Technical and Legal Meaning of ``Sole Control'' 
                  -- Towards Verifiability in Signing Systems 
                  
             P. Blaskiewicz, L. Krzywiecki, P. Kubiak, M.Kutylwoski,  
                        Wroclaw University of Technology
                           W. Paluszynski , M. Tabor
                         Trusted Information Consulting

One of the fundamental ideas of the framework of electronic signatures  defined in 
EU Directive  1999/93/WE is ``sole control'' over signature creation data. 
For a long time ``sole control''  was understood as  using  black-box devices for which 
a certain third party has issued a certificate, whereas the signer was supposed to trust 
blindly the authorities and certification bodies. This has been claimed as the only 
feasible solution.    

Recent advances in technology and development of verifiable systems show that it is possible 
to provide systems such that the signer has much more control over the signing process and can 
really maintain control over the signature creation data. The main idea is that  breaches 
in the system cannot be excluded but if they occur, then the signer can provide an evidence 
of a fraud of a third party. 

keywords: 
electronic signature, secure signature creation device, qualified  signature, 
mediated signatures, end-to-end verifiability

to appear in proceedings of LIT 2011
4rd Workshop on Legal Informatics and Legal Information Technology