Editing Digital signature (section)

==The current state of use – legal and practical==
{{Hatnote|For International uses, see [[Electronic signatures and law]]}}
Most digital signature schemes share the following goals regardless of cryptographic theory or legal provision:

# Quality algorithms: Some public-key algorithms are known to be insecure, as practical attacks against them have been discovered.
# 
# Quality implementations: An implementation of a good algorithm (or [[cryptographic protocol|protocol]]) with mistake(s) will not work.
# 
# Users (and their software) must carry out the signature protocol properly.
# 
# The private key must remain private: If the private key becomes known to any other party, that party can produce ''perfect'' digital signatures of anything.
# 
# The public key owner must be verifiable: A public key associated with Bob actually came from Bob. This is commonly done using a [[public key infrastructure]] (PKI) and the public key↔user association is attested by the operator of the PKI (called a [[certificate authority]]). For 'open' PKIs in which anyone can request such an attestation (universally embodied in a cryptographically protected [[public key certificate]]), the possibility of mistaken attestation is non-trivial. Commercial PKI operators have suffered several publicly known problems. Such mistakes could lead to falsely signed, and thus wrongly attributed, documents. 'Closed' PKI systems are more expensive, but less easily subverted in this way.

Only if all of these conditions are met will a digital signature actually be any evidence of who sent the message, and therefore of their assent to its contents. Legal enactment cannot change this reality of the existing engineering possibilities, though some such have not reflected this actuality.

Legislatures, being importuned by businesses expecting to profit from operating a PKI, or by the technological avant-garde advocating new solutions to old problems, have enacted statutes and/or regulations in many jurisdictions authorizing, endorsing, encouraging, or permitting digital signatures and providing for (or limiting) their legal effect. The first appears to have been in [[Utah]] in the United States, followed closely by the states [[Massachusetts]] and [[California]]. Other countries have also passed statutes or issued regulations in this area as well and the UN has had an active model law project for some time. These enactments (or proposed enactments) vary from place to place, have typically embodied expectations at variance (optimistically or pessimistically) with the state of the underlying cryptographic engineering, and have had the net effect of confusing potential users and specifiers, nearly all of whom are not cryptographically knowledgeable.

Adoption of technical standards for digital signatures have lagged behind much of the legislation, delaying a more or less unified engineering position on [[interoperability]], [[algorithm]] choice, [[key length]]s, and so on what the engineering is attempting to provide.

{{See also|ABA digital signature guidelines}}