Signatures, it was all so simple back then.
In the good old days, one would sign a document of some importance, affidavit, employment letter, wedding licence on a piece of paper. That would prove your agreement and elucidations of the contents of that document. For occasions of some importance a witness, or a notary was brought into verify that you had signed the document and for items
that required business or contractual obligations this could be held up in a court of law. How a judge could establish whether that was your signature remains an object of some conjecture as most times the court would not have anything to compare it with. Any old scrawl would do if you had written it quickly or weren’t feeling that well.
Digital signatures, how how they work for data protection?
The issue when it comes to the digital realm, an item can be made into an exact copy which makes it difficult to verify or authenticate as unique.
This scenario eventually leads to adoption of verifying the identity of a sender with a “digital signature”. Since writing on a computer monitor wasn’t particularly effective, they came up with a different idea. To verify communications between two entities in this new digital world a new witness/notary service had to be devised. Thus, the invention of digital certificates and certificate authorities to administer the relationships (this can be done internally or by a third party). So, if two entities wish to communicate with each other they can register a digital certificate or key that then can be shared amongst communications between them.
Associating a digital signature with a message.
When a sender wishes to communicate with the trusted receiver then a one-way tag is associated with the correspondence that the receiver’s system will recognise and approve. If the there is any change in the message while in transit, then the tag will change in nature not match the receiver’s details. The correspondence could be highlighted and/or be rejected. This does not encrypt the message only the related tag. This meta tags would be imbedded into the communication through a system of unique public keys which not only verify who the sender is but also guarantees that the message has not been tampered with. If the details for the sender match the library of trusted souls on their database, then the message is delivered. If everything goes successfully then the sender cannot deny the contents the contents of the message. The central entity that administers these relationships, if they no longer are in existence or an employee details are changed these can be updated. Certificates also have a used by date and other limitations can put upon their delivery.
Thus, a level of trust is associated between the two or more entities.