T H E    U N I V E R S I T Y    O F   P E N N S Y L V A N I A    L A W    S C H O O L
E L E C T R O N I C   C O M M E R C E :   V E R S I O N  2.0
MAIN MENU: CALENDAR SYLLABUS DISCUSSION ADMINISTRATION
NOTICES:

Congratulations to the Fall 2001 class for an excellent semester. eCommerce will return next year.


eContracts IV:
Digital Signatures and Authentication

 

1. The Technology of Digital Signatures and Encryption

2. Current Legislative Action and Issues

3. The Policy of Digital Signatures

 

 

Purposes of a Signature

   
realspace signature
digital signature
Authentication
 The Signer = The "Real" Person
?
?
Non-Repudiation
 The Signer actually "signed" the document.
?
?
Documentary Parameters
 Confirming the content, the time signed, etc.
?
?

 

 

The Technology of Digital Signatures and Encryption

 

A Digital Signature Flowchart

 

 


Does this process suffice for the purposes of a signature? (What else do we need to know?)

 

Encryption

Problem(s):

(a) How do you exchange encrypted information with someone you've never met?

(b) How do you prove to anyone that you've signed a document?

 

Public-Key Encryption

Encryption: performing an operation on data (here, text) in such a way that only the use of a "key" can undo the operation.

The limited value of key-based encryption versus the innovation of public key encryption.

 

Basic Idea: Two keys, operate the function in opposite directions:

Encrypt with the public key ==> decrypt with the private key

Encrypt with the private key ==> decrypt with the public key

 

Encryption Key
=>
Decryption Key
Application
public key
=>
private key
Standard Encryption
private key
=>
public key
Digital Signature

 

Still one more problem: associating private keys with "real" people / corporations.

The role of Certificate Authorities (CAs)

 

 

Legislative Action

 

Categories:

prescriptive

standards-based

signature-enabling

What are the pros and cons of each approach?

 

The eSign Act

What is the scope of the Act? (What type of transactions are covered?)

What if a state law requires that a record be kept?

 

State Initiatives

 

International Initiatives

 

Legislative Issues:

1. What is the appropriate role for the government?

2. Technical Standards and Legal Standards

3. Widespread Recognition / Conflicting Standards

 

 

Objections to Digital Signatures

 

1. Electronic transactions are especially risky.

2. Digital record-keeping and document integrity uncertain.

3. Accentuates the digital divide.

 

 



C O P Y R I G H T   ©   2001   R.   P O L K   W A G N E R.