| This article has preliminarily put forward the issues to be discussed in the Introduction section, and later on the basis of studying the significance of research, current literature and analyzing ideas, further discussed the way how the transaction parties identify themselves in the traditional system. In case of either expressing feelings or conducting commercial transactions, the first thing to do is to confirm the real identity of the opposite party. Save for two simple modes of transaction which do not require signature as proof of identification, people used to utilize handwriting signatures with paper and ink as the way to identify in traditional society. But the subsequent issue is how to verify the handwriting signature on the paper? Normally, there are two systems, i.e. the specimen seal reservation system and the third-party certification system. The specimen seal reservation system, based on adding signatures in advance between the communicating parties, is simple and easy to implement. However, such signatures under the specimen seal reservation system are also easy to be forged which will cause serious security weakness. By introducing an independent third party, the third-party certification system overcomes the security weakness of the specimen seal reservation system subtly. Comparing with the specimen seal reservation system, although the third-party certification system has one more party involved and has a bit more transaction cost, it is applicable to those transactions in which the transacting parties have never met. The third-party certification system could not only promote the exploitation of commercial activities and meet the needs of cross-border trades, but could also solve the problem of verifying signatures and has become an effective way by which the government supervises and manages the social order. These systems have their respective applicable condition and environment, and also have their own limitation.The third section has concluded the characteristics of e-commerce and its security problem. As human society is entering into the Internet age, the way of traditional handwriting signatures cannot be achieved in the network environment. At early stage, people used to adopt network authentication method in which user name plus password is required. But there are some problems in this method such as the separation of user name and signature and the separation of signature and signatory which is very vulnerable to be intercepted, altered or forged, thereby putting forward a serious challenge to the normal e-commerce online transactions. In this case, the specimen seal reservation system still cannot overcome its defect of being easily forged. The third-party certification system in which notarization is a typical way has faced difficulties under the e-commerce. People have tried every means in the system of reserved specimen seal and the third-party certification system from the technical perspective and also encountered difficulties.The fourth section of this article has introduced the emergence of the certification authority, its technical limitation and how the system secures the certification authority to obtains public creditability. Based on the asymmetric cryptosystem, the PKI system is one kind of the third-party certification systems. With its high-strength encryption algorithm, through the establishment of a certification authority as an independent party, the PKI system has established a trust chain technically by connecting electronic signatory, certification authority and the relying party.But the chain is not complete, as a key component of the PKI system, how can the certification authority be trusted by people will be a field which can not be solved by technology. It is necessary to remedy the defect of technology by introducing the legal system. To accomplish this goal, a full trust chain at both macro-and micro-levels will be required to establish. At a macro-level, the trust chain is constituted from legal system design to institutional setup, as well as technical measures and business norms. The composition of the trust chain at a micro level includes the certification authority obtaining user’s trust, the electronic signatory applying for and obtaining a certificate, the relying party receiving the certificate and accessing to repository of the certification authority to verify the certificate. Only after both parties have verified and got a correct result, they could begin transactions online.Whether in macro-or micro-level trust chain, a certification authority needs the legal system to establish its public credibility. How come the public credibility of a certification authority (i.e. the effectiveness of act of certification)? This article, from the perspective of design of legal system, on the one hand, analyzes the source of effectiveness of a certification authority, namely, the basic principles of certification, the substantive law and the procedural law of electronic signature, as well as the effectiveness of certificate which is a key method and media of certification activities; on the other hand, from the perspective of theory of credit, studies the source of effectiveness of act of certification in terms of state credit, capital credit, technology and business credit of certification activities. To make a general observation of the world-wide electronic signature law and relevant regulations, they have built a solid foundation for the source of effectiveness of act of certification in view of system design and credit theory. In order to implement a full trust chain, the effectiveness of certification authority should be guaranteed. This article also studies the legal implication of the act of a certification authority. The act of a certification authority has the significance of providing evidence of identity authentication, achievement of national regulation and intervention, provision of public supplies and reconstruction of the social credibility.The fifth section has analyzed the legal obligation of certification authority. For a healthy and sound system, there should be both operative rules from the positive side to instruct the parties and legal liability system from the opposite side to regulate the rule breaker and remedy the injured party, which has provided a protection for the effectiveness of certification of a certification authority. In this section, the notarization system has been made as a reference for the analysis of the civil, criminal mad administrative obligation of the certification authority. This article will subsequently, based on discussion on legal relationship between the certification authority and all other parties, study the system of legal obligation and limitation to obligation of the certification authority. Compared with the common law countries and jurisdictions where there is more liberal and relaxed legal environment, China has adopted the doctrine of presumption of fault for the principle of attribution of a certification authority and compulsory licensing instead of voluntary licensing for its establishment. Moreover, China has also set forth stringent and detailed conditions for the establishment of a certification authority such as number of staff and capital amount. From the above, we could see that China has adopted a more cautious and conservative approach to the certification industry, however which is truly related to the current development status of our e-commerce and certification industry and is in line with our current situation of the legislative choice.The sixth section of this article is a brief conclusion by studying how the traditional legal system should face the newborn thing in the age of internet for the purpose of providing certain references. |
PDF Full Text Request