Sign-off of the times
Digital signatures make the new budget official in electronic form
The president's proposed budget for fiscal 2009, released earlier this month, is a landmark for the Government Printing Office, the agency responsible for publishing official government documents. 'Documents are official because the GPO prints them,' said Public Printer Robert Tapella.
GPO Access for years has been making publications available online on the GPO Web site at www.gpo.com, but the electronic copies were posted as a matter of convenience and are not authoritative. It is the paper versions that have carried that weight, both physically and legally.
'This is the first official document' to be published electronically, Tapella said of the 2009 budget. 'This is the first executive branch document that is carrying the GPO's seal of authenticity' in electronic format.
The budget volumes are published in certified PDF documents carrying digital signatures embedded using Adobe LiveCycle enterprise suite, which makes authentication part of the document creation process. Documents can be digitally signed automatically at a server rather than one at a time on the desktop. This is a big help with a publication of more than 2,000 pages that is released in 29 separately signed sections and a number of separately signed supplements.
The digital signature is a public-key encryption technology that lets a signer use an electronic credential, called a digital certificate, to sign the document. The certificate contains a secret cryptographic key to lock the document once it has been verified as complete and accurate. This signature can be electronically checked using the signer's public key. If the signature is verified as valid and from a trusted source, it can provide assurance that the document is genuine and has not been altered since it was created.
When the document is viewed in Adobe Acrobat or Reader Version 7.0 or higher, the Reader automatically checks with the entity that issued the certificate to verify that the signature and the certificate that created it are valid. The Reader provides several visual cues of validity of the certified document, including a blue ribbon icon in the Reader, separate from the document itself, showing that the document has been certified.
'GPO also has put a watermark at the top of the document,' with the GPO Access logo, said John Landwehr, director of security at Adobe. When clicked, the logo shows the status of the digital certificate used to sign the document. There also is an icon on the left side of the Reader for displaying signature status.
The digital certificate used to sign the budget documents is an institutional certificate on a server rather than a certificate issued to a particular individual. It is issued by GeoTrust, a VeriSign company.
'We are not a certificate authority,' Landwehr said. VeriSign is one of four private certificate authorities participating in the company's Certified Document Service.
Digitally signing PDF documents is not new. 'We started doing this in 2003,' Landwehr said. What is new is the enterprise tool that makes it part of the document workflow.
The Office of Management and Budget has touted the official electronic version as an environmental initiative that will reduce the demand for hard-copy versions.
'This step will save nearly 20 tons of paper, or roughly 480 trees,' OMB Director Jim Nussle said in a statement.
The environmental savings might not be that great, however.
Although there were more than 125,000 downloads of the official PDF version in the first few days after the budget's release, GPO still printed about 6,500 hard copies, only slightly fewer than last year, Tapella said.