Welcome to PKILawsm.com --  A PKI information exchange emphasizing emerging legal issues, to hasten the implementation of Public Key Infrastructure  throughout the world.  This is a place where  PKI novices can learn the basics, and where PKI professionals from diverse disciplines (legal, technical, accounting and business, to name a few) can broaden their horizons by exchanging views.    Send us e-mail with  text or links to your own insights and writings, and put us in touch with newsworthy events or work of others.   Degree of difficulty from the standpoint of a nontechnical person: Easiest More Difficult For Experts.
Send E-Mail to Webmaster Charles ("Chas") Merrill, Esq.
Principal Subjects 
I.  Basics of Public Key Cryptography V.  PKI Accreditation - The Right Combination
II. What PKI Does  - The Killer Apps VI. Secure Electronic Commerce as an Industry 
III.Technology Battlefields VII. Individual Rights of PKI End-Users and "Consumers"
IV. Global PKI Legislation/Regulation VIII. Useful PKI Websites and Compilations of PKI Links
What's New - Easiest More Difficult For Experts
    [Links below show date of item  - Follow link to find the item organized by Subject with other items like it]  Copyright & Service Mark 
 Year 2000            Go to  ==>  [Earlier Year 1999] ==> [Earlier Year 1998]

 April 2000
4/30 at VII.c. Clinton Admin Proposals for Legislation to Tighten Sharing of Consumer Info by Financial Service Industry 
4/25 at VII.c. Gramm/Leach/Bliley Bill (Full Text and Summary by Peabody & Arnold LL) , Allowing Financial Service Industries to Combine 
4/25 at VII.c. Federal Trade Commission Rules for Protection of Financial Privacy of Individuals under Gramm/Leach/Bliley Bill 
4/21 at VII.d  Federal Trade Commission Final Rule implementing the Children's Online Privacy Protection Act of 1998 (COPPA) 
4/13 at VII.d. Canada Bill C-6 Royal Assent. Full Text and Summary of Part 1 re Privacy.  Follows EU Data Prot Directive & Quebec 1994
4/13 at IV.d.. Canada Bill C-6 Royal Assent. Full Text and Summary of Parts 2&3 re Secure Electronic Signatures, Evidentiary Presumptions

 March 2000
3/28 at V.c.  AICPA/CICA Exposure Draft WebTrust SM/TM Principles and Criteria for CAs v1.0 - Comments by SGWilson PWC Austr
3/16 at II.c.  PKI Digital Sigs as a Special Case of Electr Sigs - PKI w/o Special DigSig Legislation. Slides for NJSBA, Chas Merrill, McC&E
3/15 at III.e. Article in CIO Magazine by Charles Merrill, "Time is of the Essence." Secure time-date stamping complements PKI. 
3/1 at VII.d.  FTC Proposed Rule on Privacy of Consumer Financial Information under Gramm/Leach/Bliley Bill S.900

 February 2000
2/24 at VII.d. Privacy - Negotiations between European Union and US Dept of Commerce - Safe-Harbor Compromise on Self-Regulation
2/1 at VII.d.  COPPA (Children's Online Privacy Protection Act of 1998) Official Summary of Final Rule Posted on FTE Website

 Go to  ==>  [Earlier Year 1999] ==> [Earlier Year 1998]
I.  Basics of Public Key Cryptograpy
a.  How Public Key Cryptography Works c.  Sink the Clipper Chip Forever 
b.  The Role of Certification Authorities (CAs) d.  PKI General Bibliography
II.  What PKI Does  - The Killer Apps
a.  Digital Signatures d.  Document Integrity 
b.  Secure Messaging e.  Securing Access to Private Info
c.  Payments  f.  Non-Repudiation 
III.  Technology Battlefields
a.  Encryption Cracking  d.  Biometrics
b.  Smart Cards  e.  Time-Date Stamping
c.  Quantum and DNA Computing 
IV.  Global PKI Legislation/Regulation
a.  Toward a Global PKI  d.  Outside the US Today
b.  Judicial Activities e.   Technology-Neutral non-PKI Minimalist E-Commerce Legislation
c.  US Initatives Today
V.  PKI Accreditation - The Right Combination 
a.  The Process of PKI Accreditation c.  PKI  Standards: The  Rows - IETF PKIX4
b.  Draft Certificate Policies (CPs) and Certification Practice Statements d.  PKI Standards: The Columns - Different Objectives 
VI.  Secure Electronic Commerce as an Industry
a.  The Players  c.  Examples of Internet Security Breaches - Secret-Key,  Not PKI
b.  The Economics  d.  Examples of PKI Use
VII.  Individual Rights of PKI End-Users and "Consumers"
a.  General - Focus on the Application Not on the Technology d.  Privacy - Human Dignity and the Right to be Left Alone
b.  Privacy - Personal Health Information e.  Liability - Between CA and End-Users (including Consumers)
c.  Privacy - Personal Financial Information f.   Liability - Between End-Users, (including Consumers)
VIII.  Useful PKI Websites and Compilations of PKI Links - Please E-mail to add your Favorites
a. Legal Emphasis  d.  Standards and Standards Organizations Emphasis
b. Technical Emphasis  e.  Computer Security (Compusec) Generally
c. E-Commerce Generally
Chas Merrill/Webmaster
Website including text and graphics and compilation are copyright 1998, 1999, 2000  Charles R. Merrill, Esq. and McCarter & English, LLP.  Materials authored by others are copyright such authors, other than for purposes of this compilation. PKILAWand the PKILaw logo  are service marks of   Charles R. Merrill, Esq.  and McCarter & English, LLP. Website design and internet consultation by Mark Pruner of Web Counsel.  Contributions to PKILaw in the form of text and/or links are welcomed and should be emailed to Chas Merrill or snailmailed, preferably with hard copy and disk, to Charles Merrill, Esq., McCarter & English, L.L.P., Four Gateway Center, 100 Mulberry Street, Newark, New Jersey 07101-0652, 973/622-4444.