February 16, 2009

Public Comment Invited on Draft MIC Notice to Partially Amend
Guidelines for Approval of Designated Certifications
Services Pursuant to Law Concerning Electronic
Signatures and Certification Services

In consideration of the May 30, 2008 report from the Study Group on Enforcement of the Law Concerning Electronic Signatures and Certification Services (Chair: Ph.D. TSUJII Shigeo, President of Institute of Information Security), the Ministry of Internal Affairs and Communications (MIC) has developed a draft partial amendment to the Guidelines for Approval of Designated Certifications Services Pursuant to Law Concerning Electronic Signatures and Certification Services.

MIC now invites public comment on the draft amendment from today until Wednesday, March 18, 2009.

Background
Standards for electronic signatures for designated certifications services must be prescribed by ordinance of the competent ministry, pursuant to Article 2 paragraph 3 of the Law Concerning Electronic Signatures and Certification Services. In accordance with the Law, the standards for electronic signatures are specified in Article 2 of the Regulations for Enforcement of the Law Concerning Electronic Signatures and Certification Services. Furthermore, standards for specific electronic signatures are specified in Article 3 of the Guidelines for Approval of Designated Certifications Services Pursuant to Law Concerning Electronic Signatures and Certification Services. Appropriate review of the standards must be considered, as needed, by taking into account the latest trends in encryption technology.

The FY 2005 Report from the Study Group on Encryption Technology (Chair: Prof. IMAI Hideki, Faculty of Science and Engineering, Chuo University), which was released in March 2006, and the report from the Study Group on Enforcement of the Law Concerning Electronic Signatures and Certification Services, which was released on May 30, 2008, recommended to specify additional hush functions (SHA-2*) to be used in electronic signature systems that satisfy the standards of electronic signatures for designated certifications services, as specified in Article 3 of the Guidelines, and additional hush functions (SHA-2*) to be used to prevent other services from being misidentified as designated certifications services, as specified in Article 10-2 of the Guidelines. In response to these reports, MIC intends to amend the Guidelines.

SHA-2: abbreviation of "Secure Hash Algorithm 2" hush functions. The SHA-2 family includes SHA-256 with 256-bit parameter, SHA-384 with a 384-bit parameter, and SHA-512 with a 512-bit parameter. SHA-2 is deemed to provide much better security than SHA-1.

+++++++++++++++
For further information about this press release, please fill in the inquiry form and submit it to MIC on the website
http://www.soumu.go.jp/joho_tsusin/eng/contact.html

International Policy Division,
Global ICT Strategy Bureau, MIC
TEL: +81 3 5253 5920 / FAX: +81 3 5253 5924