03 — Legislation

seed

Legal framework for electronic signatures and public key infrastructure by jurisdiction. Defines when a digital signature has evidentiary value and which technical standard is required for each category.

Chapters

File Jurisdiction Status
01-brazil-mp-2200-2.kmd Brazil — Provisional Measure 2.200-2/2001 (ICP-Brasil) seed
02-brazil-law-14063.kmd Brazil — Law 14.063/2020 (3 levels: simple, advanced, qualified) seed
03-eu-eidas.kmd European Union — Regulation (EU) No 910/2014 and eIDAS 2 (2024) seed
04-us-esign-uniform.kmd USA — ESIGN Act 2000 + UETA + state laws planned
05-comparativo-internacional.kmd Cross-reference table: jurisdiction × levels × technical standard × mutual recognition planned

Why it matters for a Koder product

A digital signature ≠ a legally valid electronic signature. What counts is the legal category recognized by the jurisdiction of the signer and the recipient, and that category dictates:

  • The required technical standard (ICP-Brasil, eIDAS QES, etc.)
  • The permitted key custody (certified HSM, smart card, qualified cloud)
  • The presence of an accredited TSP (Trust Service Provider)
  • The signer identification requirements (KYC, in-person vs. remote)

A product that "just signs PDFs with OpenSSL" has legal value limited to a civil contract between parties that accept it (Art. 10 §2 MP 2.200-2). It does not replace a notarized signature.

Cross-references

  • 02-standards/ — technical formats required by the legislation
  • 05-icp-brasil/ — detailed Brazilian implementation
  • 04-modelos-de-confianca/ — alternative models (and their legal limitations)