management files
Figure 2: As part of the signature validation process, if changes are made to the document, an error message appears.
The digital signature must be unique to the person using it — Not surprisingly, whether you are receiving a signed document or signing one yourself, you want to be certain the person who needs to be signing your document is actually the right person. Because of the anonymity of the internet, there are limited ways to confirm that someone is who he or she says they are. One method is to be externally vetted by a third-party CA. CAs are entities that are publicly trusted to assign digital identities to individu- als, departments, or companies. This is accomplished by submitting identity verification documents to the CA, which then issues you a unique digital certificate confirming your online identity. You use this certificate to apply digital signatures to your project. This means you can be confident that you alone can apply a digital signature in your name and your recipients can also be confident that it was really you who signed the document. The digital signature must be capable of verification — Verifying the validity of a signature is extremely important whether it is digital or wet ink. This is the reason high-value transactions (e.g., applying for loans and certain contracts) often require a notary for wet ink sig- natures — the parties involved want to ensure the people signing the documents are who they say they are. In this case, the signatures are verified by the notary. But what about digital signatures? This is where acquiring one from a publicly trusted CA comes in handy. Because a trusted third-party CA
ment workflow software will automatically present a trusted signature, avoiding the need to ask recipients to manually trust your signature. • Legally admissible — Should the document integrity or authorship get challenged, the signature evidence is likely to hold up in a court of law How states employ digital signatures Adobe’s Approved Trust List (AATL) certificates are used widely by civil engineers who submit documents such as shop drawings, working drawings, and product data submissions to state and local DOTs. Given the consequences of design flaws or contractors not following designs as specified, DOTs understand the stakes are high, especially when it comes to designs around roads, bridges, and tunnels. For example, in Connecticut, engineers, architects, and construction contractors are able to digitally sign drawings, agreements, and other documents via engineering software such as Bluebeam. A digital ID must also be purchased in order to apply a digital signature, and they must meet the specifications of the AATL. Four common digital signature requirements It’s worth examining practices from other states as well since each one has the authority to decide which rules it will enforce. Following are four common core requirements for digital signature use based on language from digital signature laws in California, Oregon, and Wash- ington, D.C. Check local laws and regulations before investigating solutions that will best meet your needs.
20
csengineermag.com
august 2018
Made with FlippingBook Annual report