Other pages in this section will go into greater detail on how these concepts are actually put into practice. One important technology for electronic signatures is XML, see this page on XML Electronic Signatures.
Another important technology is PDF, see this page, Portable Document Format or this post for a discussion Signing PDF Documents.
There is also a post on time stamping, reliable time stamps are a critical element of electronic signatures. See Reliable Time Stamps.
The remainder of this page deals with some fundamental concepts that we will use in our discussion of electronic signature technology, I will describe them in the context that they will be referred to elsewhere:
Electronic Signature
An Electronic Signature for purposes of our discussion is a data structure or record that contains confirmation of the intent of the signer to the terms of the associated contract or transaction. This data record may be part of the associated transaction or may include it by reference. Likewise the signature process and tamper evident seal may be documented within the signature record or incorporated by reference. There are standards now being used for electronic signature records, these generally specify minimum requirements and are extensible to support the requirements of the relying party. These standards include the PDF signature dictionary and various backward compatible versions of the XML Digital Signature Standard, (XMLDSIG and XAdES). Browse the Standards links in the sidebar for more information on these, and volunteer links to important standards that I have missed.
Document Hash or Message Digest
A mathematical, cryptographic strength checksum of an electronic record. This is used to create a tamper evident seal, as any modification to the document will make the hash invalid. It is often encoded by a secret or private key. When encoded by a transform using a private key it is commonly called a digital signature and is used to associate the key holder to the signature and thus to the document or record. Currently the most commonly used hashing algorithms are MD5 and SHA-1, and digital signatures are often generated using one of the algorithms specified in NIST’s Digital Signature Standard, FIPS 186-2.
Authentication and Credentials
Credentials are the result of some form of authentication, where a person or agent has satisfactorily established its identity and its authority to perform an action. This may be accomplished by a user name – password session login, or by use of a valid private key assumed to only be available to the authorized agent. Many types of authentication are in use, generally higher levels of security are achieved by multi-factor authentication. A common example of two factor authentication (something you know + something you have) is the ATM card and PIN number authentication used by banks. The highest levels of authentication still often require in person transactions. Authentication credentials are often included in electronic signatures or in audit records of electronic signing processes.
Subscribe to Esignature Post feed
