The ABA s Digital Signature Guidelines An Imperfect Solution

The ABA’s Digital Signature Guidelines: An Imperfect Solution to Digital Signatures on the Internet By: Edward D. Kania

Need for Digital Signatures • To determine Authenticity of Signer • To provide assurance that the integrity of the document or message has not been compromised /altered • To identify parties responsibility/liability regarding legally enforceable contracts

American Bar Association ‘s Digital Signature Guidelines • Developed in 1996 to be used as a model in the adoption of federal and state digital signature laws • States such as Florida and Utah have adopted ABA’s Guidelines • May serve as a general framework for federal law

Possible solutions to provide assurance of integrity/authenticity • Encryption – Codes documents to be decoded by the recipient – recipient uses a public key to do this – the public key scheme enables the recipient to verify the integrity of the message (to ensure no alteration has taken place) – public keys are available to a number of people with out the use of a private key (used by one person) there is no way of verifying the signatory

Possible solutions to provide assurance of integrity/authenticity • Digital Signatures which requires the development of two cryptographic keys – Uses private and public keys – By using an algorithm referred to as the Hash Function which produces a unique representation of identity

How The Hash Function Solves Integrity/Authenticity Issue – Any change in either the private key or the text of the message results in a different “ hash result” – The “hash result is reversed when the public key is used to recreate the original message. Any altercation to the message will change the hash result which will prevent recreation of the message.

How The Hash Function Solves Integrity/Authenticity Issue (Continued) – If the message was forged (by use of a private key which does not correspond to the public key used to sign the message, the hash result will not work and the recipient will not be able to retrieve the message – With the use of the private key (only held by the signatory), and the use a public key by the recipient (which will allow the unaltered message to read), assurance of Integrity and authenticity is satisfied which can result in a legal binding agreement.

System of Authentication (Regulation of keys) • Certification Authorities – Responsible to investigate validity of certificate information – Responsible for the suspension or revocation of Certificate – Responsible for providing notification when certificate can no longer be relied upon.

“Reasonable” Reliance of Certification by Recipient • Recipient must have no knowledge that either the certificate subscriber nor the authority have breached any of the guidelines – Other Considerations include: • Past relations between subscriber and recipient • Value/importance of signed message/contract • Usage of trade/industry practices

Guidelines v. s. federal law • Guidelines do not adequately address the issue of key pair generation – allowances of generation of key pairs by by subscribers provided they use a trustworthy system. (multiple and incompatible generation) – Federal law should set explicit specific requirements • generation of key pairs by neutral third party • Life span of key pairs

XML and the Legal Foundations for Electronic Commerce: Interpretation and Standardization in Electronic Sales Contracts Clayton P. Gillette

Extensible Mark up Language (XML), Sales and Contract Issues • Facilitation of Contracting through the use of XML – will decrease search costs • associated with the search and identification of contracting parties • and by breaking down geographic barriers

Concerns • Widespread adoption of technology – Less Technological industries will not participate. – Need for Standards developed by groups or organizations and for promotion of wide usage • Network Externalities, Sunk Costs • Current Domestic Commercial law/implied terms, trade usage

Concerns (Continued) • Lock In – Experienced by HTML (predecessor of XML) – Result of Interdependent parties cannot easily collaborate to develop mutually agreeable standards – Most likely to occur during implementation Prevention of Lock In – Centralized decision making • W 3 C aiding adoption of XML

Possible Results of XML Adoption • Increased Globalization – Fear of major miscommunications regarding: • • different language interpretations different measurement standards common trade terms implied warranties

Possible Ways to Combat Misinterpretations • Groups working together to create global standards • Untied Nations (Convention on International Sale of Goods (CISG) – Consideration of International law – Provision that international contracting parties observe widely used trade customs

Possible Ways to Combat Misinterpretations – Trade Organizations • possibility of creation of specific XML documents for specific industries • Development of defined XML Protocols – Sufficiently centralized to address custom conflicts

XML and the Legal Foundations For Electronic Commerce: Legal XML and Standards for the Legal Industry Winchel Todd Vincent

Legal XML a Non profit Organization • Designed to develop technical Standards for legal documents and related applications – Global Members • • • United States Asia-Pacific Australia India Japan Europe

Scope of Legal XML • Determined by work groups – Groups currently working on: • • Contracts Wills Court Filings Judgments

Legal XML Goals • To form partnerships between legal and technical professions • To develop standards with an Over Inclusive and Optional attitude – with hopes that the ability to agree to disagree will aid in progression of adoption of standards

Change Management Element • Not yet fully developed – Due to lack of Standards, Implementation and Experience – Change Management hopes to allow standards to evolve – work includes developing ways to aid in the continued development of primitive standards to more sophisticated standards

Harmonization / Unity of Workgroups • • Regarding the following subject matter: Citations Contracts E-terms Integrated Justice Judicial Decisions PKI

Legal XML Documents • Currently in Existence – Unofficial Notes – Working Chapter – Proposed Standards – Recommended Standards

Standardization • Not Attempting to Standardize Law • Attempting to provide standardization for the use of information management tools – Seeks to provide format for courts so that they can easily exchange policy information, decisions – Seeks to increase education and marketing to gain participation