After almost three years of work, the Information Security Committee of the
American Bar Association, EDI and Information Technology Division, Science and
Technology Section has released the first public draft of an important document
entitled "Digital Signature Guidelines" (DSG). The ABA/Information Security
Committee is soliciting comments from the public by November 30th.
The DSG can be found at http://www.intermarket.com/ecl and has versions
available to download in wp5.1, wp6.0, Word, text, and should have versions
available in Postscript and HTML shortly, if not already.
The DSG is over 100 pages long, and contains a 14 page tutorial on signatures
and the law, how digital signature technology works, public key certificates,
and challenges and opportunities. The Guidelines themselves provide 30 pages of
technical/legal definitions, followed by a discussion of General Principles (2
pages), Certification Authorities and their rights and duties (15 pages),
Subscribers (users who are issued a certificate) and their rights and duties (3
pages), and Relying on Digital Signatures (10 pages). The text is extensively
commented and footnoted.
The intended audience includes jurists and attorneys who may be involved in
litigation and/or providing advice to people contemplating the use of digital
signatures in electronic commerce and other fields, legislators and staff who
are in the process of developing digital signature legislation in more than 20
states, technologists who are developing the standards and writing the systems
necessary to provide both the public key infrastructure and the necessary
applications, and notaries public and CyberNotaries in both the English common
law and the Roman civil law traditions in different countries who may be
involved in international EDI and similar transactions involving digital
signatures for very large transactions.
The Information Security Committee is chaired by Michael Baum. Some of the
members who contributed to the document from time to time included practicing
attorneys from some very prestigious law firms, the Social Security
Administration, the US Postal Service, and various corporations; a
representative from the US Department of State for International Law; an
Administrative Law Judge; the Assistant Utah Attorney General; the President of
the International Union of Latin Notaries and a number of well-respected
technologists including Richard Ankey, Warwick Ford, Yair Frankel, Russ
Housley, Steve Kent, Hoyt Kesterson, Stan Kurzban, Sead Muftic, Frank Sudia,
and myself, plus others whom I may have overlooked. Although developed under
the auspices of the ABA, perhaps a third of the participants were from outside
the US, including Canada, Mexico, Puerto Rico, the United Kingdom, Belgium,
France, Italy, and Sweden, and the intent was that the document be broadly
applicable to other legal systems as well.
Because I expect that many of the comments from people on these lists may be in
the form of questions, I will attempt to answer such questions within my
ability and schedule. I would suggest that unless there are specific items that
apply only to the ietf-pkix, ietf-payments, or e-payment list that comments and
discussion of a general nature be posted to pem-dev(_at_)tis(_dot_)com(_dot_) I
will attempt to
digest the relevant comments and forward them to the rest of the ISC.
If you would prefer that your comments be restricted to the ISC and not
responded to or included in the digest of public comments, please indicate that
in the message.
If you have comments of a more general or legal nature, feel free to post them
to the "official" comment list, which is <abaisc(_at_)intermarket(_dot_)com>.
It is not my
intent to filter or otherwise restrict comments by volunteering to try to
answer questions from these groups -- I'm only trying to expedite the process.
Bob
Robert R. Jueneman
Staff Scientist
GTE Laboratories
1-617-466-2820 Office
1-508-264-0485 Telecommuting