Secure Electronic Signatures and Recognized Certification Authorities |
|
|
The Personal Information Protection and Electronic Documents Act Part 2 specifies
certain instances when a "secure electronic signature" is required.
Part 2 describes the four characteristics of a secure electronic signature. It must be unique to the person, under the sole control of
the person, used to identify the person and linked with the electronic document in such a way that it can be used to determine if the document
has been changed since the signature was attached
Regulations that prescribe the technology and processes that meet the characteristics of a secure electronic signature complete the legal definition
of a secure electronic signature. Organizations wishing to be recognized as capable of meeting the requirements of the regulations must be verified by
the President of the Treasury Board as being able to do so in a secure and reliable manner.
The "Secure Electronic Signature"
regulations which describe the processes and technology for creation of a secure electronic signature (SES) came into force in February 2005.
The regulations specify that Certification Authorities (CAs) recognized, as being capable of creating secure
electronic signatures, will be listed on the website of the Treasury Board Secretariat.
At this time only federal government Certification Authorities that have
cross-certified with the Canadian Federal PKI Bridge are recognized.
The Secure Electronic Signature Regulations Recognition Process describes the
process to have a Certification Authority recognized as satisfying the requirements of the regulations.
|