According to government publications that I've read, the term 'electronic signature' is broader than 'digital signature.' These sources say that digital signatures are just one type of electronic signature. To quote the National Archives and Records Administration Web site:
"Electronic signature: A technologically neutral term indicating various methods of signing an electronic message that (a) identify and authenticate a particular person as source of the electronic message; and (b) indicate such person's approval of the information contained in the electronic message (definition from GPEA, Pub.L. 105-277)."
Examples of electronic signature technologies include PINs, user identifications and passwords, digital signatures, digitized signatures and hardware and biometric tokens.
This seems to be in conflict with Mr. Avolio's definition. Comments?
I won't argue with any government definition. If one has to use their definitions (in some industry, for example), then by all means use them. It completely strips the importance of the word "signature" in the term "electronic signature." It is like saying an 'X' on a document (written by someone who cannot sign his own name) is his signature. It is not. Neither is a user name and password a signature. If that is the "official" definition of electronic signature, they should have called it "electronic authentication" or "electronic identification." But it does sound very much like a government created definition.
Ask the Expert: The difference between electronic and digital signatures
Ask the Expert: What is a digital signature?
Executive Security Briefing: It's a matter of trust: Digital certificates and e-signatures