Security Portal: Digital Signatures - It's (Becoming) The LawFeb 21, 2000, 00:38 (0 Talkback[s])
(Other stories by Deborah Radcliff)
" 'The primary object (of digital signatures) was to replace the written signature in business communications,' says Diffie, now a distinguished engineer with Sun Microsystems, Inc. 'Digital signatures work amazingly similar to written signatures, but not exactly. Some thinking is required to figure out how to adopt our business practices to use digital signatures.'
But government isn't waiting for businesses to solve the issue. Already some 44 states have adopted 'electronic' signature guidelines, which has caused no small amount of confusion for businesses looking to create legally-binding electronic documents. That's because each state law is different. Some states consider PINs and passwords as legally binding electronic signatures, according to Nanette Ditosto, who, as vice president of business development for CERTCO, Inc., a New York-based Internet Security Company, has been involved with formation of digital signature guidelines here and in Europe. Others, like the state of Utah, are very detailed, specifying that only entities authorized by the state are allowed to issue digital signatures. The rest of the states just leave it up to other state agencies to figure things out."
"Meanwhile, cyberspace waits for no man. Already, a number of innovative, private-sector organizations are rolling out digital signature-supporting Public Key Infrastructure (PKI) networks... of their own, regardless of all the confusion. And it is these private-sector infrastructures that may just set the standards for legally-binding signatures in cyberspace."