[Congressional Bills 106th Congress]
[From the U.S. Government Publishing Office]
[H.R. 1572 Introduced in House (IH)]







106th CONGRESS
  1st Session
                                H. R. 1572

   To require the adoption and utilization of digital signatures by 
  Federal agencies and to encourage the use of digital signatures in 
                private sector electronic transactions.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                             April 27, 1999

     Mr. Gordon (for himself, Mr. Sensenbrenner, and Mr. Brown of 
 California) introduced the following bill; which was referred to the 
                          Committee on Science

_______________________________________________________________________

                                 A BILL


 
   To require the adoption and utilization of digital signatures by 
  Federal agencies and to encourage the use of digital signatures in 
                private sector electronic transactions.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Digital Signature Act of 1999''.

SEC. 2. RECOGNITION OF DIGITAL SIGNATURES.

    (a) Requirement.--To the extent that a Federal agency recognizes a 
written signature as authenticating a document, the agency shall 
recognize a digital signature as authenticating an equivalent 
electronically formatted document.
    (b) Effective Date.--Subsection (a) shall take effect 1 year after 
the date of the enactment of this Act.

SEC. 3. DIGITAL SIGNATURE INFRASTRUCTURE.

    (a) Guidelines and Standards.--Not later than 6 months after the 
date of the enactment of this Act, the Director, in consultation with 
industry, shall develop digital signature infrastructure guidelines and 
standards for use by Federal agencies to enable those agencies to 
effectively utilize digital signatures in a manner that is--
            (1) sufficiently secure to meet the needs of those agencies 
        and the general public; and
            (2) interoperable, to the maximum extent possible.
    (b) Elements.--The guidelines and standards developed under 
subsection (a) shall include--
            (1) technical security requirements for digital signature 
        infrastructure products and services;
            (2) validation criteria to enable Federal agencies to 
        select digital signature infrastructure products and services 
        appropriate to their needs; and
            (3) minimum interoperability specifications for the Federal 
        acquisition of digital signature infrastructure products and 
        services.
    (c) Coordination With National Policy Panel.--The Director shall 
ensure that the development of guidelines and standards under this 
section is carried out in coordination with the efforts of the National 
Policy Panel for Digital Signatures under section 7.
    (d) Revisions.--The Director shall periodically review the 
guidelines and standards developed under subsection (a) and revise them 
as appropriate.

SEC. 4. VALIDATION OF PRODUCTS.

    Not later than 6 months after the date of the enactment of this 
Act, and periodically thereafter as appropriate, the Director shall 
make available to Federal agencies and to the public an evaluation of 
the conformance with the guidelines and standards developed under 
section 3 of commercially available digital signature infrastructure 
products, and other such products used by Federal agencies.

SEC. 5. ELECTRONIC CERTIFICATION AND MANAGEMENT SYSTEMS.

    (a) Criteria.--Not later than 6 months after the date of the 
enactment of this Act, the Director shall establish minimum technical 
criteria for the use by Federal agencies of electronic certification 
and management systems.
    (b) Evaluation.--The Director shall establish a program for 
evaluating the conformance with the criteria established under 
subsection (a) of electronic certification and management systems, 
developed for use by Federal agencies or available for such use.
    (c) Maintenance of List.--The Director shall maintain and make 
available to Federal agencies a list of electronic certification and 
management systems the Director has evaluated as conforming to the 
criteria established under subsection (a).

SEC. 6. REPORTS.

    Not later than 6 months after the date of the enactment of this 
Act, and annually thereafter, the Director shall transmit to the 
Congress a report that includes--
            (1) a description and analysis of the utilization by 
        Federal agencies of digital signatures;
            (2) an evaluation of the extent to which Federal agencies' 
        digital signature infrastructures conform to the guidelines and 
        standards developed under section 3(a);
            (3) an evaluation of the extent to which Federal agencies' 
        electronic certification and management systems conform to the 
        criteria established under section 5(a);
            (4) the list described in section 5(c); and
            (5) evaluations made under section 4.

SEC. 7. NATIONAL POLICY PANEL FOR DIGITAL SIGNATURES.

    (a) Establishment.--Not later than 90 days after the date of the 
enactment of this Act, the Under Secretary shall establish a National 
Policy Panel for Digital Signatures. The Panel shall be composed of 
government, academic, and industry technical and legal experts on the 
implementation of digital signature technologies, State officials, 
including officials from States which have enacted laws establishing 
digital signature infrastructures, and representative individuals from 
the interested public.
    (b) Responsibilities.--The Panel shall serve as a forum for 
exploring all relevant factors associated with the development of a 
national digital signature infrastructure based on uniform standards to 
enable the widespread availability and use of digital signature 
systems. The Panel shall develop--
            (1) model practices and procedures for certification 
        authorities to ensure the accuracy, reliability, and security 
        of operations associated with issuing and managing digital 
        certificates;
            (2) standards to ensure consistency among jurisdictions 
        that license certification authorities; and
            (3) audit standards for certification authorities.
    (c) Coordination.--The Panel shall coordinate its efforts with 
those of the Director under section 3.
    (d) Administrative Support.--The Under Secretary shall provide 
administrative support to enable the Panel to carry out its 
responsibilities.
    (e) Report.--Not later than 1 year after the date of the enactment 
of this Act, the Under Secretary shall transmit to the Congress a 
report containing the recommendations of the Panel.

SEC. 8. DEFINITIONS.

    For purposes of this Act--
            (1) the term ``certification authorities'' means issuers of 
        digital certificates;
            (2) the term ``digital certificate'' means an electronic 
        document that binds an individual's identity to the 
        individual's digital signature;
            (3) the term ``digital signature'' means a mathematically 
        generated mark utilizing asymmetric key cryptography techniques 
        that is unique to both the signatory and the information 
        signed;
            (4) the term ``digital signature infrastructure'' means the 
        software, hardware, and personnel resources, and the 
        procedures, required to effectively utilize digital 
        certificates and digital signatures;
            (5) the term ``Director'' means the Director of the 
        National Institute of Standards and Technology;
            (6) the term ``electronic certification and management 
        systems'' means computer systems, including associated 
        personnel and procedures, that enable individuals to apply 
        unique digital signatures to electronic information; and
            (7) the term ``Under Secretary'' means the Under Secretary 
        of Commerce for Technology.
                                 <all>