So, something pretty historic is going to happen today. President Clinton is going to sign a bill that gives digital signatures the same legal weight as written signatures. This law has been a long time in coming, and I think it makes perfect sense. The big question I have is how the signatures will be verified. In the PGP world, a Web of trust model is used, in the commercial world, certificate authorities are used to verify the identities of people using digital signatures. My question is, does this mean we’ll have to give money to (sleazy) VeriSign in order to digitally sign contracts and other legally binding documents? If so, hopefully this will lead to more competition in the certificate market. Right now, there’s virtually none.