If digital signatures are to replace handwritten signatures they must have
the same legal status as handwritten signatures, i.e., documents signed
with digital signatures must be legally binding. NIST has stated that its
proposed Digital Signature Standard (see Question 3.6.8) should be
capable of ``proving to a third party that data was actually signed by the
generator of the signature.'' Furthermore, U.S. federal government purchase
orders will be signed by any such standard; this implies that the
government will support the legal authority of digital signatures in the
courts. Some preliminary legal research has also resulted in the opinion
that digital signatures would meet the requirements of legally binding
signatures for most purposes, including commercial use as defined in the
Uniform Commercial Code (UCC). A GAO (Government Accounting Office)
decision requested by NIST also opines that digital signatures will meet
the legal standards of handwritten signatures.
However, since the validity of documents with digital signatures has
never been challenged in court, their legal status is not yet
well-defined. Through such challenges, the courts will issue rulings
that collectively define which digital signature methods, key sizes,
and security precautions are acceptable for a digital signature to be
legally binding.
Digital signatures have the potential to possess greater legal
authority than handwritten signatures. If a ten-page contract is signed
by hand on the tenth page, one cannot be sure that the first nine pages
have not been altered. If the contract was signed by digital
signatures, however, a third party can verify that not one byte of the
contract has been altered.
Currently, if two people wish to digitally sign a series of contracts, they may wish to first sign a paper contract in which they agree to be bound in the future by any contracts digitally signed by them with a given signature method and minimum key size.