For the purposes of the specifications in Appendix JA7, the following definitions shall apply:
Application Programming Interface (API) is any software that serves as an intermediary between a Data Registry and any other software, database, data entry method, or EDDS.
Asymmetric Key Encryption is also known as public key encryption. This type of encryption uses a pair of keys that are mathematically related: one key for encryption and another key for decryption. In digital signature processing, a user is assigned a private key that is not shared with anyone, and a public key that is given to anyone who receives digitally signed material from the user.
From California Code of Regulations, Title 2. Section 22003, List of Acceptable Technologies: “The technology known as Public Key Cryptography is an acceptable technology for use by public entities in California...”
All major development environments such as Microsoft and Adobe support PKCS1 asymmetrical key encryption.
Authorized User is a person who has a user account with a Data Registry and is required to provide their correct username and password in order to access the Data Registry. Data Registry users may be required to provide professional licensure, certification or credential information, or other qualifying information as condition of receiving authority to provide signatures for certain types of documentation.
Commission means the State of California Energy Resources Conservation and Development Commission, commonly known as the California Energy Commission, also referred to as the Energy Commission.
Commission Compliance Document Repository (also known as an electronic document repository) is an electronic database and document storage software application used for retention of registered electronic Compliance Documents generated by Data Registries, and may also contain data and documentation relevant to other regulatory procedures administered by the California Energy Commission. The Commission Compliance Document Repository shall maintain these retained documents in accordance with Evidence Code sections 1530-1532 (in the custody of a public entity).
Compliance Data Exchange File is an XML file that contains compliance data used to populate a Compliance Document. The Compliance Data Exchange File is part of the Compliance Registration Package.
Compliance Document is one of the following documents required for demonstration of compliance with Title 24, Part 6: Certificate of Compliance, Certificate of Installation, Certificate of Acceptance, Certificate of Verification.
Compliance Registration Package means digitally signed or encrypted digital data that is transmitted to or from a Data Registry that contains the data required for registering a Compliance Document with a Data Registry, including the Compliance Data Exchange File. A commonly used method is the Zip file format, a data compression and archiving specification that is in the public domain. Files transmitted to or from a Data Registry using the Zip file format shall be password protected as described in JA7.6.3.2.7.
Compliance Report Generator is a web service maintained by the Commission that receives standardized document data exchange files from third party software approved by the Commission and produces the document registration package required to complete registered compliance documents in data registries that are approved by the Commission.
Compliance Software is software approved by the California Energy Commission for use in demonstrating compliance with the performance standards in Title 24, Part 6.
Cryptographic Hash Function is a mathematical function that creates a unique number that represents the contents of a block of data or text. In digital signature processing the data or text that the user is digitally signing is called the message. The number generated by the cryptographic hash function is called the message digest. To verify a copy of the message, the cryptographic hash function is applied to both the original message and the copy of the message, and the resulting message digests are compared. If they are both the same, then the copy is valid.
There is a number of cryptographic hash functions used in digital signature processing. All major development environments such as Microsoft and Adobe support the most commonly used hash algorithm family, SHA-1, SHA-256, SHA-384, SHA-512 hash algorithms which were developed by National Security Agency (NSA).
Data Registry is a web service with a user interface and database maintained by a Registration Provider that complies with the applicable requirements in Appendix JA7, with additional guidance from the Data Registry Requirements Manual, and provides for registration of residential or nonresidential compliance documentation used for demonstrating compliance with Title 24, Part 6.
- Residential Data Registry is a Data Registry that is maintained by a HERS Provider, that provides for registration, when required by Title 24, Part 6, of all residential compliance documentation and the nonresidential Certificate of Verification.
- Nonresidential Data Registry is a Data Registry that is maintained by a Registration Provider approved by the Commission, that provides for registration, when required by Title 24, Part 6, of all nonresidential compliance documentation, excluding all Certificates of Acceptance recorded by an acceptance test technician certification provider (10-103.1 and 10-103.2). However, nonresidential data registries may not provide for registration of nonresidential Certificates of Verification.
Data Registry Requirements Manual is a document that provides additional detailed guidance regarding the functional and technical aspects of the Data Registry requirements given in Appendix JA7.
Digital Certificate is a computer-based record that contains a person's identifying information and the person's digital signature public key, as well as information about the certificate authority that issued the Digital Certificate and the certificate authority's digital signature verifying the authenticity of the person's identity and digital signature. Although California Code of Regulations, title 2, section 22003(a)(2)(C) states "although not all digitally signed communications will require the signer to obtain a certificate, the signer is capable of being issued a certificate to certify that he or she controls the key pair used to create the signature."
External Digital Data Source (EDDS) is a data transfer service approved by the Energy Commission to operate in conjunction with an approved Data Registry that allows authorized users of a Data Registry to transfer data from a digital data source external to the Data Registry as an alternative to the key-in data entry described in JA7.7.1.1 for registering compliance documents as required by Title 24 Part 6.
External Digital Data Source (EDDS) Provider is an organization that administers an EDDS that conforms to the requirements in Appendix JA7 with additional guidance given in the Data Registry Requirements Manual.
Digital Signature an electronic signature that incorporates cryptographic methods of originator authentication, allowing the identity of the signer and the integrity of the data to be verified. The regulations adopted by the Secretary of State that govern the use of Digital Signatures for use by public entities in California are found in the California Code of Regulations, Title 2, Division 7, Chapter 10 Digital Signatures.
Documentation Author is a person who prepares a Title 24, Part 6 compliance document that must subsequently be reviewed and signed by a responsible person in order to certify compliance with Part 6.
Electronic Signature is a "computer data compilation of any symbol or series of symbols executed, adopted, or authorized by an individual to be the legally binding equivalent of the individual's handwritten signature.” (21 C.F.R. § 11.3.)
For the purposes of using electronic signatures to sign compliance documents, the electronic signature shall be an electronic image of the signer’s handwritten signature.
Executive Director means the Executive Director of the Energy Commission.
Field Technician is a person who performs acceptance tests in accordance with the specifications in Appendix NA7 and reports the results of the acceptance tests on the Certificate of Acceptance in accordance with the requirements of Section 10-103(a)4.
HERS is the California Home Energy Rating System as described in California Code of Regulations, title 20, sections 1670 et seq.
HERS Provider is an organization that administers a home energy rating system as described in California Code of Regulations, title 20, sections 1670 et seq.
HERS Rater is a person who has been trained, tested, and certified by a HERS Provider to perform the field verification and diagnostic testing required for demonstrating compliance with the Title 24, Part 6, as described in California Code of Regulations, title 20, sections 1670 et seq.
HERS Provider Data Registry is a Data Registry maintained by a HERS Provider.
Login (see Secure Login).
Message is a block of data or text that has been digitally signed.
Message Digest is the unique number generated when a Cryptographic Hash Function is applied to the Message which is the data or text that is digitally signed.
Password is a string of characters used for authenticating a user on a computer system.
Personal Computing Device includes desktop computers, laptops, smartphones, and tablets
Private Key is one of the keys in Asymmetric Key Encryption used in a Digital Signature. As its name implies, the Private Key should only be known to the owner of the Digital Signature. The private key is used to encrypt the Message Digest of the message that the user digitally signed.
Public Key is one of the keys in Asymmetric Key Encryption used in a Digital Signature. As its name implies, the Public Key must be made public to receivers of digitally signed documents in order to decrypt the Message Digest.
Registered Compliance Document is a compliance document that has been submitted to a residential or nonresidential Data Registry for retention, verified as valid with an XML schema approved by the Commission, and has gone through the registration process so that the Registered Document displays all applicable electronic signatures as well as the Registration Provider's digital certificate and the document's unique registration number. The image of the registered document is accessible for printing or viewing by authorized users of the Data Registry via the Registration Provider’s internet website. The registered document’s unique visible registration number is appended onto the document image by the Data Registry.
A Registered Document meets all applicable requirements in Standards Section 10-103(a) and Appendix JA7. Refer to the Data Registry Requirements Manual for additional guidance.
Registration is the process applicable to electronic Compliance Documents that are verified as complete by the Data Registry, and are electronically signed by all required Data Registry Authorized Users. Registration is initiated when an authorized Registration Signer signs the Compliance Document electronically where subsequently the Data Registry adds the Registration Signer's Electronic Signature to the signature block, appends a unique Registration Number to each page of the document, and then applies the Registration Provider's Digital certificate issued by a Certificate Authority approved by the California Secretary of State to the Compliance Document and displays the Registration Provider's digital signature appearance following the registration signers signature block. When Registration is complete, the Data Registry immediately and automatically transmits a copy of the completed Registered Compliance Document and Compliance Registration Package to the Commission Compliance Document Repository and also retains a copy of the Registered Compliance Document for use by authorized users for submittals.
Registration Number is an alphanumeric sequence of digits and delimiters appended to a Compliance Document when the document's Registration Signer provides his or her Electronic Signature to the Data Registry to complete Registration for any document. Each Registration Number shall be unique to only one document. The registration numbering convention utilizes specific digits to reference the document type, revision level, and the parent-child relationships between the compliance documents in a specific project.
Registration Provider is an organization that administers a Data Registry service that conforms to the requirements in Appendix JA7, with additional guidance given in the Data Registry Requirements Manual.
Registration Signer is a Responsible Person as defined in Title 24, Part 1, chapter 10, Sections 10-103(a)1, 10-103(a)3, 10-103(a)4, or 10-103(a)5 who has established a user account with a Data Registry and has provided sufficient evidence to the Registration Provider to qualify for the authorization to register applicable compliance documentation by providing an electronic signature. The Documentation Author or Field Technician, and Registration Signer on a compliance document may be one and the same person or they may be different persons.
Secure Login means the unique Username and Password given to an Authorized User for maintaining the security of the Data Registry.
Standards means the California Building Energy Efficiency Standards, codified in the California Code of Regulations, title 24, part 1, chapter 10, and part 6.
Standards Data Dictionary (SDD) is a dictionary that contains all data and technical terms used to describe building components, equipment, attributes and measurements that are regulated by the Standards. The purpose of the SDD is to provide the vocabulary that is used in expressing standards as well as published compliance documentation.
URI stands for Uniform Resource Indicator which is a standard for identifying a name or a resource on the Internet.
URL stands for Uniform Resource Locator is a type of URI used to identify locations on the World Wide Web.
Username is a name that uniquely identifies someone on a computer system. The Username is paired with a Password to create a Secure Login.
W3C stands for World Wide Web Consortium which is an international standards body that develops standards for the World Wide Web.
XML stands for Extensible Markup Language and is a set of rules for encoding documents in machine-readable form to facilitate the electronic transmission of documents. XML standard was developed by the W3C.
XML Schema refers to XML Schema Definition Language, commonly referred to as XSD, which is another standard defined by the W3C. An XML schema uses XSD to define a set of rules to which an XML document must conform in order to be considered valid according to that schema. The rules can include definition of major organizational units, definition of data elements and attributes data types, constraints on valid values such as upper and lower bounds, and whether data is required or optional.
XSL-FO stands for Extensible Stylesheet Language Formatting Objects and is a standard of the W3C for representing content from an XML document. It is based on a standard vocabulary of document plus formatting and layout directives that can be interpreted by a computer application called an FO processor. XSL-FO is commonly used as an intermediary to generate PDF and printable documents.
XSLT stands for Extensible Stylesheet Language Transformation which is a standard from the W3C for translating an XML document into another format such as XSL-FO or HTML.