Join  |  Login  |   Cart    

Notary Rotary
Welcome to Notary RotaryFind a NotaryNotary ForumBecome a Notary and Find Notary ClassesNotary InsuranceNotary SuppliesNotary Resources 
 
if anyone understands and can explain this...
Notary Discussion History
 
if anyone understands and can explain this...
Go Back to December, 2005 Index
 
 

Posted by Charm_AL on 12/7/05 2:42pm
Msg #80987

if anyone understands and can explain this...

I'll buy you a spiked egg nog.

http://www.thawte.com/secure-email/web-of-trust-wot/index.html

Reply by PAW_Fl on 12/7/05 2:51pm
Msg #80988

It's a security process to protect digital documents, including readable documents, computer programs, emails, etc. I don't have the time to go through the whole thing right now as I'm getting to head out for my afternoon/evening signings. But, if you still have questions, post them and I'll see if I can provide answers for you tomorrow. Of course, there are other computer savvy gurus here that should be able to answer it as well.

Reply by Gerry_VT on 12/7/05 4:05pm
Msg #80994

If you have a digital certificate, you can encrypt your e-mail, your Word documents, and some other computer information. You can use the very same digital certificate to digitally sign many kinds of computer information. The issue is, how does the person who receives the information know that it really came from you?

There are a few ways to go about this. One way is to create your own certificate, put it on a floppy, and hand-carry it to the person that wants the document, and tell them it is yours. This works great, but those plane tickets can get expensive. Another way is to go to the web site of a company like VeriSign. For a cheaper certificate, you pay them around $20 a year, they do a credit check, and issue the certificate, which gets stored on the computer. Whenever you digitally sign something, the person receives it can be kinda sure it came from Charm, after all, VeriSign did a credit check. For a higher fee, you can get a certificate that involves filling out a paper form, getting it notarized, and sending it in to VeriSign. The recipient of your message can feel a bit more secure, since your ID was checked by a notary, compared to the cheap certificate, where no representative of VeriSign ever laid eyes on you.

Finally, there is the Thawte Web of Trust. This service is free. At the least secure level, they will issue a certificate that has no name in it, just an e-mail address and the phrase Thawte Freemail Member. Then next level up, you find several members of the web to present your ID to, and they do an on-line form to vouch for you. Once between 2 and 5 people vouch for you, you can get your name in your certificate. If you keep going, and get between 3 and 10 people to vouch for you, you can start to vouch for newbies.

Thawte has made a very unfortunate choice of words. They call their ID volunteers "Thawte Notaries", even they are not (except by coincidence) notaries public. I suppose there is a precident for private notaries; the Catholic Church has notaries who are not necessarily notaries public; they only notarize church documents.

Reply by Charm_AL on 12/7/05 4:15pm
Msg #80995

Thanks Gerry, so how does this affect one of us as a notary public? If a company in the future wants to do electronic sigs, is this something I need? I just don't understand the concept of their "Thawte notaries. I know very little about enjoa, other than that e sigs are going/trying to be a future thing and the NNA is pushing it.

Reply by Gerry_VT on 12/7/05 4:53pm
Msg #80999

There are a few standard formats for digital certificates, so general purpose software like Outlook or Word can work with digital certificates from just about any vendor. If I understand the federal E-sign bill correctly (and that's a big if) I could do digital notarization today, even though the Vermont SOS has not done anything about digital notarization. The signer would show up in person with a Word document on his computer, including the acknowledgement wording with everything filled in perfectly, We would both look it over, the signer would sign it on his computer with his digital certificate, and sent it to me. I'd sign it with my digital certificate, and it would be done.

The big issue is who would want such a document. I don't know of a single land record office that would be prepared to record it. Big banks, title companies, etc., would probably not want to touch it unless it was part of their carefully controlled pilot program. The fact is that small private parties who would be flexible enough to consider such a document probably wouldn't be interested in having the document notarized in the first place.

Enjoa seems to be trying to create a closed system, like a video game where you can only buy games from companies that are in league with the manufacturer. Maybe it will work, maybe they will be overwhelmed by a system that is open to all, or maybe digital notarization will never take off. I don't know.

Reply by Charm_AL on 12/7/05 5:01pm
Msg #81001

Thanks so much for taking the time to explain this. I appreciate it!
Where would you like your spiked egg nog sent? Smiley

Reply by Dave_CA on 12/7/05 5:19pm
Msg #81004

What they are talking about is a Public Key Infrastructure (PKI).
This allows for very secure transfer of information and digital signatures.
In fact if the encryption key is long enough even the NSA would not be able to break it. Well, probably not be able to break it. As little as 7 or 8 years ago a US company could not export "strong encryption" (56-64Kb keys) without the same type of government license as that need to export munitions.
This has since changed as many other countries were providing strong encryption without these restrictions and you now see 128Kb encryption in Internet Explorer and it is regularly used for secure SSL transactions.
Public Key cryptography was developed to solve the problem of having to deliver the encryption keys to each party needing the information and to do so securely. Picture thousands of trusted couriers delivering the new keys to all the Citi Bank locations around the world on a regular basis. This is because even a strong key can be broken with enough computer power and time. Now multiply this by all the financial and other networks that need to be secure and you will begin to see the magnitude of the problem.

Here is a better description of Public Key Cryptology.

A cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the recipient of the message. When John wants to send a secure message to Jane, he uses Jane's public key to encrypt the message. Jane then uses her private key to decrypt it.
An important element to the public key system is that the public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. Moreover, it is virtually impossible to deduce the private key if you know the public key.

Public-key systems, such as Pretty Good Privacy (PGP), are becoming popular for transmitting information via the Internet. They are extremely secure and relatively simple to use. The only difficulty with public-key systems is that you need to know the recipient's public key to encrypt a message for him or her. What's needed, therefore, is a global registry of public keys, which is one of the promises of the new LDAP technology.

Public key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman. For this reason, it is sometime called Diffie-Hellman encryption. It is also called asymmetric encryption because it uses two keys instead of one key (symmetric encryption).

Now, if you are still awake after more than you probably wanted to know about this, I don't see our business being impacted by this anytime soon. Digital signatures, secure document transmission and PKI all exist today but for the Federal government and ALL the States to agree on how this will be implemented and then all the lenders, title companies, County Recorders and other parties to sign up... Not in my planning horizon.




Reply by Charm_AL on 12/7/05 5:24pm
Msg #81007

Thanks Dave, I appreciate it, just trying to stay on step with new technology concerning our industry. BTW: nice to see you - where ya been lately?

I'm relating this scenario to the bank safe deposit boxes, where you and they each have a key and most have both to open.


Reply by Gerry_VT on 12/7/05 6:10pm
Msg #81018

Think of a bank night depository. Hundreds of businessmen in the area have the key to open the depository and put money in, but they can't steal each other's money, because only the bank has the key to take stuff out.

Reply by BrendaTx on 12/7/05 6:39pm
Msg #81027

And, here I thought it was how to play Dungeons and Dragons.


Reply by Mitch_MD on 12/7/05 8:19pm
Msg #81051

Just another take on what has already been produced by PGP (Pretty Good Privacy - http://www.pgp.com/), a public key encryption system.


 
Find a Notary  Notary Supplies  Terms  Privacy Statement  Help/FAQ  About  Contact Us  Archive  NRI Insurance Services
 
Notary Rotary® is a trademark of Notary Rotary, Inc. Copyright © 2002-2013, Notary Rotary, Inc.  All rights reserved.
500 New York Ave, Des Moines, IA 50313.