http://www.cga.state.ct.us/2003/olrdata/ph/rpt/2003-R-0422.htm
says: "The Connecticut Supreme Court and the U. S. Supreme Court have held that irrebuttable presumptions are unconstitutional when they are not necessarily or universally true and the state has reasonable alternative means of making the determination."
The comment appears to apply to statutes and regulations (as opposed to contracts). Still the two tests mentioned seem very appropriate to a discussion of non-repudiation as used in cryptography. In deciding whether the existence of a verified signature should automatically lead to some real world action, we should consider both the adequacy of the technology and the nature of the application.
So, for example, the military might adopt an irrebuttable presumption that a cryptographically signed order comes from the registered owner of a cryptographic key, because it has vetted all the technology employed, it can't tolerate delay, and is willing to impose a duty on a key holders to protect their key or suffer the consequences.
On the other end of the scale, anti-spam software might accept a signature validated by a public key that is included in a user's white list as conclusive proof that the message should be transmitted to that user because the consequences of doing so with a forged message are so minute.
In the case of ordinary consumer transactions, an irrebuttable presumption for public key signatures would not seem to pass muster. There are too many problems with the technology (its not just a question of protecting the private key, but also of insuring the the document actually signed is the one the user thought he was signing) and there are usually other forms of evidence (e.g. delivery records) to substantiate the transaction.
This is apparently a very complex area of law. Another paper http://www.law.nyu.edu/clppt/program2003/readings/Franck.doc includes these quotes:
"Every writer of sufficient intelligence to appreciate the difficulties of the subject matter has approached the topic of presumptions with a sense of hopelessness and left it with a feeling of despair."5 Commenting on the law of presumptions, Judge Learned Hand has commented: "Judges have mixed it up until nobody can tell what on earth it means."6
It sounds like the legal profession long ago recognized the difficulties the cryptographic community is now grappling with regard to "non-repudiation." We should be very wary of assuming mathematical constructs naturally transform into the legal arena.
Arnold Reinhold (who is not a lawyer)
5 Edmund M. Morgan, "Presumptions," 12 Wash. L. Rev. 255, 255 (1937). 6 L. Hand, 18 ALI Proceedings 217-18 (1941).
At 5:32 PM -0800 1/5/04, Ed Gerck wrote:
>
In business, when repudiation of an act is anticipated we're reminded by
Nicholas Bohm (whose clear thinking I know and appreciate for 6 years)
that some lawyers find it useful to define "irrebuttable presumptions" -- a
technique known to the law and capable of being instantiated in statute or contract.
For example, a legal "irrebuttable presumption" can take the form of a bank check
contract stating that a check (even though it can be *proven* a posteriori to be a
forgery) is payable by the bank if the account holder did not notify the bank to
repudiate the check *before* the check was presented to the bank for payment.
The requirement can be seen an "out-of-band" signal from the account holder to
the bank, which absence makes the check's payability an irrebuttable presumption
by the bank. In this case, as long as the check's signature does not look like a
(obvious) forgery and there is enough balance in the account, the bank has no
liability to that customer in paying the check. Note also that the effectiveness of
this method relies on an "indirect proof" -- the absence of a previous communication
makes the check payable.
Likewise, in a communication process, when repudiation of an act by a party is
anticipated, some system security designers find it useful to define "non-repudiation"
as a service that prevents the effective denial of an act. Thus, lawyers should
not squirm when we feel the same need they feel -- to provide for processes
that *can be* conclusive.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
