Secure Electronic Signatures and Recognized Certification Authorities

The Personal Information Protection and Electronic Documents Act Part 2 specifies certain instances when a "secure electronic signature" is required.

Part 2 describes the four characteristics of a secure electronic signature.  It must be unique to the person, under the sole control of the person, used to identify the person and linked with the electronic document in such a way that it can be used to determine if the document has been changed since the signature was attached

Regulations that prescribe the technology and processes that meet the characteristics of a secure electronic signature complete the legal definition of a secure electronic signature. Organizations wishing to be recognized as capable of meeting the requirements of the regulations must be verified by the President of the Treasury Board as being able to do so in a secure and reliable manner.

The "Secure Electronic Signature" regulations which describe the processes and technology for creation of a secure electronic signature (SES) came into force in February 2005.

The regulations specify that Certification Authorities (CAs) recognized, as being capable of creating secure electronic signatures, will be listed on the website of the Treasury Board Secretariat.

At this time only federal government Certification Authorities that have cross-certified with the Canadian Federal PKI Bridge are recognized.

• Recognized Certification Authorities

The Secure Electronic Signature Regulations Recognition Process describes the process to have a Certification Authority recognized as satisfying the requirements of the regulations.