(a) Significance

The purpose of this scheme is to allow exceptionally reliable electronic authentication by establishing certification authorities operated by the commercial registries using information registered in the commercial register.

The purpose of the system which provides private certification authorities with information registered in the commercial register is to enhance reliability of operations of private certification authorities. But, the extent of reliability of electronic authentication relies not only on the accuracy of information used for authentication but also on overall operations of entities offering authentication service. Of course, the reliability of electronic authentication will be enhanced through free competition among private certification authorities.

On the other hand, it could be possible to establish certification authorities operated by the commercial registries, whose reliability is ensured by the legal system and which have skills on registration and publication of information on companies. In addition, legal system ensuring reliability of operations of the commercial registries and skills in registration and publication of information as well as information registered in the commercial register could be utilized in its present from for electronic authentication. Thus, an electronic authentication system that is as reliable as a corporation's exemplified copy of the commercial register, a certificate of qualification, and a certificate of an impression of a seal could be established easily. Such electronic authentication, which covers all companies and is highly reliable, could be used for electronic applications to public entities, and could be expected to foster electronic commerce and in particular to promote the realization of electronic applications.

There is certain demand for electronic certificates among those using a certificate of an impression of a seal, etc. According to a questionnairing conducted by the Study Group, more than 50% of the surveyed think it necessary to establish a system to issue a certificate for companies and want to use the system when established.

The system to issue an electronic certificate to a private person (the system to issue an electronic certificate for a person other than directors of companies) which is referred to in the interim report was excluded as a subject of the study because there may be no clear significance or necessity for certificates issued by the commercial registry which has no information on private persons.

(b) Encryption to Be Used

In establishing the system for the commercial registries as certification authorities, encryption to be used must be determined. It was pointed out in the Study Group that there are some possible schemes to realize electronic authentication other than schemes based on public key cryptography. But it seems appropriate to establish an electronic authentication system based on public key cryptography for the reasons as follows: establishing an electronic authentication system based on public key cryptography seems to be the most reasonable way to realize electronic authentication among unspecified parties; the scheme of electronic authentication based on public key cryptography and methods to rate security level of such schemes are being developed; and a system based on public key cryptography is appropriate from international standpoint because electronic authentication is realized using public key cryptography in many foreign countries.

(c) Required System

In the case of the system for the commercial registries as certification authorities, a "certificate file" in which valid certificates are recorded, a "revoked certificate file" in which revoked certificates are recorded, and a "suspended certificate file" in which suspended certificates are recorded are needed. In addition, a system for managing a registrar's private key which is used to attach a registrar's digital signature to a certificate and a system for publishing a registrar's public key which is used to verify a registrar's digital signature through the internet are also required.

It is possible to locate these files in each commercial registry, just like the commercial register located in each commercial registry. In this case, each registrar in each commercial registry issues certificates and certifies the validity of certificates. Such a system is similar to the current seal certification system in which certificates for impressions of seals submitted to each commercial registry can be issued by each registrar. In such a system, computer systems for issuing certificates securely must be provided to all commercial registries. In addition, there would be many complicated operations involved in changing registrars' keys when changing registrars because all registrars have their own keys. Furthermore, as there are so many public keys used to verify digital signatures attached to certificates issued by registrars, such a system may be inappropriate from the standpoint of the convenience of users.

It is possible, however, to establish a system in which each commercial registry only accepts the applications. Then a computer system to issue certificates and the files concerning certificates are provided to a certain center like the above-mentioned "Certification Center" and most data processing such as issuance of certificates and management of the files are intensively conducted by the center. In such a system, only a system necessary to accept applications is needed at each commercial registry, so the cost to establish the whole system will be relatively low. In addition, as only the registrar of the Certification Center issues certificates, implementation of complicated key management operations and inconvenience of users will be avoided. Thus, in the scheme for the commercial registries as certification authorities, it seems appropriate to establish a certain center like the Certification Center issuing certificates. In the following report, details of such a system are investigated.

It seems appropriate to either make the current commercial registry function as the Certification Center or to establish a new commercial registry to be the Certification Center because the business of the Center is to issue certificates as a legal means of publishing information registered in the commercial register.

(d) Details of the System

The following are the details of a system for the commercial registries as certification authorities. The people who can apply the issuance of certificates must be the directors of registered companies because the system is based on the commercial registration system. The certificates are issued only to directors who want to obtain a certificate and no directors are obliged to submit public keys to the commercial registry. Of the following service, suspension of a certificate and certification of the validity of a certificate should be conducted on a 24-hour basis. Procedures for the fee payment should be considered.