-----BEGIN PGP SIGNED MESSAGE-----
Don Davis wrote:
> i'm sorry, but this is a foolish complaint. their specialty
> is as demanding as ours; why demand that they should master
> our specialty, when we make no effort to master theirs, and
> when we make no effort to help them understand crypto?
>... indeed, the crypto community
> goes further, by ridiculing any cryptographer or security
> expert who supports legislative efforts. we're the ones who
> have screwed this up, not the legislators or their staffers.
>
I have done my best to "master" theirs for over 20 years. (Admittedly,
I have gotten some ridicule from the security community, too.)
In this case, it was deliberate effort by business lobbyists that
resulted in this language. I named some.
The original Senate sponsor, Spence Abraham, is from my state, Michigan.
The rationale given by the staff, namely Kevin Kolevar, was that they
wanted to keep as close to UETA as possible, since that is the "uniform"
wording states are adopting. Of course, the major reason for this push
was that states _refuse_ to adopt it!
In the enrolled senate bill, the definition was originally:
The term `electronic signature' means an electronic sound, symbol,
or process attached to or logically associated with a record and
executed or adopted by a person with the intent to sign the record.
In the house, the definition was changed to:
The term `electronic signature' means information or data in
electronic form, attached to or logically associated with an
electronic record, and executed or adopted by a person or an
electronic agent of a person, with the intent to sign a contract,
agreement, or record.
Note that they killed off the "process" nonsense, and required data!
Admittedly, it's not perfect, but was the best that folks could
substitute. They didn't want to endorse a "specific method",
partly because of the RSA patent issue.
The house also added privacy language (and a number of other fixes):
Nothing in this section shall be construed to require the
Secretary or the Assistant Secretary to take any action that
would adversely affect the privacy of consumers.
The final language adopted in conference committee is a compromise,
as usually happens, but mostly conforms to the senate (UETA) version:
The term ``electronic signature'' means an electronic sound, symbol,
or process, attached to or logically associated with a contract or
other record and executed or adopted by a person with the intent to
sign the record.
The next step is signing by the president. It could be vetoed. That
will only happen after a big fuss. So, make some noise! Since this
affects global commerce, international would be appreciated!
Did the reporter issue a correction? Time's awasting....
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1
iQCVAwUBOVfWpNm/qMj6R+sxAQFpogP/UqCDAyPI7Ihqvn7VogWugdHcELMoMrSf
8KvAaBl0Q4LWS1hRHYurgm45H3XTgECiCi7+5pjpOvkPEXWkURmCMDWg4h9gf3wg
mnzPExttk5mLI2bw1hTVx7Xq+qDwb5+1wVKhI8loQ5reQI1y073pscJ3xTAc9yxC
I4ekUTjcNZw=
=sxsE
-----END PGP SIGNATURE-----