|
|
Acknowledgment
|
Definition: As defined in § 3.3 of CROMERR, a confirmation of electronic document receipt.
|
|
|
Agreement collection certification
|
Definition: As defined in § 3.3 of CROMERR, a signed statement by which a local registration authority certifies that a subscriber agreement has been received from a registrant; the agreement has been stored in a manner that prevents unauthorized access to these agreements by anyone other than the local registration authority; and the local registration authority has no basis to believe that any of the collected agreements have been tampered with or prematurely destroyed.
|
|
|
Authorized program
|
Definition: As defined in § 3.3 of CROMERR, a federal program that EPA has delegated, authorized, or approved a state, tribe, or local government to administer, or a program that EPA has delegated, authorized, or approved a state, tribe or local government to administer in lieu of a federal program, under other provisions of Title 40 and such delegation, authorization, or approval has not been withdrawn or expired.
|
|
|
Central Data Exchange
|
Definition: As defined in § 3.3 of CROMERR, EPA's centralized electronic document receiving system, or its successors, including associated instructions for submitting electronic documents.
Acronym: CDX
|
|
|
Chief Information Officer
|
Definition: As defined in § 3.3 of CROMERR, the EPA official assigned the functions described in section 5125 of the Clinger Cohen Act (Pub. L. 104-106).
|
|
|
Compromise
|
Definition: In relationship to an electronic signature device, refers to when the device's code or mechanism is available for use by any other person.
|
|
|
Copy of Record
|
Definition: As defined in § 3.3 of CROMERR, a true and correct copy of an electronic document received by an electronic document receiving system, which copy can be viewed in a human-readable format that clearly and accurately associates all the information provided in the electronic document with descriptions or labeling of the information. A copy of record includes: 1) All electronic signatures contained in or logically associated with that document; 2) The date and time of receipt; and 3) Any other information used to record the meaning of the document or the circumstances of its receipt.
Acronym: COR
|
|
|
Digital signature
|
Definition: (not to be confused with a digital certificate) An electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped.
|
|
|
Disinterested individual
|
Definition: As defined in § 3.3 of CROMERR, an individual who is not connected with the person in whose name the electronic signature device is issued. A disinterested individual is not any of the following: The person's employer or employer's corporate parent, subsidiary, or affiliate; the person's contracting agent; member of the person's household; or relative with whom the person has a personal relationship.
|
|
|
Electronic document
|
Definition: As defined in § 3.3 of CROMERR, any information in digital form that is conveyed to an agency or third-party, where "information" may include data, text, sounds, codes, computer programs, software, or databases. "Data," in this context, refers to a delimited set of data elements, each of which consists of a content or value together with an understanding of what the content or value means; where the electronic document includes data, this understanding of what the data element content or value means must be explicitly included in the electronic document itself or else be readily available to the electronic document recipient.
|
|
|
Electronic document receiving system
|
Definition: As defined in § 3.3 of CROMERR, any set of apparatus, procedures, software, records, or documentation used to receive electronic documents.
|
|
|
Electronic signature
|
Definition: As defined in § 3.3 of CROMERR, any information in digital form that is included in or logically associated with an electronic document for the purpose of expressing the same meaning and intention as would a handwritten signature if affixed to an equivalent paper document with the same reference to the same content. The electronic document bears or has on it an electronic signature where it includes or has logically associated with it such information.
|
|
|
Electronic signature agreement
|
Definition: As defined in § 3.3 of CROMERR, an agreement signed by an individual with respect to an electronic signature device that the individual will use to create his or her electronic signatures requiring such individual to protect the electronic signature device from compromise; to promptly report to the agency or agencies relying on the electronic signatures created any evidence discovered that the device has been compromised; and to be held as legally bound, obligated, or responsible by the electronic signatures created as by a handwritten signature.
|
|
|
Electronic signature device
|
Definition: As defined in § 3.3 of CROMERR, a code or other mechanism that is used to create electronic signatures. Where the device is used to create an individual's electronic signature, then the code or mechanism must be unique to that individual at the time the signature is created and he or she must be uniquely entitled to use it. The device is compromised if the code or mechanism is available for use by any other person.
|
|
|
Existing electronic document receiving system
|
Definition: As defined in § 3.3 of CROMERR, an electronic document receiving system that is being used to receive electronic documents in lieu of paper to satisfy requirements under an authorized program on October 13, 2005 or the system, if not in use, has been substantially developed on or before that date as evidenced by the establishment of system services or specifications by contract or other binding agreement.
|
|
|
Federal program
|
Definition: As defined in § 3.3 of CROMERR, any program administered by EPA under any other provision of Title 40.
|
|
|
Federal reporting requirement
|
Definition: As defined in § 3.3 of CROMERR, a requirement to report information directly to EPA under any other provision of Title 40.
|
|
|
Handwritten signature
|
Definition: As defined in § 3.3 of CROMERR, the scripted name or legal mark of an individual, handwritten by that individual with a marking-or writing-instrument such as a pen or stylus and executed or adopted with the present intention to authenticate a writing in a permanent form, where "a writing" means any intentional recording of words in a visual form, whether in the form of handwriting, printing, typewriting, or any other tangible form. The physical instance of the scripted name or mark so created constitutes the handwritten signature. The scripted name or legal mark, while conventionally applied to paper, may also be applied to other media.
|
|
|
Hash Values
|
Definition: One-way mathematical algorithms that take an arbitrary length input and produce a fixed-length output string. The output is the hash value. A hash value is a unique and extremely compact numerical representation of a piece of data. It is computationally improbable to find two distinct inputs that hash to the same value (or "collide").
|
|
|
In lieu of paper
|
Definition: When an electronic report takes the place of a paper report submitted to satisfy the requirements under another part of 40 CFR. In some states, the electronic reporting is done to make data collection and management easier, but the state requires that each report submitted electronically also be submitted as a signed paper copy. In this case, the electronic submission would not be in lieu of paper and CROMERR does not apply to the state. Some electronic reporting systems use a combined approach, where part or all of the data are submitted only electronically, but a wet ink signature on paper is also required. In these cases, the e-report (or at least the portions of it that are not also submitted on paper) is considered to be submitted "in lieu of paper" and CROMERR applies. In addition, there are special CROMERR rules under 40 CFR 3.2000(a) that govern the use of a wet ink signature on paper in conjunction with an e-report. (Additional detail on this combined approach is provided in Lesson 6.)
|
|
|
Information or objects of independent origin
|
Definition: As defined in § 3.3 of CROMERR, data or items that originate from a disinterested individual or are forensic evidence of a unique, immutable trait which is (and may at any time be) attributed to the individual in whose name the device is issued.
|
|
|
Local registration authority
|
Definition: As defined in § 3.3 of CROMERR, an individual who is authorized by a state, tribe, or local government to issue an agreement collection certification, whose identity has been established by notarized affidavit, and who is authorized in writing by a regulated entity to issue agreement collection certifications on its behalf.
|
|
|
New electronic document receiving system
|
Definition: A system developed by an authorized program that, on October 13, 2005, did not have an "existing" electronic document retrieving system (eDRS) as defined under CROMERR.
|
|
|
Priority reports
|
Definition: As defined in § 3.3 of CROMERR, the reports listed in Appendix 1 to part 3.
|
|
|
Private-public key pairs
|
Definition: A pair of cryptographic keys-a public key and a private key-used to execute digital signatures by a user. The private key is kept secret, while the public key may be widely distributed.
|
|
|
Public key infrastructure
|
Definition: Enables users of a basically unsecure public network, such as the Internet, to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.
Acronym: PKI
|
|
|
States
|
Definition: (for the purposes of CROMERR) Includes the District of Columbia and the United States Territories, as specified in the applicable statutes.
|
|
|
Subscriber agreement
|
Definition: As defined in § 3.3 of CROMERR, an electronic signature agreement signed by an individual with a handwritten signature. This agreement must be stored until five years after the associated electronic signature device has been deactivated.
|
|
|
Title 40
|
Definition: The 40th section of the Code of Federal Regulations (CFR), which deals with EPA's mission to protect human health and the environment. The CFR is the codification of the general and permanent rules published in the Federal Register by the executive departments and agencies of the Federal Government.
|
|
|
Transmit
|
Definition: As defined in § 3.3 of CROMERR, successfully and accurately convey an electronic document so that it is received by the intended recipient in a format that can be processed by the electronic document receiving system.
|
|
|
Valid electronic signature
|
Definition: As defined in § 3.3 of CROMERR, an electronic signature on an electronic document that has been created with an electronic signature device that the identified signatory is uniquely entitled to use for signing that document, where this device has not been compromised, and where the signatory is an individual who is authorized to sign the document by virtue of his or her legal status and/or his or her relationship to the entity on whose behalf the signature is executed.
|
