Certification Authority Liability Analysis

187 Pages Posted: 5 May 2015 Last revised: 30 May 2024

See all articles by Thomas J. Smedinghoff

Thomas J. Smedinghoff

Law Office of Thomas J. Smedinghoff; OpenID Foundation

Date Written: February 4, 1998

Abstract

This paper surveys the liability issues raised by an entity’s entry into the certification authority business. Because the duties and potential liabilities imposed upon a CA by applicable law are unclear, this paper addresses the major sources of U.S. law likely to provide a basis for certification of authority liability, and analyzes those areas of the law in analogous situations in an attempt to determine how they might be applied to the activities of a certification authority. The focus is on what appear to be the four primary areas of potential liability: negligent misrepresentation, breach of warranty, intellectual property infringement, and liability for the conduct of others.

Keywords: liability, PKI, CA, certification authority, identity, identity management, digital signatures, digital certificate, law, legal, tort, negligence, misrepresentation, fraud, contract, breach of contract, vicarious liability, criminal liability, liability risk

JEL Classification: K10, K12, K13, K14, K20, K23, K30, K40

Suggested Citation

Smedinghoff, Thomas J., Certification Authority Liability Analysis (February 4, 1998). Available at SSRN: https://ssrn.com/abstract=2602207 or http://dx.doi.org/10.2139/ssrn.2602207

Thomas J. Smedinghoff (Contact Author)

Law Office of Thomas J. Smedinghoff ( email )

823 William St,
River Forest, IL 60305
United States

OpenID Foundation ( email )

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
179
Abstract Views
841
Rank
346,456
PlumX Metrics