[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [legalxml-enotary] Legal requirements for digital notarization WAS:RE: [legalxml-en otary] Example - Authenticating Request For Servi ce
I think that while the initial goal is to solve the problem for the US clearly that is not enough, we'll end up piling one more thing onto the "we need to reconcile legal concepts across national jurisdictions" pile. Perhaps it is overly ambitious to do otherwise today but I think we should leave the door open and perhaps even plan on soliciting further input and participation to establish requirements and a model that could be accepted in other jurisdictions. Please feel free to correct my (mis) use of legal jargon - I value the knowledge! It seems to me that there is a mathematical technical part to this solution (what does a digitally notarized thing look like, what are the significant mathematical properties) and there is a legal technical part. To me the legal technical requirements is the tough part - I think the math part is more straight forward. [subject change] The basic goal of the US notarization process as I understand it is to provide witnessing services that speak to identity (who was there) and liberty (free of undesired influence / duress). Given that the second is relatively difficult to ensure in the physical world I don't know that we can hope to do any better in the digital world. The latter is in my mind the real work to be done here. I don't have a good feel for what level of assurance of identity is required for a witnessing event to have the same weight as a notarization event. I think today you need present a driver's license. I can tell you that I may have known a kid or two who had fake DLs with fake names and DOBs when I was in high school. I'm confident real criminals (as opposed to kids trying to get into dance clubs) are quite capable of doing the same. So it is safe to assume that if it is at least as tough to get an identity certificate as it is to get a [real :] DL that the event could, in the right court, carry the same weight? It would be easy to include a standard reference for the authentication process used beyond what the CP/CPS of the CA indicates. For example if US code were to indicate assurance level "N" was required for credentials to suffice a certificate could contain a machine parseable indication thereof which the CA could be bound to. regards, ram > -----Original Message----- > From: John Messing [mailto:jmessing@law-on-line.com] > Sent: Monday, October 21, 2002 10:45 AM > To: 'John Messing'; Pieter Kasselman; > legalxml-enotary@lists.oasis-open.org; Pieter Kasselman > Subject: RE: [legalxml-enotary] Example - Authenticating > Request For Servi ce > > > Please view comments inline. > > [Pieter Kasselman] > > As for e-Notary, we seem not to be concerned with > question one (i.e. > >we are not trying to define what a notarised document should > look like). Is > >that correct? Are we looking to come up with a single > equivalent of CPS/CP > >for e-Notaries? > > > >> [Pieter Kasselman] > >> > >> > So you are proposing that this TC defines the requirements by > >> > which any e-notary process is judged, rather than > specifying what an > >> > e-notarized document looks like or how that document is > generated and > >> > processed (processed in the machine sense as opposed to > the processes > >> > surrounding the practices of the e-notary)? > >> > > > [John Messing] > > I think one of the questions we may wish to consider is > whether there is a need to be docu-centric, and if we decide > such a needs exists, then we should articulate what legal > process e-notarized documents need to conform to. > > I don't think we should be looking to base more than > rudimentary thinking by way of analogies to CP/CPS. > > To my way of thinking however, and I think this was the > unanimous agreement of the last meeting, eNotarization > involves a determination about legal admissibility of > information that has undergone a machine process to ensure > verification, which itself has been determined to be suitable > for legal proceedings and purposes. If a type of process has > an eNotarization component of X, then a process which fully > meets X can expect that its data will survive a legal > challenge in the absence of any other controverting data. > This could become important for example to the developing XML > infrastructure within Oasis. If a WSS process could be said > to require a particular eNotarization level of reliability > for high value transactions, and another for low value > transactions, and it is certified by a trusted certification > body as meeting both, then that tells a lot to a potential > purchaser of the technology in terms of how the resulting > output of the process may be viewed in the event of dispute, > even disputes that go to cou > > > > That to me is a very important contribution this group can > make at this particular time. > > Best regards. > > > > ---------------------------------------------------------------- > To subscribe or unsubscribe from this elist use the subscription > manager: <http://lists.oasis-open.org/ob/adm.pl> >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC