행정전자서명에 관한 법적 고찰 - 공인전자서명과의 비교를 중심으로 -

A Study on the Administration Electronic Signature

Many electronic administration activities need the Internet for their communications. This is inevitable since it is the Internet, with its ubiquity and its low costs, that has made many of these activities feasible. Unfortunately, the risks of using the Internet can be daunting. In electronic world, a certificate is a collection of information to which a digital signature has been affixed by some authority who is recognized and trusted by some community of certificate users. One of the most important types of certificate is a public-key certificate, in which a public-key value is securely associated with a particular person, device, or other entity. A public-key certificate is digitally signed by a person or entity, called a certification authority, that has confirmed the identity, or other attributes of the holder of the corresponding private key. In public sector as well as private sector, it need to use digital signature based on public-key certificate for electronic administration activities. For the purpose of that, Korea government made the electronic government law. This paper deal with the relationship between administration electronic signature and licensed electronic signature. Korea electronic government law provides administration electronic(GPKI) and Electronic signature law provides licensed electronic signature(NPKI). As a result we have dual electronic system namely GPKI and NPKI. So It is very important to make sure of co-relationship between GPKI and NPKI. In first part, this paper suggest how making sure of co-relationship between them. In second part, this paper deal with specific point to revise Korea electronic government law relating to electronic signature law and foreign electronic signature law. For those, firstly this paper review foreign electronic signature laws and suggest several revision proposal of electronic government law as following. Personal information protection, the time of sending and receiving of data message, Certification Authority, authentication of signator, license of Certification Authority, Management of digital signature key(private key) by relying party, Management of Certificate of CA, keeping of certification documents, time stamping, damage recovery by CA.