Good point, my viewpoint is very american. Just further evidence that we don't always get the cool toys! Unfortunately, nationalized id cards and the like have always been met with stiff resistance.

Andy

---

From: "Tambet Matiisen" <[hidden email]>
To: [hidden email]
Sent: Thursday, January 6, 2011 1:51:45 AM
Subject: [ops-users] Re: Re: Re: Electronic Signatures

On 5.01.2011 17:58, Andrew J. Kallenbach wrote:

Using PKI, cards, and other mechanisms seem to have a collective ?huh? from most business managers. They are not easy to implement or understood by both potential users (employees and customers).

Estonia (where I live) has been using PKI-based digital signatures since 2000. Today I even don't remember, when was the last time I gave "real" handwritten signature. But I use my smartcard (ID-card) every day to log in to internet banks, sign bank transactions, sign contracts with my clients, etc. During last two votings I voted electronically.

OK, I may be biased, because I'm a software developer and my main client is the developer of Estonian ID-card software. But nevertheless, I just checked, 40% of signups to one webservice our company provides, are made using ID-card.

So I suppose you can make people accept PKI-based signatures, but it requires support, both legal and promotional, from the highest level - the government.

Regarding Orbeon - we just converted Estonian state portal www.eesti.ee from Chiba to Orbeon and launching it in coming months. It contains a component, that allows you to download responses from e-services digitally signed by portal. Or download the response encrypted, so that only you with your ID-card can decrypt it. It's not tightly integrated with Orbeon, it's more like a wrapper. And it uses Estonian DigiDoc format, which I suppose is not useful in other countries.

Additional reading:
http://en.wikipedia.org/wiki/Estonian_ID_card

  Tambet



[Text File:message-footer.txt]