Talk:Digital signature: Difference between revisions

	Main Article	Discussion	Related Articles  [?]	Bibliography  [?]	External Links  [?]	Citable Version  [?]
	To learn how to update the categories for this article, see here. To update categories, edit the metadata template.  Definition:  A technique based on public key cryptography to allow people to "sign" documents using their private keys. [d] [e] Checklist and Archives  Workgroup categories:  computers, mathematics and law [Editors asked to check categories]  Subgroup category:  Security  Talk Archive:  none  English language variant:  Canadian English Unused subpages  Unused subpages:  - Bibliography - External Links - Works - Discography - Filmography - Catalogs - Timelines - Gallery - Audio - Video - Code - Tutorials - Student Level - Signed Articles - Function - Addendum - Debate Guide - Advanced - Recipes - Citable Version

A point I've seen both ways

What you describe will work, but there's an additional potential check. In the body of the message hashed by the sender can be, minimally, some plain text, and preferably, a "inner signed signature", or ideally inner signature and trusted time stamp, also signed by a trusted third party.

Again, you method will work, but I try to add features that can add a human as well as a pure crypto check. Howard C. Berkowitz 14:01, 10 November 2008 (UTC)

Authentication

Should it be established that the signer should have first authenticated with at least two factors? Howard C. Berkowitz 14:07, 10 November 2008 (UTC)