On December 13th 1999 the European Union approved a directive regarding electronic signatures, proving the whole union with a common legal framework for the use of signatures in electronic form. Austria was one of the first countries to implement this directive and the Austrian signature law is in effect since January 1st 2000. Electronic signatures are important for teleworking, as they allow to represent one aspect of physical presence (manual signature on a sheet of paper) to be transported to remote work an transfer over communication networks. Another advantage is, that one particular problem associated with electronic signatures (the presentation problem, see below) might lead to a standardization of document formats. This would help telework immensely, as data-exchange would be made much easier.
On this page some general remarks on signatures are presented, including a definition and some advantages and problems important for telework. Finally, you can find a collection of links to legal resources, technical standards for the implementation and certificate authorities.
DefinitionThe Austrian signature law defines "electronic signatures" as:
electronic data attached to or logically linked with other electronic data which serve to authenticate, that is establishing the identity of the signatory.
In this definition the main aspect of a signature is included, the connection between a document and an individual person.
Electronic signatures <-> Digital signaturesElectronic signatures have a very broad range and for example public key systems or signature dynamics can be used. However, in most cases only on subtype is used (and therefore the two names are often mixed; but the distinction should always be remembered): digital signatures. These consist of a private key (used for signing a hash-value of the document) and a public key (cited in a certificate, connecting this particular key to a unique person).
ProblemsHowever, there are also some problems connected with signatures: They possess advantages, but they cannot fulfill each and every requirement and have their own problems. Some important ones of them are:
Signing documentsWith electronic signatures documents can be signed so everybody can check who approved their content. This is important for telework, as in this case often no version on paper exists. Such documents could therefore not be used in connection with telework. A large area of application for this is the government, where a basic requirement is that the person approving a certain document can always be traced, also for a long time in the future. But the public sector is not the only area for the use of signatures, companies employing teleworkers can also profit from them: Tracing the origin and way of processing is much easier with signatures, as they are defined according to a set standard (easier programming) and modifications are always detectable after signing (Also a possibility to avoid transmission errors).
General advantages of a public key infrastructure (PKI)Using digital signatures will in most cases require a public key infrastructure (PGP is not suited to producing legally binding signatures; no authority guarantees for the correctness of the data). This includes that every user, who whiches to create signatures, receives a (at least one) certificate, which is commonly stored on chipcards (at least for secure signatures). But this certificate can also be used for different things than just signing documents:
Both languages are authentic.
A-SIT (Zentrum für sichere Informationstechnologie - Austria / Secure Information Technology Center - Austria): Confirmation institute according to § 19 SigG
TrustSign (e-Sign; A-Trust): Not accredited!
AD Cert (Arge Daten)
net.surance Security (EA Generali)
CryptoConsult (Mag. Ulrich Latzenhofer)
Globalsign (Belsign Austria; Innovation Systems Informationstechnologie GmbH): Not accredited! Should be accredited in Belgium according to the TKC.
Thawte (Now Verisign subsidiary)
Last modified: 13 August, 2002, by MVS