MISSISSIPPI LEGISLATURE

1997 Regular Session

To: Banks and Banking

By: Representatives Chaney, Guice

AN ACT TO AUTHORIZE THE USE OF DIGITAL SIGNATURES TO AUTHENTICATE DOCUMENTS; TO DEFINE CERTAIN TERMS; TO REQUIRE THE SECRETARY OF STATE TO LICENSE PROVIDERS OF CERTIFICATION SERVICES FOR DIGITAL SIGNATURES; TO REQUIRE THE SECRETARY OF STATE TO CERTIFY DIGITAL SIGNATURES FOR PUBLIC ENTITIES IN MISSISSIPPI; TO EXEMPT FROM THE PUBLIC RECORDS ACT CERTAIN RECORDS THAT COULD AFFECT THE SECURITY OF DIGITAL SIGNATURES; AND FOR RELATED PURPOSES. 

BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MISSISSIPPI:

SECTION 1. This act may be cited as the "Digital Signature Act of 1997."

SECTION 2. It is the intent of the Legislature to facilitate economic development and efficient delivery of government services by means of reliable electronic messages; to foster the development of electronic commerce through the use of digital signatures to assure authenticity and integrity of writings in any electronic medium; to enhance public confidence in the use of digital signatures; and to minimize the incidence of forged digital signatures and fraud in electronic commerce.

SECTION 3. As used in this act:

(a) "Certificate" means a computer-based record which identifies the public key owner, contains the public key, identifies the certification authority and is digitally signed by the certification authority.

(b) "Certification authority" means a person who verifies a sender's public key by issuing a certificate.

(c) "Digital signature" means a message or part of a message which has been transformed using a computer program called a "private key" such that a person receiving the message can use a related computer program referred to as the signer's "public key" to determine whether the transformation was created using the private key that corresponds to the public key and whether the original message has been altered since the transformation was made.

(d) "Key pair" means a private key and its mathematically related public key in a digital signature system that has the property that the public key can verify a digital signature that the private key creates.

(e) "Private key" means a computer program, known only by its rightful owner, used to create a digital signature.

(f) "Public key" means a computer program used to verify a digital signature that may be disclosed publicly but cannot be used to forge the digital signature created by the corresponding private key.

(g) "Signature" means any word, group of letters, name, including a trade or assumed name, mark, characters or symbols made manually, by device, by machine or manifested by electronic or similar means, executed or adopted by a party with the intent to authenticate a writing.

(h) "Written" or "writing" means printing, handwriting, typewriting, engraving, lithographing and any information which is created or stored in any electronic medium and which is retrievable in an intelligible form such as a digital signature.

SECTION 4. (1) The Secretary of State shall serve as the certification authority to verify the digital signature of any public entity in Mississippi.

(2) The Secretary of State shall license private certification authorities, conditioned upon their showing:

(a) That they possess proficiency in encryption technology;

(b) That they possess sufficient working capital; and

(c) That they maintain an office in this state or have established a registered agent for process in this state.

(3) The Secretary of State shall have authority to revoke any license granted under the terms of this act upon notice and for good cause shown.

(4) The Secretary of State may impose a reasonable fee to cover the expenses of administering this section and shall adopt rules necessary to implement this section.

(5) Nothing in this act shall be construed to require any person to use digital signatures.

SECTION 5. A digital signature which has been verified by a licensed certification authority may be used to sign a writing and shall have the same force and effect as a written signature.

SECTION 6. The following records are exempt from the provisions of the Mississippi Public Records Act of 1983, Section 25-61-1 et seq.:

(a) Records containing information that would disclose, or might lead to, the disclosure of private keys, or the mathematical formulas or other systems used to develop or confirm private keys or key systems; and

(b) Records the disclosure of which might jeopardize the security of an issued certificate or a certificate to be issued.

SECTION 7. This act shall take effect and be in force from and after July 1, 1998.