I hear people imply that signing data is equivalent to proving they authored the data they're signing (ie "I own the data"). This is subtly wrong. Signing data proves:
  • you had the private key that signed the data in your possession
  • you had the data that you signed in your possession
It doesn't prove:
  • you authored the data
  • you "own" the data
Ownership of data is a weird concept to begin with. At most data ownership means you possess the data and maybe in some ethical or legal sense means you have a right to possess it. Digital signatures don't enhance the meaning of data ownership. I think when people say "I own the data" when they've signed the data but it's not in their physical possession, they mostly mean "I can prove I authored this data," but a digital signature only affords "I own the means of authenticating that I once possessed this data."
Proving authorship of data requires more than signing it. The way we prove we authored something is by demonstrating it was in our possession before anyone else. So if we wish to prove our authorship of data, not merely prove that we once possessed it, we need to both sign the data and timestamp the signature in an unforgeable way.
2020 sats \ 1 reply \ @pillar 8 Sep
Opentimestamps could be a complementary tool to achieve this.
Pattern would be:
  • You author the "work", whatever that is.
  • You sign it.
  • You use opentimestamps to prove the existence of the signature at some point in time.
  • You release the "work" out there.
Since you have that proof, and nobody else can provide one earlier than yours, you kind of have a case for having laid your eyes on the "work" before anyone else, which is a strong argument in demonstrating authoring.
From what I've read, intellectual property protection is one of the strong use cases in trad-legal areas for Opentimestamps.
reply
401 sats \ 0 replies \ @k00b OP 8 Sep
Yep 100%.
reply
141 sats \ 0 replies \ @jgbtc 9 Sep
I think of it more like "I approve this message" than authorship. So if you know a particular public key belongs to someone, and they sign some data with the corresponding private key, they are basically saying "I attest this data is authentic/true/accurate/etc". It's highly contextual really. But you're right, nothing to do with authorship or ownership.
reply
I would add to this that signing data on the blockchain also time stamps the data. This is the crucial aspect because if there is a dispute about ownership or authorship, the time stamp provides objective evidence as to first objectively verifiable usage of the data.
On a second read, I think I am repeating your last sentence...
reply
Isn't it much similar to copyright ©️? If you've authored or produced something, you must hold it before anyone else does?
reply
I think copyright means to have the right to distribute copies but the ownership remains with the producer.
reply
I'm sorry that's not correct. You actually gotta read this -
Copyright is a type of intellectual property that protects original works of authorship as soon as an author fixes the work in a tangible form of expression. In copyright law, there are a lot of different types of works, including paintings, photographs, illustrations, musical compositions, sound recordings, computer programs, books, poems, blog posts, movies, architectural works, plays, and so much more! https://www.copyright.gov/what-is-copyright/
reply
Thank you so much sir! I was wrong and accept I didn't bother to look for the meaning of it. I just guessed for the word ad copy + right.
reply
It's alright. It happens with everyone.
reply
41 sats \ 1 reply \ @k00b OP 8 Sep
I'm not too familiar with copyright, but most ownership schemes depend on being able to demonstrate you possessed it first.
reply
Computer programmes are also included in copyright. Copyright does mean authorship as soon as an author fixes the work in a tangible form of expression.
reply
Dear @k00b, I just napped reading your post and comments and this happened.😇
reply
30 sats \ 1 reply \ @ek 8 Sep
Maybe people got confused because of ScriptSig in bitcoin
reply
I think this does confuse bitcoiners a lot because we take bitcoin's timestamps for granted and assume signatures alone are what's proving our ownership.
reply
41 sats \ 0 replies \ @Golu 9 Sep
The only authorship of data means that you hold it before anyone else does and you need to prove it.
reply
120 sats \ 1 reply \ @k00b OP 8 Sep
Another thing I think people might mean when they say "I own the data" when they've only signed the data is that others can't "own" the data. But, they can.
The singular important thing that digital signatures provide wrt to data ownership is the ability to say "I own the means of authenticating my possession and intent to sign this data."
reply
In my mind signing is identity.
if you sign a post you are saying the person who knows the secret to this public key posted this.
If we think about a repost or a retweet, signing it would by a way of endorsing it or proving that a certain person wanted to spread the info contained in the post.
When it comes to self referential data (like a will or a contract) signing makes a lot of sense and almost matches up with what seems to be the normie understanding of it.
With creative data (writing, thoughts, art) it probably isn't as useful. But then, the idea of needing to sign art has always been a little funny anyway.
reply
reply
For nostr? Yep!
reply
Yes a possible solution (is missed typing that word) As this topic was posted in the Nostr territory I assumed your concern was applied to signed events with Nostr
reply
It was, sort of. I knew about that nip. This was more philosophical.
reply
That's a dark truth that we don't own our private data
reply
I don’t know what that means and to the extent that it means anything it’s a non sequitur.
reply
Is this how NFTs operate?
reply
NFT's does not work that way. Most of the media associated with NFT's (images, texts) are in Web 2.0 although the token is in Web 3.0. NFTs is technically just a variable in a smart contract. Yes it may require your wallet signature but most of NFT's are components that can only be reconstituted from different modes of the web.
reply