Judicial Studies Board - Publications: Digital Signature Guidelines, July 2000

Evidence in Litigation

63. In a civil case where a digital signature is in issue case management may be facilitated by consideration of the stages in the creation and use of digital signatures. It may be possible to limit issues and evidence to some of the stages. Below we deal with the stages under the five heads: registration; creation and issue of the means of authentication and of proving integrity; keeping secure the means of authentication and proving integrity; authentication and integrity check at the time of the transaction; and revocation of the certificate. 64. Evidence of compliance with regulatory schemes and/or with accepted technical standards may also reduce the need for detailed evidence as to the processes involved in the creation and use of digital signatures. The following text makes reference to such schemes and standards. They are likely to increase in the future.

Registration

65. This refers to the initial stage when the signatory asks the certification authority or, if separate from the CA, a local registration authority (LRA) for a certificate. The purposes of this stage are to ensure: that there is in existence a person with the name of the signatory, in other words, that the claimed identity exists; that the signatory is who he says he is, and that the attributes associated with the identity, such as the address, or age (if relevant) are consistent, accurate and recorded in standard form.

66. Registration may not involve physical attendance. It may be carried out entirely in the course of computerised communications between the signatory and the CA, as long as the signatory can thereby provide sufficient proof in relation to the assurance to be provided by the certificate. Alternatively a local reference may be sought from the police, a lawyer or a doctor.

Does the identity exist?

67. Dealing firstly with the establishment of whether or not the claimed identity actually exists. Subject to the level of assurance required checks could be carried out as to whether:

The postal address given actually exists
The individual or organisation is known to reside there (by reference to the electoral roll or company register)
The attributes given are consistent with available information and
In the case of an organisation the signatory is known to be an official of that organisation.

One company may have any number of signatories among its employees each of whom may have their own individual key pair or more than one key pair. It is important to note that the checks at the registration stage are directed at establishing identity. They do not mean that the certificate can necessarily be taken to be a representation that the signatory is to be found at a particular address.

Is the signatory who he claims to be?

68. Next the checks into whether the signatory is the person he claims to be. Typically this can be established by examining whether:

The signatory can produce original documents and/or
The signatory can answer questions derived from information about himself/his organisation which is likely to be known only to the person who he claims to be and the CA – for example, information about a previous transaction and/or
A trustworthy person can vouch for him (in the same way as in a passport application) and/or
A trustworthy organisation (such as an employer) can vouch for him and/or
The person who is the true holder of the claimed identity can be contacted at his registered address or telephone number.

Record of registration

69. The last stage of the registration process is when the CA records the steps it has undertaken to validate and authenticate identity so that it has an audit trail i.e. a recoverable record of what it has done. It may convert the registration information into a standard format and record it in its register.

Consequence of certifying a false identity

70. If somebody deceives a CA into issuing a certificate for a false identity, the CA may face a claim from a third party for loss suffered through reliance on the certificate. If the CA is alleged to have been negligent then the court may have to consider whether the checks made at registration were reasonable in the circumstances.

Creation and issue of the means of authentication and of proving integrity

71. This stage includes the production of the key pair, agreement as to initial password or any other means of controlling access to the private key (such as the use of a PIN number or a biometric template) and the creation of a certificate.

Process of creation and issue of key pair and access control

72. Although in our illustration (paragraphs 11-17) the CA created the key pair, if the signatory creates his own key pair he could take the public key to the CA for certification. At a lower level of authentication he could send his public key on-line to the CA for certification. There are many other ways in which this stage can be accomplished. One is a CA who creates a number of key pairs on smart cards which have serial numbers. The cards are given to a LRA. When registering a person’s digital signature the LRA informs the CA of the serial number and generates and sends the certificate to the CA for signing. The CA knows the public key from its records. This has a potential risk in that the CA staff may access the private key. Ideally nobody but the signatory should ever have the private key. This security risk can be overcome however by the use of biometric techniques or by the use of an initial password, which is changed on the first use after the initial one has been issued (then nobody other than the signatory would know the password). There may be no LRA and registration and issue may be carried out entirely by the CA. Alternatively the CA may only carry out registration and later risk management, such as verification of the validity of the certificate, and the key pair may be created by an independent contractor.

73. It is preferable to create a key pair on a smart card than on a computer as the smart card is ordinarily a more secure environment than the computer’s main processing and storage areas, which may be accessible to other online entities.

74. Once the certificate has been created it may be put on an electronic public directory (like a telephone directory) or a private directory. The CA may use a repository to provide the service of confirming whether or not a certificate is valid or providing information necessary to enable others to confirm validity.

Security and assurance of processes of creation and issue

75. There may be an issue as to whether the CA’s processes for creating the key pair and other aspects of the credential are sufficiently secure. Approval under the tScheme, described in our coverage of Part I of the Electronic Communications Act (paragraph 43), or any other comparable scheme (for example one operating in another EU Member State) may be taken by a judge as evidence that the CA or LRA had reasonable systems. If the court were satisfied of that then it could direct that evidence should only be adduced on the issue of whether the systems which operated at the time of the tScheme approval were still operating at the time of the events in issue.

76. In considering what evidence may be relevant to the quality of the CA’s systems the court might find it useful to refer to some of the provisions of the Electronic Signature Directive. Annex III sets out the requirements to be met by signature creation devices. Annex II suggests areas of the CA’s operation that may require examination. For example evidence may be required on the issues raised in paragraph (l) as to access to stored certificates or the points in (j) as to storage of the information used to create key pairs. The court may want evidence on the matters raised in (e) as to the qualifications of CA personnel and as to the CA’s administrative and management procedures. On the latter issue there are BSI standards that may be relevant. BS7799 –1:1999 and 7799-2 :1999 deal with management and information security standards. They may in due course be given an ISO (International Standards Organisation) number. Under BS7799 businesses are required to have policies as to how they examine the risks which their systems face both from inside and outside threats. These include access control, encryption and arrangements for business continuity in the event of a failure of power or other technical failure. The standards also cover physical security relating, for example, to theft of equipment and matters such as the training of the company’s personnel. A generic term for all these matters would be information security management processes. In other words, they are standards for the processes for safeguarding information technology.

77. If there is an issue as to whether the CA’s technology is adequate, the ISO 9000 standard (formerly known as BS 5750) may be relevant. It deals with the quality of management processes and procedures. Examples would be buying processes or manufacturing processes. This standard does not assure the quality of the end product but only the processes adopted on the way to the end product. If for example, there were a technical problem with the digital signature technology the signatory might claim against the organisation that created the key pair. That organisation’s processes for selecting and buying the software it used to create the key pair might be relevant to its liability to the signatory.

78. There are also technical standards for the technology used to generate the key pair and/or the certificate. In future reference may be made to such standards as may be established and published in the Official Journal of the European Communities.

79. It should be remembered that there is no absolute guarantee of security or objective measure that can be applied in all circumstances. The security level should be judged in relation to the relevant threat to security in the environment in which the information is actually being used.

80. Compliance of certificates with generic technical standards such as X509 will not establish that the CA has used satisfactory systems but it may be one factual element to be taken into account in considering that issue.

81. Neither approval under the tScheme nor compliance with standards will necessarily prove that the processes were reasonable in the circumstances of the case. It may well be necessary to admit evidence as to best practice in the particular industry or transaction in issue. In due course, however, the tScheme may at least deal with some of these issues.