1997 Regular Session
By: Senator(s) Hall
Senate Bill 2904
AN ACT TO AUTHORIZE THE USE OF DIGITAL SIGNATURES TO AUTHENTICATE DOCUMENTS; TO DEFINE CERTAIN TERMS; TO REQUIRE THE SECRETARY OF STATE TO LICENSE PROVIDERS OF CERTIFICATION SERVICES FOR DIGITAL SIGNATURES; TO REQUIRE THE SECRETARY OF STATE TO CERTIFY DIGITAL SIGNATURES FOR PUBLIC ENTITIES IN MISSISSIPPI; AND FOR RELATED PURPOSES.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MISSISSIPPI:
SECTION 1. This act may be cited as the "Digital Signature Act of 1997."
SECTION 2. It is the intent of the Legislature to facilitate economic development and efficient delivery of government services by means of reliable electronic messages; to foster the development of electronic commerce through the use of digital signatures to assure authenticity and integrity of writings in any electronic medium; to enhance public confidence in the use of digital signatures; and to minimize the incidence of forged digital signatures and fraud in electronic commerce.
SECTION 3. As used in this act:
(a) "Certificate" means a computer-based record which identifies the public key owner, contains the public key, identifies the certification authority and is digitally signed by the certification authority.
(b) "Certification authority" means a person who verifies a sender's public key by issuing a certificate.
(c) "Digital signature" means a message or part of a message which has been transformed using a computer program called a "private key" such that a person receiving the message can use a related computer program referred to as the signer's "public key" to determine whether the transformation was created using the private key that corresponds to the public key and whether the original message has been altered since the transformation was made.
(d) "Key pair" means a private key and its mathematically related public key in a digital signature system that has the property that the public key can verify a digital signature that the private key creates.
(e) "Private key" means a computer program, known only by its rightful owner, used to create a digital signature.
(f) "Public key" means a computer program used to verify a digital signature that may be disclosed publicly but cannot be used to forge the digital signature created by the corresponding private key.
(g) "Signature" means any word, group of letters, name, including a trade or assumed name, mark, characters or symbols made manually, by device, by machine or manifested by electronic or similar means, executed or adopted by a party with the intent to authenticate a writing.
(h) "Suitable guaranty" means either a surety bond executed by a surety authorized by the Mississippi Insurance Department to do business in this state, or an irrevocable letter of credit issued by a financial institution authorized to do business in this state by the Mississippi Department of Banking and Consumer Finance or federal law which, in either event, satisfies all of the following requirements:
(i) It is issued payable to the Secretary of State for the benefit of persons holding qualified rights of payment against the licensed certification authority named as the principal of the bond or customer of the letter of credit;
(ii) It is in an amount specified by rule of the Secretary of State pursuant to Section 4 of this act;
(iii) It states that it is issued for filing pursuant to this act;
(iv) It specifies a term of effectiveness extending at least as long as the term of the license to be issued to the certification authority; and
(v) It is in a form prescribed by rule of the Secretary of State.
(i) "Written" or "writing" means printing, handwriting, typewriting, engraving, lithographing and any information which is created or stored in any electronic medium and which is retrievable in an intelligible form such as a digital signature.
SECTION 4. (1) The Secretary of State shall serve as the certification authority to verify the digital signature of any public entity in Mississippi.
(2) The Secretary of State shall license private certification authorities, conditioned upon their showing:
(a) That they possess proficiency in encryption technology;
(b) That they possess sufficient working capital;
(c) That they maintain an office in this state or have established a registered agent for process in this state;
(d) That they provide a suitable guaranty as determined by the Secretary of State; and
(e) That they meet such other requirements as may be imposed by the Secretary of State.
(3) The Secretary of State shall have authority to revoke any license granted under the terms of this act upon notice and for good cause shown.
(4) The Secretary of State may impose a reasonable fee to cover the expenses of administering this section and shall adopt rules necessary to implement this section.
(5) Nothing in this act shall be construed to require any person to use digital signatures.
SECTION 5. A digital signature which has been verified by a licensed certification authority may be used to sign a writing and shall have the same force and effect as a written signature.
SECTION 6. The following records shall be exempt from the provisions of the Mississippi Public Records Act of 1983:
(a) Records containing information that would disclose, or might lead to the disclosure of private keys, or the mathematical formulas or other systems used to develop or confirm private keys or key systems; and
(b) Records, the disclosure of which might jeopardize the security of an issued certificate or a certificate to be issued.
SECTION 7. This act shall take effect and be in force from and after July 1, 1998.