Date: prev next · Thread: first prev next last
2015 Archives by date, by thread · List index


Hello,

Thanks for your thoughtful reply!

I agree the best option is to use a propoer digital signature. When
properly done, it might be even more secure than a handwritten
signature?

Interesting point about the Creative Commons license, do you have
examples of how it's used in a real-world case?

Thanks!

On 11/09/2015, Tom Davies <tomcecf@gmail.com> wrote:
Hi :)
I think Steve is referring to "electronic signatures" rather than something
resembling and pen&ink type scrawl.  I've not looked into this as most
office workers i've ever known would be completely baffled by it and not
trust it despite it being much more secure and trustworthy.

Another way that seems quite common these days is to print-out the
document, sign it with pen&ink properly and then scan the document back
into the computer.  However there are numerous security and other problems
with this approach too!

Something i might consider, because it's highly user-friendly, is to treat
the document as a piece of "electronic art" and use a Creative Commons
License generated for that one specific document.  It is easily possible to
create a Creative Commons License to cover all the various documents you
might want to "sign", just as a signal signatures can be added to multiple
different documents, but that gets back to the same security issue of just
about anyone being able to copy&paste it onto anything they like.

http://creativecommons.org/choose/

The Creative Commons route is not ideal as it's not what their licenses
were designed for but it might work.  Probably have to upload the document
somewhere in order to have a "Source URL"/weblink for the document.  The
drop-down at the bottom can be changed to an "off-line" mark to paste into
the document.


Part of the problem is that people want to do a visual quick comparison
between your signature on this and then compare that to another copy of
your signature that they do have complete trust in having been done by you
- just as passwords need to be compared against whatever you registered
your password as for that purpose.  The problem is that such things can be
accessed and maybe even decrypted given enough time and processing power.
Retinal scans and finger-prints are just jpegs (or pngs or whatever other
image format) so in a few years time i'm sure we will all be "shocked" to
discover that they are no more secure than current systems.  At the moment
they are just new and therefore criminals might need a bit of time to
catch-up but there is a good chance that many are already ahead of the game
anyway.


I think the best option is to create a proper digital signature and have
that alongside (or elsewhere near) the copy of the pen&ink signature.

Good luck!
Regards from
Tom :)


On 11 September 2015 at 09:10, avamk <avkaplmkt@gmail.com> wrote:

Good idea, I should really start using different signatures for
different things. I'll probably need a "signature" manager just like a
password manager to help me keep track of all those signatures!

On 11/09/2015, steveedmonds [via Document Foundation Mail Archive]
<ml-node+s969070n4160008h71@n3.nabble.com> wrote:

In some respects your signature was safer on a piece of paper in the
filing cabinet.
I have a different signature I use on electronic documents, not the
same
as the one at the bank or the lawyer.
It's still me signing it (statement of CE conformity, drawings, etc.)
but no one can get my money with it.
steve

On 11/09/15 7:46 am, avamk wrote:
That's true!! I guess it doesn't really matter how I try to secure the
document if the receiver will see it on their screen, oh well. Thank
you for the reminder!

Encryption is helpful though to ensure that at least only my intended
recipient will see the file.

On 10/09/2015, steveedmonds [via Document Foundation Mail Archive]
<ml-node+s969070n4159969h62@n3.nabble.com> wrote:
On 2015-09-11 03:06, avamk wrote:
Hello,

I think this is a rather outdated procedure, but I've come across
cases
where I am required to include a scanned image of my handwritten
signature
in a word processing document to "sign" it. Just to be clear, I am
not
talking about signing with a certificate, but rather an image of a
handwritten signature inserted into the document.

I am always scared of doing this, because what if an adversarial
entity
gets
ahold of the document and starts using my signature for nefarious
purposes??? So, is there a way to make this document (say, a .odt or
.docx
file) more secure that problem won't happen? Ideally I'd like to
minimise
complications/troubles when the receiver opens the file.

Thank you!
Anyone who can view the document can take a screen snap (clip) of
your
signature image and use it as they like. The security issue is more
likely uncontrollable at the receivers end.
Are you suggesting something like a pass phrase required to open and
view a document, you can do this by just encrypting the file and
emailing with something like Enigmail.
Steve



--
View this message in context:

http://nabble.documentfoundation.org/Strategies-for-securing-a-document-with-an-embedded-picture-of-signature-tp4159938p4159970.html
Sent from the Users mailing list archive at Nabble.com.


--
To unsubscribe e-mail to: users+unsubscribe@global.libreoffice.org
Problems?
http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more:
http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be
deleted





_______________________________________________
If you reply to this email, your message will be added to the
discussion
below:

http://nabble.documentfoundation.org/Strategies-for-securing-a-document-with-an-embedded-picture-of-signature-tp4159938p4160008.html

To unsubscribe from Strategies for securing a document with an embedded
picture of signature, visit

http://nabble.documentfoundation.org/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4159938&code=YXZrYXBsbWt0QGdtYWlsLmNvbXw0MTU5OTM4fC02MzM5MDA3MDg=




--
View this message in context:
http://nabble.documentfoundation.org/Strategies-for-securing-a-document-with-an-embedded-picture-of-signature-tp4159938p4160012.html
Sent from the Users mailing list archive at Nabble.com.
--
To unsubscribe e-mail to: users+unsubscribe@global.libreoffice.org
Problems?
http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be
deleted




-- 
To unsubscribe e-mail to: users+unsubscribe@global.libreoffice.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be deleted

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.