With the high costs of fraudulently exchanged documents and the extreme ease of obtaining digital signatures to protect against that, there's no longer a good excuse for organizations not to set up digital identities for signing important documents. Here, Knowledge Center contributor John Adams explains how to set up digital identities for signing Microsoft Office 2007 and Adobe Acrobat v8 PDF documents.
more and more documents and intellectual property exist only in digital
form. The question of the integrity of digital content and the
authenticity of the author is thus becoming all the more vital. Digital
signatures can be applied to documents, forms, e-mails, macros and
software. The benefits of applying digital signatures establish the
following three assurances:
1. Authenticity: The digital signature helps to ensure that the signer is who he or she claims to be.
2. Integrity: The digital signature helps to ensure that the content
has not been changed or tampered with since it was digitally signed.
3. Non-repudiation: The digital signature helps to prove to all
parties the origin of the signed content. "Repudiation" refers to the
act of a signer's denying any association with the signed content.
To make these assurances, the content creator must digitally sign
the content by using a signature that satisfies the following four
1. The digital signature is valid (legitimate, current, and not expired or revoked).
2. The certificate associated with the digital signature is current (not expired).
3. The signing person or organization, known as the publisher, is trusted.
4. The certificate associated with the digital signature is issued
to the signing publisher by a reputable certificate authority.
Individual digital certificates can typically be purchased online
from a number of trusted certificate authorities. Organizations that
have an ongoing need for trusted certificates should explore offerings
that use the software as a service (SAAS) model for issuing trusted
certificates to their employees. Such services enable companies to
exchange secure documents without incurring capital costs, hardware,
software or network changes.