PKI questions answered
16 Sep 04
Key questions and answers about Public Key Infrastructure (PKI)
Following on from last month’s article on LawSeal, here’s a reminder of the key facts you need to know about PKI.
What is PKI?
Public Key Infrastructure (PKI) is much more than a simple software product. It is software, technical know-how, procedures, administration and documentation which, when combined, provide a secure and trusted environment for electronic-based communications.
The Society’s PKI initiative is called Lawseal and is expected to be launched early in 2003.
What are public and private keys?
Fundamental to the way PKI works is the concept of digital public and private keys. Public and private keys are manufactured simultaneously and operate as a pair. They are useless without each other. Public keys can and should be distributed to everyone you want to communicate with electronically. Private keys must be kept confidential. When someone wants to send a message securely they use the public key of the recipient to encrypt the message and send it in the knowledge that only the intended recipient can decrypt it using their private key. No one else can read or change the document.
What about digital signatures?
In addition to encryption, a private key can also be used to digitally sign a document or e-mail before it is sent. The recipient then uses the corresponding public key to verify the signature, thereafter proceeding with confidence, assurance and trust that the person who sent it is who they claim to be.
Who needs them?
Legal Aid forms may soon be available, and able to be completed, on-line; small claims cases may be on-line by the end of 2002; automated Registration of Title and Electronic Conveyancing is already being piloted; sweeping powers to permit electronic tax returns are included in the Finance Act 1999, section 132; Companies House and Data Protection Notifications can already be filed on-line.
Why is the Law Society of Scotland spearheading a PKI initiative?
The Society believes IT and electronic communications offer significant advantages and want to ensure the profession is best placed to take maximum advantage of these. The Society already maintains the Roll of solicitors, so it is a natural extension to issue and maintain digital keys and certificates.
LawSeal will give members a single PKI which will meet their specific needs and requirements. It will be designed to meet the Government’s accreditation criteria for PKIs.