Technical and Legal Meaning of “Sole Control” – Towards Verifiability in Signing Systems
- Cite this paper as:
- Kutyłowski M., Błaśkiewicz P., Krzywiecki Ł., Kubiak P., Paluszyński W., Tabor M. (2011) Technical and Legal Meaning of “Sole Control” – Towards Verifiability in Signing Systems. In: Abramowicz W., Maciaszek L., Węcel K. (eds) Business Information Systems Workshops. BIS 2011. Lecture Notes in Business Information Processing, vol 97. Springer, Berlin, Heidelberg
One of the fundamental ideas of the framework of electronic signatures defined in EU Directive 1999/93/WE is “sole control” over signature creation data. For a long time “sole control” has been understood as using black-box devices for which a certain third party has issued a certificate, whereas the signer was supposed to trust blindly the authorities and certification bodies. This has been claimed as the only feasible solution.
Recent advances in technology and development of verifiable systems show that it is possible to provide systems such that the signer has much more control over the signing process and can really maintain control over the signature creation data. The main idea is that breaches in the system cannot be excluded but if they occur, then the signer can provide evidence of a fraud of a third party.
Keywordselectronic signature secure signature creation device qualified signature mediated signatures end-to-end verifiability
Unable to display preview. Download preview PDF.