Question to german users/ Frage an deutsche Benutzer

Graham graham.todd2@ntlworld.com
Wed May 28 07:24:02 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 27 May 2003 10:47 pm, Ingo Kl=F6cker wrote:

[snipped]
> Well, there is a EU-wide law (well, it's not really a law, but I
> don't know the proper English word) for digital signatures since a
> few months. So sooner or later (most likely later) all members of the
> EU will have a corresponding law.

I think the word you are looking for is an EU "directive".  This still=20
has to be enacted in Member states for it to become law in those=20
states, and of course providing the directive is implemented in full,=20
those states can add whatever they like when passing or not passing the=20
law.

This has already led to confusion of laws for agricultural matters=20
enacted in Member states :-)  But in this context, digital signatures=20
seemed to be defined as S/MIME signatures unless a Member state enacts=20
legislation to extend that.

[snipped]

> But I doubt there will ever be a qualified signature using OpenPGP
> since S/MIME is favored by the government (-> SPHINX) and because it
> would be too confusing if there were two competing types of qualified
> signatures.

I checked this with a lawyer since digital signatures are allowed to=20
authenticate documents as if they were signatures by recent legislation=20
in the UK.  Apparently, the *type* of digital signatures is not=20
specified in the Act of Parliament and the guidance notes states that=20
signatures generated by PGP are allowed.  This follows a recommendation=20
by a Committee dealing with e-commerce and is written in to the=20
Parliamentary proceedings in the various stages of the Bill before=20
Parliament before it became an Act (and therefore law).

So if PGP signatures are allowed in UK law to authenticate documents,=20
then it follows logically that OpenPGP signatures are allowed.

- --=20

Graham
GPG Keys at gpg.keys@ntlworld.com


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Please sign and encrypt for internet privacy

iD8DBQE+1ElsIwtBZOk1250RAh4EAJ9pPHgh0PDrCL3Hy/Zzd3WwHKMNRwCfdkjx
GnzRT85wUUj8w+sKAddf+tk=3D
=3Dyzsg
-----END PGP SIGNATURE-----