Indiana Administrative Code
Title 20 - STATE BOARD OF ACCOUNTS
Article 3 - DIGITAL SIGNATURES
Rule 2 - General Provisions
Section 2-2 - Criteria for acceptable digital signature technology

Universal Citation: 20 IN Admin Code 2-2

Current through September 18, 2024

Authority: IC 5-24-3-4

Affected: IC 5-24

Sec. 2.

A digital signature on a message received by or filed with the state shall be effective if the digital signature technology used to create the digital signature enables it to meet the following criteria:

(1) It is unique to the person using it, including the following:

(A) The private key used to create the signature on the message is only required to be known by the signer.

(B) The digital signature is created when the signer runs a message through a one-way function, creating a message digest, then encrypting the resulting message digest using an asymmetrical cryptosystem and the signer's private key.

(C) The signer has been issued a certificate by a certification authority on the approved list of certification authorities to certify that he or she controls the private key used to create the signature.

(D) It is computationally infeasible to derive the private key from knowledge of the public key.

(2) It is capable of verification. The acceptor of the digitally signed message can verify:

(A) by using the signer's public key, that the message was digitally signed by using the signer's private key;

(B) that the certificate was valid at the time of the transaction; and

(C) either through a certification practice statement or through the content of the certificate itself, the proof of identification the certification authority required of the signer prior to issuing the certificate.

(3) It is under the sole control of the person using it. The person who holds the private key, as identified in the certificate, assumes a duty to retain control of the private key and prevent its disclosure to any person not authorized to create the subscriber's digital signature.

(4) It is linked to data in such a manner that if the data are changed, the digital signature is invalidated.

Expiration postponed by Executive Order #04-31, December 29, 2004.

Disclaimer: These regulations may not be the most recent version. Indiana may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.