eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Today, more and more documents and intellectual property exist only in digital form. The question of the integrity of digital content and the authenticity of the author is thus becoming all the more vital. Digital signatures can be applied to documents, forms, e-mails, macros and software. The benefits of applying digital signatures establish the following three assurances:
1. Authenticity: The digital signature helps to ensure that the signer is who he or she claims to be.
2. Integrity: The digital signature helps to ensure that the content has not been changed or tampered with since it was digitally signed.
3. Non-repudiation: The digital signature helps to prove to all parties the origin of the signed content. “Repudiation” refers to the act of a signer’s denying any association with the signed content.
To make these assurances, the content creator must digitally sign the content by using a signature that satisfies the following four criteria:
1. The digital signature is valid (legitimate, current, and not expired or revoked).
2. The certificate associated with the digital signature is current (not expired).
3. The signing person or organization, known as the publisher, is trusted.
4. The certificate associated with the digital signature is issued to the signing publisher by a reputable certificate authority.
Individual digital certificates can typically be purchased online from a number of trusted certificate authorities. Organizations that have an ongoing need for trusted certificates should explore offerings that use the software as a service (SAAS) model for issuing trusted certificates to their employees. Such services enable companies to exchange secure documents without incurring capital costs, hardware, software or network changes.
7 Steps for Signing Office 2007 Documents
7 steps for signing Microsoft Office 2007 documents
Step No. 1: Click the Office button, Prepare, and then choose Add a Digital Signature.
Step No. 2: You will see a Microsoft Office dialogue box. If you already have your digital certificate from a certificate authority, just click OK. If not, you can choose to be redirected to obtain a valid signing certificate from Microsoft’s Market Place.
Step No. 3: Click Yes to save the document as an Office 2007 format.
Step No. 4: A Sign dialogue box will appear that defaults to use an appropriate signing certificate. If you have multiple certificates installed, and this is not the one that you wish to use, click on the Change button to select the correct certificate. In the Purpose for signing this document text box, you can enter a reason for signing or leave it blank. Click the Sign button when all values are correct.
Step No. 5: The Signature Confirmation dialogue box appears. Click OK to proceed.
Step No. 6: If there are no problems with the certificate, the document will now be signed. Note that if the certificate you are using was not issued from a trusted certificate authority, a Signatures task pane will be displayed where you will need to correct any problems identified.
Step No. 7: The digital signature is now apparent in the lower left-hand corner of the document where a red ribbon is displayed. You can click on the ribbon to display information about the signing certificate and purpose for signing the document.
5 Steps for Signing Adobe Acrobat v8 PDFs
5 Steps for Signing Adobe Acrobat v8 PDFs
Step No. 1: From the main menu, select Sign and then Certify with (or without) Visible Signature.
Step No. 2: Choose your Digital ID (Certificate), Appearance and Permitted Changes.
Step No. 3: Click on Sign.
Step No. 4: Adobe will ask you to Save your PDF to complete the signing.
Step No. 5: Note that only certificates that have been issued from Adobe CDS Digital Certificate providers will be inherently trusted within Adobe Acrobat and Adobe Reader.
Prior to ChosenSecurity, John was the Executive Vice President of Engineering & Operations and Chief Technical Officer for GeoTrust. Prior to GeoTrust, John worked at RSA Security as its Senior Vice President of Engineering and Chief Technical Officer. Before that, John spent 20 years with Digital Equipment Corporation, primarily in the area of networks and communications.
John graduated from Harvard University with an AB in Mathematics, and also holds a BS and MS in Civil Engineering from Tufts University, as well as a PhD in Civil Engineering from MIT. He can be reached at jadams@chosensecurity.com.