Demo marks maiden voyage of government into digital signatures
From the White House to the IRS, legally binding digital signatures are out of the
experimental stage and into actual use.
When President Clinton and Irish Prime Minister Bertie Ahern attached their digital
signatures early this month to a joint communique about electronic commerce, it marked the
first time two heads of state used encrypted signature technology. It also drove home the
fact that the federal government is starting to accept such signatures as legally binding.
The digital signature system for this event came from Baltimore Technologies Ltd. of
Dublin, an Irish company that produces EC security systems. The companys sales vice
president, Aidan Gallagher, said Clinton and Ahern were issued personal smart cards, which
each had a unique signing code and a digital certificate.
When the leaders toured a Gateway Inc. computer assembly plant in Dublin, a pair of
portable computers was set up for them. The two heads of state inserted their smart cards
into readers and entered their personal codes, generating signatures attached to the
communique. It appears, complete with signature stamps, on the White House Web site.
Do you have any idea how much time I spend every day signing my name?
Clinton asked. Im going to feel utterly useless if I cant do that
The demonstration used Gateways intranet, but Gallagher said the transaction
could just as easily have taken place over the Internet with Ahern in Dublin and Clinton
Digital certificates function as great virtual identification cards on the Net because
they are difficult to counterfeit. They confirm the identity of an individual or an
Internet server during an online transaction.
A certificate plus encryption gives far stronger access control than user names and
passwords. And digital signatures can secure online purchase orders and payments in
addition to legal documents.
If your agency wants to develop a plan for digital signatures, look for ideas on
Baltimore Technologies site at http://www.baltimoreinc.com.
Or visit the site of VeriSign Inc. of Mountain View, Calif., at http://www.verisign.com/.
The IRS recently awarded VeriSign a contract for an electronic tax administration
public-key infrastructure pilot that will test secure e-mail and online filing of tax
returns. If successful, it would eliminate the need for taxpayers who file electronically
also to send paper versions bearing handwritten signatures.
Other key players in the electronic signature category are Northern Telecom Inc.s
Entrust security software, at http://www.nortel.com,
and GTE Corp.s CyberTrust at http://www.bbn.com/products/security/cytrust/.
If your agency plans to use digital signatures specifically for electronic payments, a
good starting point for research is the National Automated Clearing House Association at http://www.nacha.org/. The site lists guidelines and
business practices for banks that issue digital IDs to customers.
Digital signatures have arrived, whether theyre used with in-house systems or
through third-party certificate authorities. Agencies need to learn more about them and
start making plans for integration now because its possible that, by next fall, they
might be doing secure business on the Net.
Shawn P. McCarthy is a computer journalist, webmaster and Internet programmer for
Cahners Business Information Inc. E-mail him at firstname.lastname@example.org.