Picture this: On July 1, 2019, I perform an enotarization of a deed in Essex, VT, including an image of my "official stamp" as defined in Vermont Act 160. We'll imagine that the Town of Essex, VT, home of a large semiconductor plant an very tech savvy, has enabled advanced land record recording, and on July 30, 2019, an exact copy of the deed is available to the general public.
On September 1 a Russian hacker goes to the Essex land records site and makes a perfect copy of my official stamp. They put it on a fake edocument, Now they want to digitally sign the fake document. To do that, they need my secret key, but that's locked in my safe. So they will have to use a different digital certificate that doesn't really belong to me. They would have to deceive, or bribe, a certification authority to issue a new digital certificate in my name.
This is why, in the digital world, something that looks like a traditional seal is merely a decoration and has no security value (whether the state legislators and rulemakers are intelligent enough to realize it or not). |