Report on the 16-18 October 1997 ISC Meeting, held on Capitol Hill, Washington DC
As always, most meeting time was spent in breakout sessions, where the several Working Groups in the ISC met to press forward on the work product each has promised. Brief reports from each of the WGs will follow a summary of the other events which took place during the meeting.
Lunch with the Congressional Caucus
Though Congress was in recess, the ISC met with staffers in the Congressional Caucus whose job it is to educate members of Congress about the Internet. ISC Chair Michael Baum made a brief presentation on the basics of public key cryptography and the value that digital signatures offer to secure electronic commerce and the legal profession. Other speakers included:
John Sabo, Social Security Administration. Described efforts by SSA to go on the Web, not all of it pretty, but noted the rate of growth of Web users as indicative of citizen interest in a responsive government.
Daniel Weitzner, Founder and currently Deputy Director, Center for Democracy and Technology. Weitzner discussed issues of privacy and the importance of retaining the freedoms guaranteed to us by the Constitution in the digital age.
Private Presentations on Friday and Saturday
Bruce McConnell, Office of Management and Budget, gave an update on the Administration's position on public key cryptography and secure electronic commerce. As of mid-October, the Administration was in support of S909. He recommended http://www.cio.fed.gov as a starting point for understanding the federal view of information.
Judge B. Paul Cotter of the Nuclear Regulatory Commision spoke on the ANSI X12 electronic filing standard. Judge Cotter gave an overview of electronic filing with the courts to date – he termed it a "Tower of Babel," and agreed to co-author an article for the upcoming PKI Issue of Jurimetrics on the topic with an ISC member in the e-filing field.
Carl Ellison, CyberCash, presented on the ability to eliminate the need for identity certificates. The thesis being, because of the relative lack of necessity for knowing who someone is on-line, the more important issue is generally, does this person have the ability (credentials, credit, et cetera) to back up what they have digitally signed for? URLs for those interested in the details of his presentation: http://www.clark.net/pub/cme/nist-7-24/ for the paper on this topic submitted to NIST, and http://www.clark.net/pub/cme/html/spki.html for pointers to SPKI and SDSI work-in-progress.
Press in Attendance
Angela Drolte Gregorits, reporter with BNA's Electronic Law and Policy Report, sat in on Friday's session and interviewed several members of the ISC.
Working Group Reports
Accreditation
Continued its work on an Accreditation Handbook. After a meeting with NACHA, received endorsement for the ISC's work-product to serve as the standard from which NACHA's PKI accreditation efforts will profile in its interoperability and accreditation pilots.
Liability – The Liability Subgroup is working on the ABA ISC's accreditation document, developing:
1) policy modules on liability issues which can be used to choose or certify a PKI or CA, and
2) suggested clauses on liability issues which can be used in CPS's or in cross-certification agreements.
We expect that the policy modules and clauses will be competed at the next meeting in San Francisco. In addition, the liability subgroup has prepared a legal analysis of PKI/CA liability issues with regard to both digital signature and confidentiality encryption services. Work on the legal analysis is almost completed, but has been set aside pending completion of the accreditation work. Finally, the liability subgroup has done a preliminary analysis of the liability of application software providers. Work on that issue in San Francisco will depend on WG members' continuing interest in the topic.
Key Recovery – The Key Recovery Working Group has identified the areas in which text must be drafted for its primary work product, the Framework for Key Recovery, and has assigned drafting tasks among the membership. The group has also identified some work from the Key Recovery Alliance, the Liability Working Group, and the Insurance Working Group that can be adapted to The Framework. The KReWG will be pulling in and editing text through the end of the year. Finally, the Group is redrafting the ISC resolution for Section consideration for blanket authority.
Legislation and Policy – The Legislative and Policy Work Group held it's electronic signature legislation conference call where states and federal participants gave updates on legislation and regulatory activities. The group also worked with Daniel Bennett, of Congresswoman Eshew's Office to discuss implications of legislation being drafted by that office. The legislation would require Federal agencies to make forms available on the Internet and would provide for security criteria and management structures. Finally, the group began work on a draft statement of the relative roles of state and federal legislation in the area of electronic signatures generally and digital signatures specifically. The statement will begin to define respective areas of jurisdiction. A draft will be available for comment at the next ISC meeting.
Evidence: Report to be Submitted.
Addendum: Report to be Submitted.
Comparative Law Work Group: Report to be Submitted.
Global Electronic Trade Work Group: The Global Trade work group includes a liaison role to other ABA Committees and an outreach role to assure that the views of a broad range of industries are represented. The Global Trade work group will coordinate with the international legal working groups of the Information Security Committee and ABA to assure that global issues are properly represented. Lastly, the Global Trade working group has been charged with making sure that business, technical and legal issues which may act as potential barriers or enablers of international electronic trade and commerce are addressed. To that end, we will, where possible, call for and facilitate dialogue between the business, technical and legal communities.
