Digital Signatures
Overview
A digital signature is a way to indicate that a document is authentic, has been signed by a particular person, and has not been modified since the signature was applied.
How they work
When a document is digitally signed, a hash of the signed content (image pages, the electronic file, and other signature information) is created. The signing certificate is then used to sign the hash, and the result is stored in the database. This hash is used to verify the contents of the document during signing validation. This allows you to sign the document without modifying the document contents themselves. The signing certificate also uses a certificate chain to connect the user certificate to a certificate authority. The certificate authority is the end of the certificate chain: if the chain is intact and valid, and the certificate authority is trustworthy, then the certificate can be trusted--and, by extension, the signature can be trusted and the document's contents can be verified as consistent with the state it was in when it was signed.
In order for users to be able to sign documents, they must have personal certificates in their Windows certificate store that connect them to a valid certificate authority. You can choose whether to use a third-party certificate authority or to manage your own internal public key infrastructure as your certificate authority.
Once you have decided on a certificate authority, you will need to push out your certificates to the users who will need to sign documents. You can do this using Windows' certificate management tools.
Note: A digital signature in Laserfiche signs the document's electronic document content, page images, signature comments, and signing images. It does not sign page text, metadata, or annotations. Page text, metadata and annotations can be modified without invalidating the signature; electronic document contents, page images, and signature details cannot.
Usage examples
Digital signatures can be used in a variety of ways. For instance, a manager might use a digital signature to indicate that they have approved a document; validating the digital signature would verify that it is indeed that person who approved the document, and that the document has not been further modified since its approval. Alternately, a user might sign documents after importing them, in order to indicate that the import process is complete and all relevant information has been included, and that signature could be validated to see whether changes have been made to the document since its import. In addition, users can sign an entire briefcase during the briefcase export operation, allowing another user to validate its contents before importing it.
For information on signing documents and validating signatures, see Digital Signatures in the Laserfiche User Guide.