1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Secure legal electronic documents

Discussion in 'Software' started by Jakamoko, Jun 20, 2006.

  1. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,915
    60
    229
    Hi All,

    Been posed a couple of questions by a client. I'll paraphrase slightly:

    The client needs to send reports to their solicitor that are secure and un-editable by third parties. Would a pdf writer that was somehow lockable be the answer ?

    It is very important for the client to have reports signed by the author. How would this apply in electronic reports? I believe that there are ways of producing a digital signature. How can this be done? Is it simply a way of inserting a *.jpeg file with the written signature?


    I realise this may be a little vague, but if you need more info, let me know :)
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  2. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    Best way is PGP (Pretty Good Privacy). This uses PKI which answers your questions:

    1) It can't be read while being sent.

    2) Because of the PKI it authenticates who sent it.

    3) A 'Man in the middle' attack will be detected.

    There are other similar PKI style methods, but PGP is nice and easy.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  3. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,915
    60
    229
    Thanks Harry. Presumably, that requires the receiving party to have a copy of the key as well - does PGP take care of this ? From memory, doesn't use of PGP involve both parties having certain software on their machines ?
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  4. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    Both parties need a copy of PGP - preferably the same version.

    You need to create a public key and a private key for each party. PGP will do this for you.

    Because these people are in otherwise close contact they can physicaly exchange keys, which deals with one of the weaknesses of PKI.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  5. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,915
    60
    229
    How about the validity of the digital signature in my original post as well ? Thanks for the input so far :)
     
    Certifications: MCP, A+, Network+
    WIP: Clarity
  6. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    Excuse me while I say this - but does a photocopy of a written signature have any validity? A JPEG of one is essentialy the same thing as a photocopy!

    In the digital world what is termed a 'signature' bears no relation to the written thing. It is a digital 'lump' where the origin is reasonably guaranteed - and this is done normally with PKI.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+

Share This Page

Loading...