Sec 2(1)
(d) "Affixing Electronic Signature" with its grammatical variations and cognate expressions means adoption of any methodology or procedure by a person for the purpose of authenticating an electronic record by means of Electronic Signature;
Sec 2(1)(p) "Digital Signature" means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provisions of section 3;
Sec 2(1)(q) "Digital Signature Certificate" means a Digital Signature Certificate issued under sub-section (4) of section 35;
Sec 2(1)(ta) (Inserted vide ITAA-2006) "electronic signature" means authentication of any electronic record by a subscriber by means of the electronic technique specified in the second schedule and includes digital signature
Sec 2(1)(tb) (Inserted vide ITAA-2006) "Electronic Signature Certificate" means an Electronic Signature Certificate issued under section 35 and includes Digital Signature Certificate"
(4) The private key and the public key are unique to the subscriber and constitute a functioning key pair.
3A Electronic Signature (Inserted vide ITAA 2006) (1) Notwithstanding anything contained in section 3, but subject to the provisions of sub-section (2), a subscriber nay authenticate any electronic record by such electronic signature or electronic authentication technique which-
(a) is considered reliable ; and
(b) may be specified in the Second Schedule
(2) For the purposes of this section any electronic signature or electronic authentication technique shall be considered reliable if-
(a) the signature creation data or the authentication data are, within the context in which they are used, linked to the signatory or , as the case may be, the authenticator and of no other person;
(b) the signature creation data or the authentication data were, at the time of signing, under the control of the signatory or, as the case may be,the authenticator and of no other person;
(c) any alteration to the electronic signature made after affixing such signature is detectable
(d) any alteration to the information made after its authentication by electronic signature is detectable; and
(e) it fulfills such other conditions which may be prescribed.
(3) The Central Government may prescribe the procedure for the purpose of ascertaining whether electronic signature is that of the person by whom it is purported to have been affixed or authenticated
(4) The Central Government may, by notification in the Official Gazette, add to or omit any electronic signature or electronic authentication technique and the procedure for affixing such signature from the second schedule;
Provided that no electronic signature or authentication technique shall be specified in the Second Schedule unless such signature or technique is reliable
(5) Every notification issued under sub-section (4) shall be laid before each House of Parliament
From reading the above I am confused as the Act is using both the terms in very confusing manner. However, one thing is clear that "Electronic Signatures" is different from "Digital Signatures" because "ES" includes "DS".
(d) "Affixing Electronic Signature" with its grammatical variations and cognate expressions means adoption of any methodology or procedure by a person for the purpose of authenticating an electronic record by means of Electronic Signature;
Sec 2(1)(p) "Digital Signature" means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provisions of section 3;
Sec 2(1)(q) "Digital Signature Certificate" means a Digital Signature Certificate issued under sub-section (4) of section 35;
Sec 2(1)(ta) (Inserted vide ITAA-2006) "electronic signature" means authentication of any electronic record by a subscriber by means of the electronic technique specified in the second schedule and includes digital signature
Sec 2(1)(tb) (Inserted vide ITAA-2006) "Electronic Signature Certificate" means an Electronic Signature Certificate issued under section 35 and includes Digital Signature Certificate"
Chapter II is also on this subject
II. DIGITAL SIGNATURE AND ELECTRONIC SIGNATURE (amended vide ITAA 2008)
(1)
Subject to the provisions of this section any subscriber may
authenticate an electronic record by affixing his Digital Signature
(2)
The authentication of the electronic record shall be effected by the
use of asymmetric crypto system and hash function which envelop and
transform the initial electronic record into another electronic record.
For the purposes of
this sub-section, "Hash function" means an algorithm mapping or
translation of one sequence of bits into another, generally smaller, set
known as "Hash Result" such that an electronic record yields the same
hash result every time the algorithm is executed with the same
electronic record as its input making it computationally infeasible
(3) Any person by the use of a public key of the subscriber can verify the electronic record.(a) to derive or reconstruct the original electronic record from the hash result produced by the algorithm;(b) that two electronic records can produce the same hash result using the algorithm.
(4) The private key and the public key are unique to the subscriber and constitute a functioning key pair.
3A Electronic Signature (Inserted vide ITAA 2006) (1) Notwithstanding anything contained in section 3, but subject to the provisions of sub-section (2), a subscriber nay authenticate any electronic record by such electronic signature or electronic authentication technique which-
(a) is considered reliable ; and
(b) may be specified in the Second Schedule
(2) For the purposes of this section any electronic signature or electronic authentication technique shall be considered reliable if-
(a) the signature creation data or the authentication data are, within the context in which they are used, linked to the signatory or , as the case may be, the authenticator and of no other person;
(b) the signature creation data or the authentication data were, at the time of signing, under the control of the signatory or, as the case may be,the authenticator and of no other person;
(c) any alteration to the electronic signature made after affixing such signature is detectable
(d) any alteration to the information made after its authentication by electronic signature is detectable; and
(e) it fulfills such other conditions which may be prescribed.
(3) The Central Government may prescribe the procedure for the purpose of ascertaining whether electronic signature is that of the person by whom it is purported to have been affixed or authenticated
(4) The Central Government may, by notification in the Official Gazette, add to or omit any electronic signature or electronic authentication technique and the procedure for affixing such signature from the second schedule;
Provided that no electronic signature or authentication technique shall be specified in the Second Schedule unless such signature or technique is reliable
(5) Every notification issued under sub-section (4) shall be laid before each House of Parliament
From reading the above I am confused as the Act is using both the terms in very confusing manner. However, one thing is clear that "Electronic Signatures" is different from "Digital Signatures" because "ES" includes "DS".
Now Income tax department is planning
to introduce "Electronic Signatures" for registered ITR filiers
for removing the process of ITR-V.
views of xperts on taxation invited on this issue.
ITAA 2008 available at http://meghpol.nic.in/acts/central/it_act_2000_2008_amendment.pdf
No comments:
Post a Comment