the message that is the signature. If any of the contents of the message is changed, when the recipient of the message runs it through the same algorithm, the code would change. So, therefore, it's known that the message contents are exactly what you sent. The signature can be verified against a trusted "registry," therefore, it can be verified that you sent it. So you end up having nonrepudiation and validation of the contents.
The above is not fully technically accurate, but to be fully accurate, we'd have to discuss hash algorithms, public key cryptography, and a bunch of other topics that are way to "geek-like" to get into here.
You can google MD5, PKI, DES, AES, and public key cryptography if you want some more technical explanations of the topic.
Bottom line: if the document is digitally signed, it's legal. If not, it wouldn't stand up in court.
Hope that helps.
Link to comment
Share on other sites
ChattyKathy
Excellent Mark! And I know enough about this subject experientially that I can concur you are right on!
Link to comment
Share on other sites
Tom Strange
The Talking Doll Concurs! that's it!
Link to comment
Share on other sites
ChattyKathy
You're cute! :)
Link to comment
Share on other sites
likeaneagle
THanks MarkO---
Great explanation..
THanks Kathy!!
Link to comment
Share on other sites
ChattyKathy
Link to comment
Share on other sites
moony3424
Couldn't resist CK.
Edited by moony3424Link to comment
Share on other sites
ChattyKathy
That's beautiful!!!!! :)
Link to comment
Share on other sites
oilfieldmedic
Wasn't that peace sign from the 60's?
Oh yeah, now I remember...I think?
Contrary to what you may think, even after looking at that goofy picture of me...I have not always been the perfect little angel with his finger stuck in his ear...LOL If anyone is thankful for God's grace, it's me!
Man, I have been in the heat way too long...what was the question?
Link to comment
Share on other sites
ChattyKathy
Somehow I never took you to be a perfect little angel. :)
Link to comment
Share on other sites
oilfieldmedic
Hmph! My mom says I am...LOL Yeah right!
Edited by oilfieldmedicLink to comment
Share on other sites
ChattyKathy
We're inclined to but in our minds if they are being a little pi$$er, then that's what they are, not an angel.
Link to comment
Share on other sites
oilfieldmedic
Ah...I stand corrected then...so I'm a pi$$er then...I can live with that
Link to comment
Share on other sites
ChattyKathy
ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha
Link to comment
Share on other sites
Amazingrace
I get the point but am wondering.....
In a court of law... suppose I was being accused of a crime and my alibi is that I was at home on the interent at the time the crime took place.
Is just "being" on the internet, posting on GSC, a lawful alibi to prove my alibi or do my posts have to be "signed"?
Link to comment
Share on other sites
Tom Strange
How could you prove that you were posting from your home and not somewhere else?
Link to comment
Share on other sites
markomalley
First,
You're not supposed
to un-hijack this thread!!!
Secondly...
If you wanted to prove that your computer was in use during the time in question (according to your system's clock), you can look at the system log on your machine. For Windows XP it's: Control Panel -- Administrative Tools -- Event Viewer -- System.
If you wanted to prove that your computer was in use on the Internet at that time (according to the system's clock), you can look at certain entries on the system log.
If you wanted to prove that your computer went to certain web sites at that time (according to the system's clock), you can look at your Internet history.
If you wanted to prove that somebody from your IP address and with a cookie registered to you (how many of us log off when we're actually done?) logged onto www.greasespotcafe.com/ipb, you could have Paw's web server logs subpoena'd.
But if you wanted to prove that it was YOU that was accessing that website from that computer at that given time, you'd have to use some type of digital signature scheme like I outlined above. Otherwise, you (or they) could suppose that it was actually somebody else on your computer at that time accessing this website. And it couldn't be proven otherwise.
(Now the next question is, why are you looking for an alibi??? Hmmmm??? Inquiring minds want to know!
)
OK, so meanwhile, back to our regularly scheduled thread hijack!
Link to comment
Share on other sites
Amazingrace
Tom,
In theory, if I had a witnesses(es), they could support my alibi.
However, in the absence of witnesses, from everything I've read in other GSC threads, in a court of law, postings can and are used (as outlined by CK above).
----------------------------------------------------------------------------------------------
Mark,
You screamed at me for un-hijacking a thread.
Why would you scream at me for breaking an unwritten rule?
I am completely curious as to what can and cannot be proven regarding email and postings NOT because I need an alibi. All I can say right now is that I'm working on a project and I am willing to expend as much research as needed to assure that the final outcome is truthful... truthful, as in the whole truth and nothing but the truth.
If everything you've posted on this thread is true, I'll need to rethink the strategy for my project People with money to burn can access almost anything. I'm not one of those people.
So, excuse me for unhijacking this thread in an effort to learn something new.
I wouldn't be at all surprised to see that I've now killed this thread, as it seems to be habit with me lately.
Not too many things "surprise" me, but that doesn't mean I don't ask "why".
Link to comment
Share on other sites
ChattyKathy
I believe MarkO was kidding with you about un-hijacking the thread, even if he did yell it, I do believe he meant humor there. You've done nothing wrong, nothing at all. :)
Link to comment
Share on other sites
ChattyKathy
Amazingrace, in theory and even what the law does in absolutes there can be fuzzy lines. Law, no way, yes way! In law there is a line that you can dance on the top of but it's like a pen head and if forgotten can be your downfall. If you get a bit too risky or big headed you can topple off that pen head in a heartbeat.
So anything put to print can have an impact. Intent is a big thing in the real world of encounters. Although with things of $ value they are no longer an action but the consequences to the players are very real.
I'm not a legal student, yet I've been employed in ways that have had me working with the FBI for over a year and on my second assignment was very involved with the Federal Trade Commissioner and our Attorney General so I am not ignorant to real life in ways of a party's 'means, intent, legal position, proof, etc'. And we posters know our words are not private once the Add Reply button is clicked.
But intent is only so good with $. An electronic signature is required to take the next step in some matters of protest.
(disclaimer for one time only if I obey myself)
Normally I don't like to boast, if it appears I do then you don't know me. And why would I be so confident of that? My buds wouldn't need to think of why, they just know it. But others here and eyes reading but not posting don't know why I wouldn’t do such a thing. That I see myself so lacking I'd be embarrassed to do so. But that person has been getting her foot kicked by me regularly so if you just happen to notice a change and you still don't know me I reckon you'll just have to deal with it.
Link to comment
Share on other sites
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.