I've just been reminded of Stefan's post that Microsoft are looking at blinded signatures. To add to that, I've heard related rumours. Firstly, that they are planning to introduce some sort of generic blinding signature technology in the (northern) summer browser release ("Longhorn"). That is, your IE will be capable of signing for you when you visit your bank.
Now, anyone who's followed the travails and architectural twists and turns of the Ricardian contract - with its very complete and proven signature concepts - will appreciate that this is a hard problem. You don't just grab a cert, open a document, slap a sig on it and send it off. Doing any sort of affirming signature - one where the user or company is taking on a committment or a contract - is a serious multi-disciplinary undertaking that really challenges our FC neurons to the full. Add that to Microsoft's penchant for throwing any old tech into a box, putting shiny paint on it and calling it innovation, and I fear the worst.
We shall see. Secondly, buried in another area (discipline?) totally, there is yet another set of rumours in interesting counterpoint. It appears that Microsoft is under the bright lights of the Attornies General of the US of A over spyware, malware, and matters general in security. (Maybe phishing, I wasn't able to tie that one down.) And this time, they have the goods - it appears that not only is Microsoft shipping insecure software, which we all knew anyway, but they are deliberately leaving back doors in for future marketing purposes, and have been caught in the act.
Well, you know how these rumours are - everyone loves to poke fun at big guy. So probably best to write this lot down as scurrillous and woefully off the mark. Or I hope so. I fail to see how Microsoft are ever going to win back the confidence of the public if they ship signing tech with an OS full of backdoors. What do we want to sign today?
Addendum: El Reg pointed at this amusing blog where Microsoft easily forgets what platforms out there are being hacked.
Posted by iang at May 12, 2005 06:59 PM | TrackBackKeep in mind that a blind signature is not very similar to regular signatures. You don't just "slap a sig" on a document when dealing with a blind signature. Rather, a blind signature is more of a mathematical building block used in crypto protocols. It has specific mathematical properties that make it useful in certain anonymity applications. But it's not really very signature-like.
For one thing, the content of what is blindsigned is largely irrelevant. Normally with sigantures we say, be sure you know what you are signing. But with blindsigs that isn't the case. It doesn't matter what you're signing, because you can't see what you're signing. All the semantics have to be in the pure existence of the signature itself, with the content of what is signed largely irrelevant (except for detecting replays and existential forgeries, etc.).
So it's really a different beast, and the difficulties you have faced merging contracts with signatures don't necessarily apply. They could use blindsigs for anonymous cookies or some such thing and it could be a generally simple and straightforward use of the technology.
Of course, if Microsoft is doing financial stuff they will eventually have to address issues of contract semantics, but they won't be related specifically to the blind signatures, rather it will be part of the larger system that uses the blindsigs as one piece.
Posted by: Cypherpunk at May 17, 2005 05:39 PM