June 16, 2014 Leave a comment
Hey… I just read (i got it almost 3 months ago in the mail…) the quarterly newsletter from the Maryland State Board of Engineers. An article in this newsletter caught my eye simply because every firm and government agency I visit is talking about how to streamline plan delivery and recording of said plans.
Here’s a snippet of the newsletter:
|Regulations Allowing Digital Signatures to be Published|
|For several years, the Board for Professional Engineers has been discussing how to implement the use of digital signatures on engineering documents that are submitted to clients and public authorities for permit purposes. This spring, a set of proposed regulations has been formulated, and the Board intends to have them published in the Maryland Register shortly.The regulations are intended to allow for, but not require, the use of digital signatures by professional engineers. They do so by clarifying the definition the definition of “original signature” in Md. Code Ann., Bus. Occ. And Prof. §14-4A-02(a)(1). If a professional engineer opts to sign and seal documents with digital signature instead of a handwritten one, the digital signature will be acceptable in Maryland as long as it satisfies the following four requirements:
After the proposed regulations are published, there will be a comment period for the public to respond, followed by final action to adopt them at the next open meeting of the Board.
The question is more around defining authenticity it seems. We all like to DIGITIZE our signatures for letters and other transmissions. In this case, it seems the Board is looking more for a DIGITAL signature. What’s the difference? Wikipedia says…
A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document.
What do think, is this a digital signature?
Me thinks this would meet three of the four requirements mentioned above. The difference is the fourth requirement – invalidating the signature if the file is modified. To get that level of authenticity, we can create our own PKI or self signed certificate. But this can be duplicated by anyone. What may be a solution is for a firm to create a Coporate PKI. Many states already have a requirement that the firm maintain a Certificate of Authenticity to practice Surveying/Engineering in a given state. Interestingly, Maryland is also implementing this requirement in October 2015. They are terming it a FIRM PERMIT.
So, it seems that the onus of authenticity may shift from the individual to the firm in order to manage the digital stamps. What say you community?