contacto@lyris.com.ar
Edificio TICs, PTLC, ruta 168, Paraje, S3000. Santa Fe (Santa Fe)
It is a technology that allows you to sign electronic documents, that is, it gives an electronic document the same properties as a document signed on paper. It is the result of applying a mathematical procedure to a digital document.
This technology emerged to respond to the need to have the same properties that the holographic signature provides in digital documents.
In this way, transactions with documents can be carried out through the Internet, it is no longer required to have the presence of the person to sign a document, it can be generated electronically, signed and sent and have the same legal validity as a document. signed on paper.
The properties of a signed document, on paper or digital, are: authorship, integrity and non-repudiation.
In the case of paper support, the authorship is found in the signature that the author made on the document, integrity is ensured by considering that every signed document is complete and amending and re-signing any error or addition and non-repudiation establishes it the jurisprudence.
In the case of the digital signature, authorship and integrity is guaranteed by the technology and infrastructure that supports it and non-repudiation, Law No. 25,506 on digital signature, which gives it full validity.
The benefits are many and high-impact, especially because new information and communication technologies (ICTs) and the Internet are used.
This results in drastic reductions in time and costs, since now a document can be signed and, therefore, business and transactions can be completed from anywhere in the world and at any time, without shipping, paper or printing costs.
It is a document in digital support, which attests to the link between a public key and a person or entity.
It is digitally signed by an authority that issues it and is authorized to do so and is generated under the format defined by international technological standards.
A Certification Policy is a statement of the conditions under which digital certificates are issued, to which subscribers it is addressed, with what validity, security and contingency aspects have been considered, etc.
Anyone who wishes to use this technology must identify a provider of digital signature services in order to obtain a pair of keys that will be used to operate.
This service provider is called the Certifying Authority (CA) because it is the one who certifies the relationship between a person and their key, which generates the trust required by third-party users who receive documents signed by this person.
Every person who wants to sign digitally must request a pair of keys, which are related:
* A private key, which is your exclusive control and knowledge and
* A public key, associated with the previous one, which allows it to be disseminated so that third-party users can verify the signature of that person.
The owner of the key pair is responsible for protecting his private key, since the public key, as its name indicates, is public knowledge.
The private key is of exclusive control and knowledge of the user and he is responsible for its custody.
Therefore, one of the best ways to protect it is to use a cryptographic device at the time of your request. This device adds specific security levels for this type of password.
A cryptographic device, also sometimes called a TOKEN, is a physical device similar to a pen drive in terms of its size and portability, but which has other technical characteristics that provide higher levels of security than the latter, among which the following stand out:
* It is not automatically recognized by the operating system, but requires the use of installation software. This means that its use is not as simple as in the case of the pen drive, providing greater security
* It has an internal cryptographic mechanism that requires entering a user password, providing a level of access security.
* The private key is deposited on the device and never leaves the device, not even to sign a document, since the signature is generated inside the device and exported outside the device. In the event of forgetting the access code or losing the device, the pair of previous codes must be revoked and a new one requested, since a copy of the code found inside the device can never be made. This implies an important level of security, since the key resides on the device and under no circumstances leaves it.
The signing of a document is done through software, which is done transparently and automatically for the user.
The user uses his private key to sign and whoever receives the document signed over the Internet verifies it using the public key that is sent together with it and that appears in the digital certificate issued by the corresponding CA
The beginning is generated with the sanction of Law No. 25,506 of digital signature in the year 2001, from there many complementary regulations were issued both nationally and in the Argentine provinces.
Our Law 25,506 establishes full legal validity for digital signatures and electronic signatures, as well as probative value for documents signed by these technologies.
The digital signature has the attributes of authorship, integrity and non-repudiation, while the electronic signature only has the first two, lacking non-repudiation.
The first of them is considered generated under all the conditions established by Law 25,506, while the second lacks any of the legal requirements to be considered a digital signature.
In practice, both use the same technological standards but in the case of the digital signature all the steps of the law have been fulfilled, including the licensing of the Certifying Authority before the Licensing Entity or root of the trust scheme that is established through of said authorities.
The METySS of the Nation has issued a complementary regulation to Law 25,509 of digital signature for the depaperization of digital payment receipts in organizations. The resolutions issued are:
* Resolution No. 1455/2011 of the Ministry of Labor of the Nation – Regulates the authorization regime to issue digital salary receipts
* Resolution No. 1455/2011 of the Ministry of Labor of the Nation – Establishes the procedure for the issuance of digital salary receipts
* ST Resolution No. 1183/15 and 1191/15, modifying resolutions 1362 and 602 respectively
A Certification Authority is a body that issues digital certificates to people under a certain Certification Policy, thus generating the necessary trust in users for their use.
Each certificate issued by a CA certifies the relationship between a person and a public key and is sent together with the signed document so that third-party users can verify the document’s authorship.
A Digital Signature Authority is a body that issues digital certificates under a certain Certification Policy and has completed all the steps established by Law 25,506 and its complementary regulations, including its licensing.
In Argentina there are Certifying Authorities for digital signatures and electronic signatures.
Although this is a distinction made by our Law 25,506, the same regulations also grant full validity to both.
Argentina has digital signature CAs in the public and private spheres, and electronic signature CAs only in the private sphere.
The digital signature CAs of the public sector are located in the National Government and are located in:
* National Information Technology Office (ONTI) the CA that issues digital certificates for all public employees in the country
* AFIP, issues certificates for agency employees throughout the country
* ANSES, issues certificates for its employees
* Government of Saint Louis
Digital signature CA in the private sector:
* Encode, issues certificates for use by employees and management personnel in work-related activities
The electronic signature CAs available are:
*Verisign
* Comfortable
The procedure is performed by the user on his machine. Through the Internet, connect to the CA page and enter the link offered to request certificates.
There the user must provide their personal data and a contact email. A formal application note is then generated, which you must print and sign by hand.
Then the CA sends an email to verify that the email declared by the user is valid. The user must answer it following the instructions it contains.
Then the user receives a second email instructing him to enter a specific link where the key pair is generated (on his machine or on the cryptographic device).
Subsequently, the user must appear at the place indicated by the CA with the printed and signed note to prove their identity in person and only once.
Once this procedure has been carried out in person, the user receives an email with instructions to withdraw the public key digital certificate that has been issued.
The AC provides the following services to the user:
* Public Key Certificate Request
* Renewal of the Public Key Certificate (when it is close to the expiration of its validity date)
* Revocation of the Public Key Certificate (when the user’s private key is at risk, either due to loss or possible knowledge of it by another person)
* Publication of the Certification Policy, that is, the conditions under which digital certificates are issued
