DOCSLIB.ORG

The Electronic Signature As an Enabler for Digital Certification Processes in Aviation Intermediate Results from the BDLI Working Group

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Electronic Signature As an Enabler for Digital Certification Processes in Aviation Intermediate Results from the BDLI Working Group The electronic signature as an enabler for digital certification processes in aviation Intermediate results from the BDLI working group Dr. Jörg Wirtz, IAQG supplier forum Berlin 18th Ocober Confidential Agenda 1. Status quo in Aviation 2. Concepts & building bricks of digital trust 3. Results of BDLI WG: a) how to apply electronic signatures on TC-documents b) how to archive digitally signed TC-documents 4. Implemenation of digital signature at Airbus Helicopters 5. A proposal how to include authorities, supplier and partners in digital signature processes 6. Outlook: model base engineering 7. Next steps 2 25 October, 2019 Presentation title runs here (go to Header and Footer to edit this text) Status quo in Aviation Aircraft development and production Aircraft certification 3 25 October, 2019 Presentation title runs here (go to Header and Footer to edit this text) Industrie process Status quo in Aviation • In digital tools, all product and production process process data are defined and processed in the process chain • However, signatures on released data in the digital Digital environment are still not fully accepted by regulatory continuty agencies. Certification • Therefore for all certification purposes, paper based documents have to printed out, wet signed and finally archived • The missing confidence results from: • Missing accepted industrial best practice on applying digital signatures = digital trust service on aviation certification documents • Missing accepted industrial best practice on Long Term Archiving of digitally signed type certificate documents • Missing accepted industrial best practice on including authorities, supplier and partners in digital signature processes This led to building of the BDLI-working group in 2018 4 25 October, 2019 Presentation title runs here (go to Header and Footer to edit this text) Concepts & building bricks of digital trust : The eIDAS regulation eIDAS-Verordnung eIDAS (electronic IDentification, Authentication and trust Services) is an EU regulation on / a set of standards Certificates are provided for electronic identification and trust services for electronic by different Trust Centers transactions in the European Single Market. It was established in in different security levels. Necessary renewal of EU Regulation 910/2014 of 23 July 2014 on electronic timestamps has to be identification and repeals directive 1999/93/EC from 13 December taken into account to 1999.. keep validity of signature. Certificates Certificates can be stored on local PCs, server-based, on Management separate HW (e.g. of the batch) etc. Signature documents Control of documents applications can allow from creation to additional checks (e.g. archiving can be validity). Software and performed manually or Hardware by electronic workflows and management systems. 5 25 October, 2019 Presentation title runs here (go to Header and Footer to edit this text) Concepts & building bricks of digital trust Die EIDAS Verordnung defines in Art. 3 Nr. 10–12 the following types of electronic signatures: simple electronic signature Certificate based digital signature Any digital declaration of intent: e.g. Signature under an email Private key= certificate from Trust center linked to identity of signee Advanced electronic signature (certificate based): • There is a certificate for electronic signature, electronic proof that confirms the identity of the signatory and links the electronic signature validation data to that person. • It provides unique identifying information that links it to its signatory. • The signatory has sole control of the data used to create the electronic signature. • It must be capable of identifying if the data accompanying the message has been tampered with after being signed. If the signed data has changed, the signature is marked invalid. Qualified electronic signature (certificate based) an advanced electronic signature that is created by a qualified electronic signature creation device based on a qualified certificate for electronic signatures. 6 25 October, 2019 Presentation title runs here (go to Header and Footer to edit this text) Results of BDLI WG :The BDLI working group & approach Authorities Thomas Glose, Bundeswehr ; Industrie Kubon, Rene ESG; Kochs-Kämper, Markus (RUAG Aero Bichtemann, Bernd, Bundeswehr; Kotziok, Alexandra ; Airbus Defence & Space; Albrecht, Michael, MT-aerospace; Wienen, Sarah, Bundeswehr Schumann, Andreas; Premium Aerotec Loges, Michael Rolls-Royce. Geisenberger, Anton; Premium Aerotec Wojahn, Michael Rolls-Royce Müller , Andreas LBA; Prassek, Arnd.; MTU Fischer, Michaelpeter; Jenoptik; Mayr, Claus MTU; Haarmann, Robert Hensoldt; Friese, Daniel; Airbus Defence & Space Salbach, Holger Northrop Grumman LITEF; Krueger, Eike; Airbus Kläsner, Sascha; Liebherr.; Frank Müller Hensoldt; Tietsche, Volker; Northrop Grumman LITEF; Fichtner, Frank Hensoldt; Wolski, Timo;Siemens Working Group coordination: Godde, Hans. Diehl; Fischer, Lena; Northrop Grumman LITEF; Wirtz, Jörg -; Airbus Helicopters Groth, Harald. Jenoptik.; Huber, Rebecca; MTU; Zwiener, Axel; BDLI Bracklo, Holger; Position Elbe-Flugzeugwerke Zebib, Ursula.DIEHL; Wirtz, Jörg; Airbus Helicopters Poerner, Marc; Airbus Helicopters The BDLI working group has set itself the goal of developing a proposal as to which requirements with regard to electronic signature are to be placed on which document / data types of the type certifcate process 7 25 October, 2019 Presentation title runs here (go to Header and Footer to edit this text) Results of BDLI WG :how to apply electronic signature in TC documents Initially, various electronic signature types and existing processes from industrial practice were identified and described Results of BDLI WG : how to apply electronic signature in TC documents Finally 4 electronic signature types were taken into account for the mapping with aviation type cetrificte documentation 1b Email/ 1c Electronic 3 Qualified Digital 2a Digital Signature Scan/Picture Validation Signature •Z.B. “Tom’s letter” •Z.B. EFA waiver in PDM • Z.B. Type Certificate Dokument • Z.B. Type Certificate Dokument •A scanned signature inserted as •Simple Electronic Signature •Advanced electronic signature •Qualified electronic signature "is raster image. (defined by Art. 3 X + Art. 25 I, based on proprietary certificates a digital signature generated with •Written signature in an email or eIDAS reg.) and encryption (defined by Art. 3 a qualified certificate (Articles 3 digital document (e.g., MS Word) •Signature in a database-based XI + Art. 26, eIDAS reg.) E.g. XII, XV + XVII + Art. 25, eIDAS •Easy to fake: Lowest trust level workflow (e.g., SAP). Strict access Airbus Digital Trust Solutions. reg.). control through clear user •Very hard to fake: high level of •Very hard to fake: highest level of accounts and strong passwords trust trust, burden of proof turns •Hard to fake: medium trust level around Evaluation of wet & electronic signature types in terms of process costs and process reliability Types of electronic Signature ProzessEffort/ Security/ ProzessEffort/ Security/ ProzessEffort/ Security/ ProzessEffort/ Security/ Document process kostencosts Sicherheitreliability kostencosts Sicherheitreliability kostencosts Sicherheitreliability kostencosts Sicherheitreliability Control Signing authority 2 1 2 3 3 4 4 4 Create / edit 2 1 2 4 2 4 2 4 document Document approval 4 1 2 3 3 4 4 4 Document distribution 3 2 1 3 1 4 1 4 Archiving 2 4 1 3 3 4 4 4 Document retrieval 4 3 1 2 3 3 4 4 assessment 2,83 2,00 1,50 3,00 2,50 3,83 3,17 4,00 Preferred for documents Preferred for documents with medium trust level req. with high trust level req. Results of BDLI WG : how to apply electronic signature in TC documents Recommendation of BDLI WG: Set of TC documents, where digital signature type 2a shall be applied Results of BDLI WG :how to archive digitally signed TC- documents Problem of long term archiving digtal signatures The problem is the aging of algorithms used to generate an electronic signature. With age, the algorithms are vulnerable, i. H. With enough computing power, someone could spend for another or create another document to the previous hash value. From working group recommended Solution in archiving system For each newly saved document in an archive, a hash value is calculated based on the most recent, strongest hash algorithm and recorded in a hash tree at the first level Now, if one of the documents is needed for evidence in court, a copy of the document is retrieved from the Content Repository and its Evidence Record created, which contains a so-called Evidence Record: reduced archive timestamp and in addition to the test results of the signatures. 12 25 October, 2019 Presentation title runs here (go to Header and Footer to edit this text) Implemenation of digital signature at Airbus Helicopters DSignIT CSSI & MyID VeraPDF BFLOW • Application to digitally • Middleware to allow usage • Client solution of PDF/A • PDF/A archiving incl. sign documents of smartcards (badge) format checker to allow format check with PDF • Client solution for local digital with HW certificates end users pre-checks. check server solution signature without document • Packaging of Win10 versions • Same solution is put in place • Evidence records solution uploads. of middleware required for in BFLOW PDF archiving by usage of Airbus commercial • Available in SW center for usage of hardware certificates workflow. API (software as a service) to installation (Win7/10). • Action taken over from Win10 ensure long term preservation of digitally
Load more

Recommended publications
  • Office of State Controller, and the North Carolina Department of The
    Office of State Controller, and the North Carolina Department of the Secretary of State, and North Carolina Department of Cultural Resources, Division of Archives and Records Digital Signature Policy Guidelines Version 1.1 March 2014 Contains corrected links to documents Table of Contents 1 Introduction ........................................................................................................................... 3 1.1 Purpose of Guideline ........................................................................................................ 3 1.2 Scope ............................................................................................................................... 3 2 Electronic Signature Background ........................................................................................ 3 2.1 Legislation ........................................................................................................................ 3 2.2 Definitions ......................................................................................................................... 4 2.3 Definition of an Electronic Signature* ................................................................................ 5 2.4 Electronic Signature versus Digital Signature ................................................................... 6 3 Expectations for Electronic Signatures ............................................................................... 7 3.1 Intended Goals ................................................................................................................
    [Show full text]
  • Enhance Qualified Electronic Signatures with What You See Is What You Sign QES and WYSIWYS Service - Powered by Cryptomathic and Swisscom
    Solution Brief Enhance Qualified Electronic Signatures with What You See Is What You Sign QES and WYSIWYS Service - Powered by Cryptomathic and Swisscom Qualified remote signing and Solution benefits WYSIWYS - hosted eID services The best way to deliver Qualified Electronic Signature ü Offer Advanced or Qualified (QES) services across different channels is to use Electronic Signatures compliant with remote signing technology. It integrates smoothly the Swiss signature law, ZertES, and the with any web application and does not require any EU eIDAS regulation on trust services. software install, plug in or additional components and can be used anywhere, at any time, from any device ü Improve the users’ signing with browsing capacity. Qualified remote signing experience for all channels incl. web provides the highest legal value and international portals, desktop applications, mobile & acceptance, while What You See Is What You Sign tablet platforms (WYSIWYS) technology delivers a seamless user experience with strong non-repudiation. Combining ü Demonstrate unrivalled non- QES with WYSIWYS is a strong enabler for businesses repudiation with WYSIWYS to provide ultimate security, trust and convenience funcionality with online transactions. This is exactly what the Cryptomathic – Swisscom solution offers, namely the ü Eliminate smartcards, card readers possibility to offer Advanced or Qualified Electronic and local software install Signatures using a zero-footprint remote signing hosted service, featuring WYSIWYS functionality. ü Solve data
    [Show full text]
  • Global Guide to Electronic Signature
    Global Guide to Electronic Signature Law: Country by country summaries of law and enforceability Table of contents Introduction 3 Germany 9 Republic of Korea 15 Definition of terms 4 Greece 9 Romania 9 Recommended practices for Hong Kong 10 Russian Federation 16 electronic agreements 4 Hungary 9 Singapore 16 India 10 Slovakia 9 Country summaries of Indonesia 11 Slovenia 9 electronic signature law Ireland 9 South Africa 17 Argentina 5 Israel 11 Spain 9 Australia 5 Italy 9 Sweden 9 Austria 9 Japan 12 Switzerland 17 Belgium 9 Latvia 9 Taiwan 18 Bermuda 6 Lithuania 9 Thailand 18 Brazil 6 Luxembourg 9 Turkey 19 Bulgaria 9 Malaysia 12 United Kingdom 9 Canada 7 Malta 9 United States 19 Chile 7 Mexico 13 Uruguay 20 China 8 Netherlands 9 Colombia 8 New Zealand 13 Croatia 9 Norway 14 Czech Republic 9 Peru 14 Denmark 9 Philippines 15 Estonia 9 Poland 9 European Union 9 Portugal 9 Finland 9 Republic of Cyprus 9 France 9 © Adobe Systems Incorporated 2016. This information is intended to help businesses understand the legal framework of electronic signatures. 2 However, Adobe cannot provide legal advice. This guide is not intended as legal advice and should not serve as a substitute for professional legal advice. You should consult an attorney regarding your specific legal questions. Introduction Electronic and digital signatures represent a tremendous opportunity for organizations to get documents signed and close deals faster. When rolling out e-signatures globally, you need to be aware of the variety of electronic signature laws across the globe. This guide gives you a great place to start.
    [Show full text]
  • Qualified and Advanced Electronic Signatures)
    R Terms and Conditions of Use Swisscom certification service (Qualified and advanced Electronic Signatures) Terms and Conditions of Use for the use of the Swisscom qualified certificate is permitted in connection with the use certification service with qualified and advanced certificates of the trust service in accordance with these Terms and Con- for qualified and advanced electronic signatures (Swisscom ditions of Use ("limitation of use"). certificate class "Saphir and Diamant") 2.2 Identity verification process and retention of the infor- mation Swisscom or the registration authority appointed by 1 Scope of these Terms and Conditions of Use Swisscom checks your identity in the identity verification pro- These Terms and Conditions of Use shall apply in the rela- cess. For qualified electronic signatures, this is done by tionship between you and Swisscom (Schweiz) AG, Alte means of your passport or an identity card allowing travel to Tiefenaustrasse 6, Worblaufen, Switzerland, company ID Switzerland. Depending in each case on the actual organisa- CHE-101.654.423 (hereinafter "Swisscom") for your use of tion of the identity verification process, you may be re- the Swisscom certification service with qualified and ad- quested in the verification process for advanced electronic vanced certificates for qualified and advanced electronic sig- signatures to also submit other documents than those re- natures. quired for qualified electronic signatures. 2 Swisscom’s Services Based on your identify verification process for qualified elec- tronic signatures, you may also create advanced electronic 2.1 Certification service in general signatures in accordance with these Terms and Conditions of For your certification services with qualified certificates, Use where the subscriber application used by you offers dif- Swisscom is an accredited certification services provider in ferent types of signatures.
    [Show full text]
  • Eidas and E-SIGNATURE a LEGAL PERSPECTIVE: ELECTRONIC SIGNATURES in the EUROPEAN UNION
    eIDAS AND E-SIGNATURE A LEGAL PERSPECTIVE: ELECTRONIC SIGNATURES IN THE EUROPEAN UNION WHITE PAPER TABLE OF CONTENTS Part 1: Introduction 3 Key Highlights of the eIDAS Regulation 4 Legal Effect of Different Types of Signatures 6 Regulation of Trust Services 7 Legal Best Practices 8 Part 2: Compliance With the Regulation 9 Advanced Electronic Signatures 9 Qualified Electronic Signatures 10 Format Standards 12 Additional Evidence 12 Conclusion 13 E-Signature Solution Checklist 14 About the Authors This paper is a collaboration between Lorna Brazell of Osborne Clarke LLP and OneSpan. In part one, Osborne Clarke provides a legal opinion on the legal validity of electronic signature in the European Union. Part two has been prepared by OneSpan, and summarizes best practices recommendations for legal compliance when implementing e-signatures. eIDAS & E-SIGNATURE: A LEGAL PERSPECTIVE FOLLOW US 2 PART 1 Introduction The 2014 Regulation on Electronic Identification and Trust Services for Electronic Transaction in the Internal Market1 (“eIDAS”) went into effect throughout the European Union (“EU”) on 1 July 2016, replacing the 1999 Directive on electronic signatures2 (“the Directive”). Although the Directive had not been the subject of any disputes in its 16-year history, neither had it been a success. Its objective, to enable the widespread use of electronic signatures to conduct business across borders within the EU, was not met. There Are Three Key Reasons for This: I. Most EU Member States’ laws do not specify any form of signature for commercial contracts other than guarantees or contracts assigning real property. II. Many people mistakenly believed that the Directive mandated the use of advanced electronic signatures supported by a qualified certificate3 in order for an electronic signature to be legally effective.
    [Show full text]
  • Eidas Regulation Questions & Answers
    eIDAS Regulation Questions & Answers on rules applicable to Trust Services as of 1 July 2016 The eIDAS Regulation (Regulation (EU) N°910/2014) on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation) adopted by the co-legislators on 23 July 2014 is a milestone as it provides a predictable regulatory environment for electronic identification and trust services, including electronic signatures, seals, time stamps, registered delivery and website authentication. As of 1 July 2016, the provisions applicable to trust services apply directly in the 28 Member States. This means that trust services under eIDAS are no longer regulated by national laws. As a result, the qualified trust services are recognised independently of the Member State where the Qualified Trust Service Provider is established or where the specific qualified trust service is offered. What’s new? What changes with regard to the former eSignature Directive? What must be done at national level? How does it impact market operators? How does it benefit the users (citizens, businesses and public administrations)? What has the Commission done to facilitate the switchover? These questions and many others have been asked along the road since the adoption. We have compiled this Q&A document to help those of you who need to fully understand the new legal framework in order to implement it or reap the benefits of electronic transactions, as well as those of you who are curious about the Regulation’s various implications. I. What is new? How will the legal effect of electronic signature change under eIDAS (compared to the regime under the eSignature Directive) as from 1 July 2016? Since 1 July 2016, when the trust services’ provisions under the eIDAS Regulation entered into application, an electronic signature can only be used by a natural person to “sign”, i.e.
    [Show full text]
  • Esign Law Explained
    Electronic Signature Article ESIGN Electronic Commerce and Electronic Signature Law Clarified Copyright © Topaz Systems Inc. All rights reserved. For Topaz Systems, Inc. trademarks and patents, visit www.topazsystems.com/legal. ESIGN Law Clarified Table of Contents Overview ................................................................................................................................... 3 Abstract .................................................................................................................................... 3 Requirements for Legal Contract Enforcement .................................................................... 3 Digital Signature Technologies .............................................................................................. 4 PKI Digital Signatures ........................................................................................................................ 4 Handwritten Electronic Digitized Signatures ....................................................................................... 5 Email, Fax, and Other Simplistic Approaches ..................................................................................... 5 Digital Signature Technology in Open and Closed System Environments ........................ 6 Closed System and PKI ..................................................................................................................... 6 Closed System and Digitized Electronic Signatures ..........................................................................
    [Show full text]
  • The Ultimate Guide to Digital Signatures Comprehensive Answers to the 20 Most Important Questions
    The Digital Signature Company The Ultimate Guide to Digital Signatures Comprehensive Answers to the 20 Most Important Questions DocuSign | 855 Folsom St. Suite 939, San Francisco, CA 94107 | Tel. (415) 839-8161 | www.docusign.com Introduction As organizations increasingly adopt paperless processes and automate their document workflows, the “wet ink” signature is rapidly becoming an anachronism in our digital world. Companies and government organizations around the world have invested huge sums in automating their business workflows, yet they still find themselves printing paper for the purpose of obtaining signature approvals. Projects can be held up for days and costs are accrued while documents are mailed between offices, partners, suppliers or customers in order to collect signatures. Professionals often share the concerns voiced by compliance officers over how to ensure the integrity and accountability of electronic documents and records, and by CIOs over how to best secure them. Meanwhile, COOs are concerned with avoiding project delays and CFOs are seeking ways to cut costs associated with paper handling. Digital signatures address each and every one of these concerns. Document Document Hash Private Key Public Key Digital Signature X Signed Document DocuSign | 855 Folsom St. Suite 939, San Francisco, CA 94107 | Tel. (415) 839-8161 | www.docusign.com 1. What are Digital Signatures? Digital signatures, which are often referred to as advanced or standard electronic signatures, take the concept of traditional paper-based signing and turn it into electronic “fingerprints”, or coded messages, which are unique to both the document and the signer and binds the two together. They are based on international standards that guarantee their secure implementation.
    [Show full text]
  • Electronic Signature Algorithms Standard
    Electronic Signature Algorithms Standard Version: 1.0 Author: Qatar Public Key Infrastructure Section Document Classification: PUBLIC Published Date: June 2018 Electronic Signature Algorithms Standard Version: 1.0 Page 1 of 13 Classification: Public Document Information Date Version Reviewed By 04/06/2018 1.0 Qatar National PKI Team Electronic Signature Algorithms Standard Version: 1.0 Page 2 of 13 Classification: Public Content 1. Overview ......................................................................................................................................... 4 2. Introduction .................................................................................................................................... 4 1. Objective of the document ......................................................................................................... 4 2. Audience ..................................................................................................................................... 4 3. Security properties of electronic signature .................................................................................... 4 4. Hash algorithms .............................................................................................................................. 4 1. Hash functions ............................................................................................................................ 4 2. Hash function properties ...........................................................................................................
    [Show full text]
  • Etsi Ts 119 312 V1.2.1 (2017-05)
    ETSI TS 119 312 V1.2.1 (2017-05) TECHNICAL SPECIFICATION Electronic Signatures and Infrastructures (ESI); Cryptographic Suites 2 ETSI TS 119 312 V1.2.1 (2017-05) Reference RTS/ESI-0019312v121 Keywords e-commerce, electronic signature, security, trust services ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice The present document can be downloaded from: http://www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI.
    [Show full text]
  • Electronic Signature Formats
    ETSI TS 101 733 V1.3.1 (2002-02) Technical Specification Electronic signature formats 2 ETSI TS 101 733 V1.3.1 (2002-02) Reference RTS/SEC-004009 Keywords IP, electronic signature, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice Individual copies of the present document can be downloaded from: http://www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http://portal.etsi.org/tb/status/status.asp If you find errors in the present document, send your comment to: [email protected] Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. © European Telecommunications Standards Institute 2002. All rights reserved. ETSI 3 ETSI TS 101 733 V1.3.1 (2002-02) Contents Intellectual Property
    [Show full text]
  • The Digital Signature Dilemma Le Dilemme De La Signature Numérique
    Pour publication dans Annales des Télécommunications, Mai/Juin 2006. © Jean-François Blanchette The digital signature dilemma Le dilemme de la signature numérique Jean-François Blanchette* Abstract The last ten years have seen an enormous amount of legal, regulatory, and technological activity aimed at designing a proper electronic equivalent to handwritten signatures. One such design, that of cryptology-based (or digital) signatures, has succeeded over other solutions to the point where, in certain legal systems, such as those of the Member States of the European Union, electronic signatures are almost exclusively understood to be based on public-key cryptography. Yet, several archival institutions (including the National Archives of Canada, Australia and the US) have expressed ambivalence at the prospect of preserving digitally signed records. This paper argues that discrepancies between technical, legal and archival responses to the problem of long-term preservation of digitally signed documents are founded on diverging understandings — physical vs. contextual — of electronic authenticity. Keywords: digital signatures, evidence law, electronic records, archivage, cryptography. Résumé Depuis dix ans, d’énormes efforts ont étés déployés sur le plan juridique, technologique et législatif dans le but d’élaborer un équivalent électronique à la signature manuscrite. Un des mécanismes proposé à cet effet est celui de la ‘signature numérique’, fondé sur les technologies de cryptographie à clé publique. Dans certain systèmes juridiques (p.ex., ceux des États Membres de l’Union Européenne), l’approche cryptographique a rencontré un tel succès auprès des législateurs que la signature électronique s’y comprend presque exclusivement en termes de cette méthode. Néanmoins, plusieurs institutions archivistiques (entre autres, les Archives Nationales du Canada, de l’Australie et des Etats Unis) ont exprimé une certaine ambivalence à l’idée de préserver des documents d’archives signés numériquement.
    [Show full text]