Interesting People mailing list archives
US relevant -- USPS digital signature annoucement
From: David Farber <farber () central cis upenn edu>
Date: Tue, 16 Aug 1994 13:49:27 -0400
Date: Thu, 4 Aug 1994 10:46:48 -0400 From: cmerri01 () reach com (Charles Merrill -- McCarter ^ English - Newark ) Subject: USPS Elec Comm Serv Quebec City, Canada, August 3, 1994--The U.S. Postal Service has dramatically increased its commitment to the security of communications on the NII, with the announcement of Postal Electronic Commerce Services ("Postal ECS"), which will offer a nationwide public key certification service for the authentication of digital signatures used in paperless electronic commerce. Richard Rothwell, Senior Director of Technology Integration for the USPS, officially released the news today in Quebec City, in a paper delivered to an international working group of the Information Security Committee of the American Bar Association's Section of Science and Technology, which has been developing guidelines for public key certification authorities. "Our initial implementation is based on the Digital Signature Standard (DSS) Algorithm set; but our plan is to support other cryptographic options such as RSA in the near future," Rothwell said. Public key digital signatures serve to authenticate the originator of a digital communication, validate the integrity of the message, fix the time and date of the message, and prevent the sender from subsequently repudiating the communication - all features which are critical to increasing trust in electronic commerce. The full text of the USPS announcement on Postal ECS follows, which may be duplicated and disseminated widely, so long as the entire text is included. ******************************************************************* Address to Information Security Committee, EDI/IT Division American Bar Association Section of Science and Technology Quebec City, Canada, August 3, 1994 Good afternoon My name is Richard Rothwell. I am Senior Director of Technology Integration for the United States Postal Service. I doubt there are many groups more aware of the sweeping changes taking place in communications than this one, or how those changes affect the way that all of us will do business in the future. Today I want to share with you my thoughts on the role of the Postal Service in this new age, and particularly, the role that we are being asked to assume in helping to facilitate the emerging world of electronic commerce. The Postal Service was established, at the birth of the United States, with the mission of binding together a diverse and far- flung nation through the correspondence of the people. It was, and is, a broad-based mission. Over a century ago, then acting Attorney General William Howard Taft wrote that "the makers of the constitution ... Had in mind the comprehensive view which regarded post offices ... As instruments for the transmission of intelligence," a mission they expressed "in very comprehensive terms..." today we are being asked by our customers to consider new ways of carrying out this mission. Today we live in a complex, cost conscious, interdependent society which is developing new electronic communication systems and re-inventing commercial practices. For many applications, the new efficiencies of electronic data communication, the benefits that it has provided to its early adopters, and the competitive pressures that this evolution has created are driving corporations, governments, and individuals to explore new ways of conducting business, and serving their customers and constituents. Yet, as many experts have noted, including many of you in this room, digital files as a rule are neither as secure nor as reliable as their paper counterparts. Digital files are designed to be easily manipulated by users on different computers. This is, of course, an essential element of the efficiency that electronic commerce conveys. But without some method of sealing a digital file to establish its contents, author, and time of transmittal, the benefits of electronic commerce will inevitably be limited to highly structured transactions between parties that know and trust on another. Such limits will severely constrain or wipe out the benefits of electronic data interchange. A recent article in Government Computer News noted that the use of trading partner agreements to structure edi agreements could require the services of hundreds of lawyers to negotiate, write, and argue about the agreements just for government procurement. This is evidence of the great degree of transactional friction that must inevitably accompany such an approach. If electronic commerce is not going to be limited to highly structured transactions between well known and trusted parties, other solutions must be developed to create an effective legal framework and electronic infrastructure. Electronic communication media cannot become a reliable basis for widespread business use without a trusted method of sealing digital contents, verifying the parties involved, and establishing an official date and time for the transaction. Government has similar needs. Trust and security are essential to the success of the National Information Infrastructure, the reform of government performance, and a number of other critical functions, such as the implementation of health care reform. Personal, educational, literary, and business correspondence traveling on the information superhighway must be electronically guarded so that all citizens are reasonably assured of the integrity of their records. The timely delivery of important electronic information, and the identity and authority of the people with whom they communicate are equally important. Without trust and security, all of the supercomputers and all of the high-speed networks in the world cannot make the N.I.I. Succeed on the broad functional basis for which it was conceived. As one of the nation's largest organizations, the United States Postal Service shares many of the concerns of both business and government. The Postal Service must manage transactions with thousands of organizations on a daily basis in the process of annually doing $49 billion of business moving 171 billion pieces of mail. But our concerns are no different from those of any large enterprise in the world today trying to make its operations more efficient. There are not likely to be many in this room who do not believe in the need for a mechanism for establishing the reliability of an electronic transmission, and binding an individual to it. I therefore do not believe that it will be necessary to conduct a detailed exploration of the advantages of building a public key infrastructure as a solution to the technical problems of providing security for electronic documents. What I will talk to you about is the role the Postal Service can play in providing these technical solutions where they are needed. There are several reasons why the Postal Service is developing platforms for providing solutions to these problems. First, our general duty to "bind the nation together through the personal, educational, literary, and business correspondence of the people" has taken on new meaning now that a hybrid information highway, part paper and part electronic, has become a reality and will continue to be for at least the next decade. Second, not surprisingly, our customers are asking us to play an expanded role in facilitating paper and electronic commerce because we have unique legal and institutional resources to accomplish the task. And third, we have to develop electronic services to meet our customers' needs for faster, more efficient handling of their products. A core function of the Postal Service will remain the transmission of hard copy messages to and from residences and businesses in America. As I've noted, that function flows out of our core mission to bind the nation together. The Postal Service has other missions as well. We are tasked to provide service on a universal basis to patrons in all areas and to all communities. We are required to use every effort to provide efficient and expeditious delivery of correspondence. We are charged with protecting the privacy of postal customers and may not make available to the public by any means or for any purpose any mailing or other list of names or addresses, past or present, of postal patrons or other persons. And we are charged with maintaining the security and integrity of the mails, and investigating postal offenses and civil matters relating to the Postal Service. As a consequence of these missions, the Postal Service has at least three assets which make us a likely candidate to play a role in this emerging field. First, the Postal Service already has much of the legal and institutional infrastructure necessary to assist in the development of widespread electronic commerce. Second, our size and widely distributed resources give us the practical tools to provide a much-needed service on a universal basis. Third, we are uniquely situated to protect core values such as security and individual privacy as well as universal access to the tools of electronic commerce. Let me discuss these one at a time. First, the Postal Service has the legal structure to perform the duties of managing a certificate authority. The post office was originally established by the Continental Congress as the United state's first information highway. For over two hundred years, a sophisticated regime of statutes, regulations, and policies has developed to provide the infrastructure which enables secure, efficient, and inexpensive transmission of paper communications. For 200 years, the United States Postal Service has certified mail, sealed it with the power and authority of law, provided responsible and timely mail delivery, and insured patrons against loss or theft. A reliable and trusted mail system remarkably free of corruption or abuse has accompanied the development of a system of commerce in the United States which is second to none in the world. For hardcopy communications, the legal framework is already in place to handle issues such as liability, indemnity, confidentiality, fraudulent use, theft, definite dating, etc. A similar framework will be required to support electronic commerce. Customers have suggested that the Postal Service may be in a unique position to provide part of that structure. For example, some customers have suggested that they are concerned with their own capacity to handle liability issues, and that the Postal Service provides a ready-made solution to this problem. Others have expressed concern about the confidentiality problems inherent in dealing with other companies, while still others have asked for a regime for controlling fraud which is as strong and convenient as that in place for mail fraud. Thus, the strong legal framework established for handling paper communications can provide similar benefits for electronic commerce. Second, our customers are asking for our assistance in this area because we have unique practical assets, including: * The 40,000 retail facilities distributed nationwide * Universal presence and the capacity to achieve significant scale * The resources of an existing National Information Infrastructure * A very strong verification process currently used for passports, that involves proof of id and other information to a federal employee. * The experience, policies, and ability to archive records without risk that they would be used for collateral commercial purposes. The Postal Service is also a remarkably long-lived organization, and those of you who have struggled with archiving policies will recognize that to be an important advantage. As Bob Jueneman has said on the internet, "Certificates 'R Us" may be gone tomorrow. If you have to prove that a certificate was registered on a certain date, and you are seeking an appropriate archiving facility, you can have confidence the Postal Service will still be around to support your request. A third strength the Postal Service brings to enabling electronic commerce, and another reason that our customers have asked for help, is our capacity to create certificate management systems that can reach virtually every community in America, because we already have a substantial presence in those communities. We can therefore provide a solution to the question of how to put the tools of electronic commerce, such as certificates, into the hands of everyone. There are many obstacles to prevent citizens from taking advantage of the benefits of electronic commerce. Currently there are technological, geographic, economic, and knowledge barriers which prevent people from participating in the benefits of electronic commerce. To provide universal service to electronic commerce we must provide access which is universally usable and ubiquitous and scalable. By providing a solution to some of these access problems, the Postal Service may have an important role to play in ensuring that future communications in America provide a continuing framework for sustaining a democratic, participatory society. Thus, many of the institutional features needed by an entity wishing to take part in certificate issuance and management already exist in the United States Postal Service. The Postal Service was established to provide very similar services for the support of correspondence when the physical frontier was chaotic and hard to reach. It is ready to provide similar services on the electronic frontier. As the Postmaster General has informed Congress, we are actively supporting the development of the N.I.I. To facilitate the development of our own business and to help us carry out our mission. On March 24, the Postmaster General testified before the senate affairs committee that "working with other federal agencies, we may be able to develop an electronic commerce system." He also noted that, through the development of a kiosk program that might carry out postal transactions and perhaps also disseminate information from other agencies, our postal lobbies could become "on-ramps" to the electronic super highway. the Postmaster General highlighted two important areas in which the Postal Service may be helpful: serving the requirements of other government agencies, and providing universal service to those citizens who are in danger of being left out of the information revolution. To these he might have added a third, equally important area: protecting the privacy of American citizens. This concern is deeply embedded in postal tradition and statute. When we speak of the security of electronic commerce we should not miss the way in which commercial security and individual privacy are interconnected concepts. While it is too early to know what precisely lies ahead, let me share with you a general description of the systems we are developing, both for our own use and for that of our customers. The Postal Service is using public key encryption technology, and related technologies, to develop a public key certification authority and a set of associated trusted third party services which we call Postal Electronic Commerce Services (Postal ECS). When initially deployed, Postal ECS will provide a basis for electronic assurances within and among government agencies, and between government agencies and their constituents. In particular, the Postal Service has developed the ability to: * Issue public key certificates and store them in a public directory; * Provide for the "sealing" of selected documents or other electronic objects and associating them with a digital signature and a trusted time and date stamp; * Provide services for public key certificate publication and revocation; and, * Provide the ability to encrypt confidential information moving between the user environment and the Postal ECS management system. * Finally, provide near real-time access to certificates and their status. The certification authority will issue and manage X.509 public key certificates containing a person's X.500 distinguished name, public key, and other identifying information. Users can then retrieve a certificate from the Postal Service, and use its public key to authenticate a digital signature generated by the complementary private key. The correspondence service provided by the system is the Postal ECS seal which provides users with a validation of the originator based on his or her digital signature. We also provide a postal service digital signature on the digest of an electronic object that assures that it cannot be changed without detection. We also provide the Postal Service digital signature on a date and time stamp that we supply to enable proof of existence at a point in time and we provide archiving for those date and time stamps. Finally, we provide near real-time access to certificates and their status. This allows a user to get up-to-date information on the validity of certificates, and removes the need for users to maintain their own certificate revocation lists. The Postal Service has implemented the certificate authority services, the correspondence services and the supporting directory on a host computer system in one of our major production data centers. We have also developed three postal service-licensed user agents as reference models to be installed on end user workstations that will provide access to Postal ECS services. They run on Microsoft Windows-based PCs and access Postal ECS services via e-mail (either internet or X.400). We are also working on an interactive dial-up communication alternative and expect this to be available shortly. These user agents contain standard programming interfaces that link user applications, cryptographic routines, and ECS services together. Our initial implementation is based on the digital signature standard (DSS) algorithm set; but our plan is to support other cryptographic options such as RSA in the near future. We are now moving from developmental work to actual proof of concept pilot testing of these services both internally in the usps and with our government agency partners. Our plans will evolve as we gain experience from these initial pilot tests and continue to talk with customers, and experts in encryption, software development, and computer science. We have shared our plans with Congress, the administration, and the media. And we have asked ourselves three key questions: * Is this initiative critical to our mission and our responsibility to the public? * Do our customers have a need for our participation? and, * Would the costs of providing these services be balanced by potential revenues? Certainly the responses that we have received to date more than justifies our view that this is an area in which we should continue to be an active participant. Before concluding, let me directly address a controversial philosophical discussion about certificate management so you can understand what we see as the future world of electronic commerce. There has been a great deal of debate about the relative advantages of hierarchial versus peer-to-peer or one- level models for management of digital signature. To some extent, I believe this debate misses the point. The system for managing X.500 certificates that will eventually be adopted will be adopted only because it meets the business needs of the users. Because the complex communication needs of the future will require flexibility to meet individual desires, some mix of hierarchial and peer-to-peer or flat management schemes will be adopted. What the recipient of an electronic document signed with a digital signature needs to know is how much weight to give that signature -- or, in other words, what actions to take based on an evaluation of the sender. This is exactly the same thing that is decided every day by people -- should we sell securities to a voice over the phone? Should we place an order with a new salesman? Given the infinite variety of possible transactions and encounters, there is no point in trying to impose on electronic transactions a single paradigm for authentication. Different levels of assurance, and different architectures, will be necessary for different uses. What is important is that the parties to the transaction are aware of the level of assurance provided. The Postal Service can be of assistance in filling some specific needs in the certificate arena, but it has no intention of controlling or dominating that arena. For the near future the universe of electronic commerce will continue to have many different galaxies. Many varying concepts and services will be able to make valuable contributions. Many other entities will provide services in this area: as vice president gore has noted in numerous speeches, there is a role for both private and public entities. We plan to provide services based upon identified needs, which customers will decide whether or not they will use. In keeping with the philosophy I have articulated, let me say that the Postal Service, in any development of these products, intends to support multiple cryptographic products in the market place. In addition, we will not compete with network service providers, nor will we become a network or carrier. In developing these services, we are keenly interested in the work of this group. While the technology and scale issues seem to us to be manageable, we recognize that there are still many legal questions concerning the way in which the design of a public key infrastructure management service might best work. The liability issues are not yet completely clear, and the duties of each entity in such an infrastructure need to be articulated. As customers seek our services, we will have to face questions of scalability, investment, and the regulatory issues associated with the introduction of a new service. Can the service be managed? What investment will be required? How will regulators have us present the service to the public and at what price? We greatly appreciate the exchange of views that this forum makes possible. We all have much to learn in this area, and I believe we should welcome the fact that we live in such interesting times. [end]
Current thread:
- US relevant -- USPS digital signature annoucement David Farber (Aug 16)
- <Possible follow-ups>
- Re: US relevant -- USPS digital signature annoucement David Farber (Aug 17)