The Law on Electronic Digital Signatures has been adopted in the Russian Federation
On January 23, 2002 a law on Electronic Digital Signatures came into force in the Russian Federation. The EDS Law allows to replace the written form by the electronic form, if an electronic digital signature has been applied to an electronic document.
Feb 07, 2002
On January 23, 2002 a law on Electronic Digital Signatures (hereafter refered to as: EDS Law) came into force in the Russian Federation. The EDS Law allows to replace the written form by the electronic form, if an electronic digital signature has been applied to an electronic document.
Contrary to initial concerns the new regulation offers a comparatively liberal solution, without any indications, that the Russian government would try to control all actions of the respective users within the world wide web.
One of these keys is a private key, assigned to a specific user. The application of this key will incorporate a digital signature into a document.
The other key is the corresponding public key, freely available for everyone. This key serves to verify the signature.
As long as the private key remains known only to the authorized person, the receiver of a digitally signed message can be certain about the document's completeness and authenticity.
Unlike a handwritten signature, an electronic digital signature allows to sign the document in its entirety. Similar to a watermark, the document and the digital signature form an integrated whole. Any later changes of the document's content will affect the digital signature as well. Thus, any manipulations or changes of the original document will become obvious to the receiver.
The process of digital signing, as well as the verification of a signature do not require a complicated procedure. Digital signing has become an integrated standard feature of many e-mail programs and the installation of appropriate plug-ins to existing standard software can be realized without any difficulties.
The new Law regulates, that an electronic digital signature can replace the handwritten signature and thus the written form only, if a valid certificate exists, and if the authenticity of the signature has been verified by using the certified public key (Art. 4 No. 1 EDS Law).
The required certificates, which assign a specific private and public key to a certain person, shall be issued by private certification centers. It is possible to be the holder of several certificates at the same time.
The certification centers will also keep register of the assigned signature keys. Furthermore they must ensure the secrecy of the private keys and grant free access to the public keys (Art. 9 EDS Law).
To enable certification centers to sign their own documents by applying an electronic-digital signature, an administrative body shall be appointed, to keep register of the key certificates assigned to certification centers (Art. 10 EDS Law).
Certification centers, offering signature keys for open networks, must be legal persons equipped with the necessary material and financial means to fulfill their obligations in case of liability. A license is necessary to run a certification center (Art. 8 EDS Law).
Furthermore the hard- and software units (e.g. plug-ins) used for creation and application of signature keys are subject to a special certification (Art. 5 EDS Law).
Although regulations on the implementation of the EDS Law have not yet been issued, the existing practice indicates, that the FAPSI (Federalnoye Agenstvo Pravitelstvennoy Svyazi i Informatsiy) will in this field be the competent authority to certify software, to assign licenses, and to keep register of the key certificates assigned to the certification centers.
In closed systems the procedure of electronic digital signing and thus the question when a contract shall be considered to comply with the written form, may either be regulated by the owner of the sys
Contrary to initial concerns the new regulation offers a comparatively liberal solution, without any indications, that the Russian government would try to control all actions of the respective users within the world wide web.
The incorporation of electronic digital signatures
The technical realization of electronic digital signatures is based on a Public Key Infrastructure, exclusively using a pair of asymmetric digital keys.One of these keys is a private key, assigned to a specific user. The application of this key will incorporate a digital signature into a document.
The other key is the corresponding public key, freely available for everyone. This key serves to verify the signature.
As long as the private key remains known only to the authorized person, the receiver of a digitally signed message can be certain about the document's completeness and authenticity.
Unlike a handwritten signature, an electronic digital signature allows to sign the document in its entirety. Similar to a watermark, the document and the digital signature form an integrated whole. Any later changes of the document's content will affect the digital signature as well. Thus, any manipulations or changes of the original document will become obvious to the receiver.
The process of digital signing, as well as the verification of a signature do not require a complicated procedure. Digital signing has become an integrated standard feature of many e-mail programs and the installation of appropriate plug-ins to existing standard software can be realized without any difficulties.
The EDS Law
The secrecy of the private key is most crucial for the safety and reliability of the process of digital signing. Therefore the realization of the necessary security infrastructure is the main object of the EDS Law.The new Law regulates, that an electronic digital signature can replace the handwritten signature and thus the written form only, if a valid certificate exists, and if the authenticity of the signature has been verified by using the certified public key (Art. 4 No. 1 EDS Law).
The required certificates, which assign a specific private and public key to a certain person, shall be issued by private certification centers. It is possible to be the holder of several certificates at the same time.
The certification centers will also keep register of the assigned signature keys. Furthermore they must ensure the secrecy of the private keys and grant free access to the public keys (Art. 9 EDS Law).
To enable certification centers to sign their own documents by applying an electronic-digital signature, an administrative body shall be appointed, to keep register of the key certificates assigned to certification centers (Art. 10 EDS Law).
Certification centers, offering signature keys for open networks, must be legal persons equipped with the necessary material and financial means to fulfill their obligations in case of liability. A license is necessary to run a certification center (Art. 8 EDS Law).
Furthermore the hard- and software units (e.g. plug-ins) used for creation and application of signature keys are subject to a special certification (Art. 5 EDS Law).
Although regulations on the implementation of the EDS Law have not yet been issued, the existing practice indicates, that the FAPSI (Federalnoye Agenstvo Pravitelstvennoy Svyazi i Informatsiy) will in this field be the competent authority to certify software, to assign licenses, and to keep register of the key certificates assigned to the certification centers.
In closed systems the procedure of electronic digital signing and thus the question when a contract shall be considered to comply with the written form, may either be regulated by the owner of the sys