I'm not sure it's a strategic decision not to implement that. I think it's just that digital signatures are complicated and normally unnecessary, so 99.9% of users wouldn't find that feature valuable and are not requesting it. I mean, did you care or have any use case for it before this project? I doubt it. I've never needed digitally signed statements from my bank because normally I don't share them with anyone.
If it was brainless and on by default, I don't see why a bank would explicitly disable a TLS extension to let you sign a session hash.
Yep, as I say, conjecture on my part, and you have a good point about defaults. I can't remember if dansmith or I ever looked into that in the end.
As to strategic or not: Yes, it
could simply be that nobody ever asks for it. But there is an obvious use case - it is very common for certain organisations (sometimes governmental, sometimes not) to ask for proof of income or "means". I had such a case myself only a couple of months back. I printed a copy of my bank statement off the internet. It proved, of course, nothing, but they accepted it.
It's not like banks routinely say, "We didn't send that" about paper statements even when they did.
No, they wouldn't do that of course in practice, but the point is whether a statement stands up in court. Take a look at typical internet banking TOS (from what I've seen it varies a lot). There is absolutely no reason for them to create terms of service that create any liability for a bank if they don't have to. Frankly, if they did create such liabilities willingly, without any external or market pressure to do so, they should fire their lawyers
Here is an excerpt from one such TOS (I chose at random Lloyds TSB in the UK):
You are responsible for checking statements, text
messages or other account information we give
you. If you tell us about any errors on your account,
or if we notice any errors, we will correct them as
soon as reasonably possible.
This is actually even worse than I thought, they are disclaiming
any responsibility to give accurate information under any circumstances. This, by the way, is typical of the ridiculously lopsided service agreements one has to enter into with banks.
Under these circumstances it theoretically wouldn't even help to have digital sigs! What's the point of signing something you don't stand behind? Of course in practice people would not worry about such details. The point is, from the point of view of lawyers, I think they would be strongly against it.
(Of course in all this I am ignoring the fact that banks view Bitcoin like leprosy, it's too obvious to mention).