[Cryptography] Proposal of a fair contract signing protocol

Ray Dillinger bear at sonic.net
Tue Jun 14 02:02:30 EDT 2016

On 06/13/2016 02:43 PM, Allen wrote:
>> At any moment, both correspondents have a complete record of everything
>> the other has acknowledged "on the record"
> Alice signs the contract and sends it to Bob for his signature.  A few
> months later, Bob claims he signed the contract and returned it the same
> day.  How do you propose proving the time that Bob signed the contract, if
> his email client can simply forge the time sent header, and Alice's can
> simply forge the time received, or forge the unacknowledged messages saying
> "Hey, where's the signed contract?"

If Bob has not made some response to the contract, then there is no
reason to believe that he received it.  If he has sent anything else
to Alice in the meantime not including the contract in the Merkle
root, Alice knows he's not claiming to have received it and can
resend.  If Alice has sent anything else to Bob in the meantime,
he cannot respond to it without going on record as having received
or not received the contract.

Anyway, until he's gone on record as having received the contract,
the correspondence stops.  Likewise, until Alice has gone on record
as having received the *signed* contract, there's no reason to
believe she received it.  Until she goes on record as having received
or not received the signed contract, correspondence ceases.

In practice, I'd expect follow-up confirmation messages to be part
of the protocol, and if it takes more than an hour or so for either
party to acknowledge the receipt of the contract or the signed
contract, consider it inoperative.  Bob who didn't get Alice's
ack on the signed contract has no contract.  Alice who didn't get
Bob's ack on the contract itself has no contract.  There is no
infinite regress because neither needs an ack on the other's ack.

And there is certainly no coming back a month later and claiming
Bob believed he had a contract when he can't produce Alice's ack
for that signed contract.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160613/6ceb1784/attachment.sig>

More information about the cryptography mailing list