Electronic Signatures and Records Act (ESRA) Guidelines
Electronic Signatures and Records Act (ESRA) Guidelines
Electronic Signatures and Records Act (ESRA) Guidelines
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Office of Management <strong>and</strong> Budget (OMB), Appendix II to OMB Circular No. A-130<br />
Implementation of the Government Paperwork Elimination <strong>Act</strong><br />
Office of Management <strong>and</strong> Budget (OMB), Guidance on Implementing the <strong>Electronic</strong> <strong>Signatures</strong> in<br />
Global <strong>and</strong> National Commerce <strong>Act</strong><br />
Property <strong>Records</strong> Industry Association (PRIA) has background documents <strong>and</strong> st<strong>and</strong>ards that have<br />
been incorporated by reference into the <strong>ESRA</strong> regulation relating to electronic recording of real<br />
property instruments. There are two non-technical documents to explain e-recording<br />
How To Get Ready for eRecording – Recorders,<br />
http://www.pria.us/i4a/doclibrary/getfile.cfm?doc_id=45.<br />
How To Get Ready for eRecording – Submitters,<br />
http://www.pria.us/i4a/doclibrary/getfile.cfm?doc_id=46.<br />
The technical documents <strong>and</strong> st<strong>and</strong>ards that ITS has expressly incorporated by reference into the<br />
regulation are collectively known as the "PRIA <strong>Guidelines</strong>" which are available via the PRIA<br />
website <strong>and</strong> consist of the following:<br />
PRIA Request Version 2.4.2, August 2007;<br />
PRIA Response Version 2.4.2, August 2007;<br />
Document Version 2.4.1, October 2007;<br />
Notary Version 2.4.1, October 2007; <strong>and</strong><br />
eRecording XML Implementation Guide for Version 2.4.1, Revision 2, March 2007.<br />
4. Resources on the Security of E-signatures Created by Cryptographic Technologies<br />
Some e-signature technologies are based on cryptographic techniques like public key<br />
infrastructure (PKI).. The federal government has developed a set of technical st<strong>and</strong>ards <strong>and</strong><br />
guidelines on the security of cryptographic systems <strong>and</strong> system components that are relevant to<br />
the security of e-signatures created by such systems. Governmental entities that use<br />
cryptographic systems for creating e-signatures are referred to the following federal resources.<br />
http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf defines security requirements<br />
covering 11 areas related to the design <strong>and</strong> implementation of a crypto-module including the<br />
cryptographic keys used to create <strong>and</strong> authenticate e-signatures. Within most areas, a cryptomodule<br />
receives a security level rating (from1 to 4, 1 being the lowest rating). Cryptographic<br />
keys used for signing should meet at least a 3 security level rating.<br />
NYS-G04-001<br />
Page 42 of 43