ID Number: G00219063



Electronic Signature: Is It Safe to Break the Rules Yet?
19 December 2011
 
Robin Wilton  

After a decade of deployment experience, the time has come to re-evaluate some core assumptions about how and when to use electronic signatures. Relying on public-key infrastructure (PKI)-based technology has its risks and drawbacks, but those risks can be reduced and managed, and some of the drawbacks can be overcome by the judicious use of alternative technologies and specialist service providers. Two of the dominant technologies of recent years -- mobile devices and cloud-based services -- can be exploited to materially change the picture and should prompt organizations to check whether their current thinking about electronic signature is still valid.





*
Unavailable for individual purchase
For information on how to gain access to this and other documents,
click here.








Document History







Contact Gartner




For information on how to gain access to this and other documents, click here.
 You or your organization may already own this document. Register now to find out. Your Gartner Membership Administrator can supply the needed License Key(s).
You will not lose your document during registration.
Sign in here:
Username:

Password:
Forgot your username
or password?







This document is not available as part of your current Gartner subscription. For pricing and availability of the full document, please contact your Gartner account representative. Your account representative can also give you more information about your current subscription and other access options that may be available to you. If you do not have a Gartner account representative, call +1 203 316 1200 for assistance.

Table of Contents

Contents
  • Summary of Findings
  • Analysis
    • Section 1: The Rules Have Changed
      • Legislative Principles
      • General Risk Analysis
      • Impact and Cost Analysis
      • Root Compromises Spread Down a PKI Hierarchy
      • Root Compromises May Also Spread "Sideways" Within a PKI Hierarchy
      • Long-Term Effect on the Verification of Digital Signatures
      • "Trusted Root" Lists on User Devices
      • Increased Risk of Denial of Service
      • PKI Strategy Implications
    • Initial Assumptions Revisited
    • Section 2: Learning From Deployment Experience
      • Analysis Using the "Wedge" Model
    • Section 3: Decision Factors in Electronic Signature Deployment
      • Decoupling Authentication From Signing
      • Relocating the Signature Function
      • Mobile Devices as an Electronic Signature Platform
    • Gartner Definitions
  • Recommendations
  • Recommended Reading
  • Notes




Document History:
 
Electronic Signature: Is It Safe to Break the Rules Yet?
19 December 2011
  
Electronic Signatures: Solutions Maturing as Regulatory Deadlines Loom
5 March 2003
  




© 2011 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.




Resource Id: 1879716