How to Set Up Digital Identities for Document Signing

By John Adams  |  Posted 2009-02-24 Print this article Print

With the high costs of fraudulently exchanged documents and the extreme ease of obtaining digital signatures to protect against that, there's no longer a good excuse for organizations not to set up digital identities for signing important documents. Here, Knowledge Center contributor John Adams explains how to set up digital identities for signing Microsoft Office 2007 and Adobe Acrobat v8 PDF documents.

Today, more and more documents and intellectual property exist only in digital form. The question of the integrity of digital content and the authenticity of the author is thus becoming all the more vital. Digital signatures can be applied to documents, forms, e-mails, macros and software. The benefits of applying digital signatures establish the following three assurances:

1. Authenticity: The digital signature helps to ensure that the signer is who he or she claims to be.

2. Integrity: The digital signature helps to ensure that the content has not been changed or tampered with since it was digitally signed.

3. Non-repudiation: The digital signature helps to prove to all parties the origin of the signed content. "Repudiation" refers to the act of a signer's denying any association with the signed content.

To make these assurances, the content creator must digitally sign the content by using a signature that satisfies the following four criteria:

1. The digital signature is valid (legitimate, current, and not expired or revoked).

2. The certificate associated with the digital signature is current (not expired).

3. The signing person or organization, known as the publisher, is trusted.

4. The certificate associated with the digital signature is issued to the signing publisher by a reputable certificate authority.

Individual digital certificates can typically be purchased online from a number of trusted certificate authorities. Organizations that have an ongoing need for trusted certificates should explore offerings that use the software as a service (SAAS) model for issuing trusted certificates to their employees. Such services enable companies to exchange secure documents without incurring capital costs, hardware, software or network changes.

John Adams is Chief Technology Officer of ChosenSecurity. John has more than 30 years experience in IT, primarily in the areas of networking and security. John has had extensive experience in the development of hardware and software products, as well as the development of managed services. As CTO of ChosenSecurity, John is responsible for helping set the technical direction of the company. Prior to ChosenSecurity, John was the Executive Vice President of Engineering & Operations and Chief Technical Officer for GeoTrust. Prior to GeoTrust, John worked at RSA Security as its Senior Vice President of Engineering and Chief Technical Officer. Before that, John spent 20 years with Digital Equipment Corporation, primarily in the area of networks and communications. John graduated from Harvard University with an AB in Mathematics, and also holds a BS and MS in Civil Engineering from Tufts University, as well as a PhD in Civil Engineering from MIT. He can be reached at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel