Ask HN: Why isn't there something like Let's Encrypt for document signing? Considering how easy it is to generate a public/private key pair it's not that easy and not cheap to get an widely trusted document signing certificate. Especially one with LTV (longtime valid for verifying) Is this just the market monopoly? If letsencrypt broke it for SSL, couldn't it be done for PDF signing also? |
S/MIME being made for email, you can use port 80 ownership, or dns record ownership to verify control. And documents can be signed as originating from bob@acme.com.
I have implemented s/mime to sign documents automatically between companies. It is the best option that works by default. Powershell and openssl support it, as does outlook for email.
My guess is they don't see enough people asking for this, because those who need what you are asking don't mind paying cheap CA fees like $15/year or so.
It's a legal acceptance problem - and everyone KNOWS docusign and friends and understands how they're admissible. Anything else would have to compete with that and people would be suspicious of it for a long time.
The best way for something like LE for docusign to start would be via a government office of some sort.
We may be saying the same thing, but just to clarify / put another way: it's a legal compliance problem. DocuSign is admissible (in the US) because it adheres to the state and Federal regulations that have been passed which carefully enumerate the requirements of legally acceptable digitally signed documents, for example: https://en.wikipedia.org/wiki/Electronic_Signatures_in_Globa...
It's lower risk in a corporation with a lot to lose to say, here's this implementation that we know is compliant, than to say, we made our own or used an obscure one and we think it is. Corporate politics will usually encourage decision makers to go with the former.
https://www.zealid.com/en/ does it free of charge
1. convenience
2. certainty that someone is who you think they are and they meant to give their approval
3. a "paper" trail
4. And the consequences if you make the wrong call on 2.
For many, but not all purposes, Docusign (plus SMS in many cases to get a code) replaces a lot of fairly routine paper shuffling. It also depends on what a given, often financial, organization has deemed acceptable risk.
Estonia was one of the first to make digital signatures legaly binding with its ID-Card system.
W3C and Google aren't helping things here; by drip-feeding PMM into CSS, they've made it impossible to get a consistent HTML5-based print standard. Which could then be wrapped in "normal" auth0. However, I don't know the details of the whole shebang, all I know is that PMM3 was in the works in 2006 and it never quite came out of its hole. Instead you have to shovel out money to Prince or figure out how Paged.js works. But whether or not that's W3C or Google's fault, I really don't know. Maybe HN could edukamate me.
[1] Particularly the older ones that think they're hip. Others just let their tech-savvy assistants sign everything.
https://www.w3.org/TR/css-page-3/
It's been dripping into @media and other bits and pieces, but there's no universal browser implementation yet, unless you just draw a line and say Paged.js IS the browser implementation.
The project is currently more focused on software signing, but it's generic over any input under the hood. The bigger challenge here would probably be mucking with whatever signature envelope PDFs use, and ensuring that existing PDF verification tooling can consume Sigstore signatures.
FD: I'm involved in the Sigstore project.
Macs even have a terrific signature attachment feature in Preview (the default pdf viewer).
Docusign etc. just add version tracking and document management, but you can just back up email. Even at some scale. Docusign is like buying a picture frame for a document like a diploma, it looks a more official but doesn't change anything.
As long as all parties agree that it’s a signature.
if you started your own product doing it you would get sued by DocuSign and friends, and they have lots of money for lawyers
so quite hard to disrupt their monopoly
Using math does not disqualify someone from obtaining a patent.
It's just series of steps, a recipe. You do "A", then "B", then "C" as outlined in a patent then you violate a patent and the person has the right to sue you. Whether the steps are outlined involve math or not isn't really relevant.
What is covered and not covered by a patent is very arbitrary and based on court precedent. Any sort of sanctions against "pure math functions" are usually easily worked around by including "as done in a computer" or similar language.
Patents are a very good way for governments to retard progress while rewarding large companies for investing in large numbers of lawyers.
So my document plus meta-data like my legal name & email address hashes to b8e24cce6743bf2d86195d1781b068b6fdf1e12a413eb61c16e32e1e5f64f5cc, I get a certificate for b8e24cce6743bf2d86195d1781b068b6fdf1e12a.413eb61c16e32e1e5f64f5cc.sha3-256.docs.mydomain.tld from LE (extra “.” due to the 63 characters per name part limit in DNS specs). By handing over the certificate LE has effectively signed to say that hash was presented to it at that time.
The fact the certificate expires in three months is not relevant: that hash was signed at that time, so it must have been generated then or before then, and it is mathematically impossible (assuming a good hashing algorithm was picked) that when challenged at a later date that I managed to manufacture content that hashes to that value and looks like what I'm claiming to be legitimate & extant at the relevant time, and it is similarly implausible that I forged a certificate that looks like it was signed using one of LE's signing certificates.
Of course the next challenge is convincing people that the certificate means this, and that fact is legally meaningful (assuming, for instance, the “signature certificate” is being verified to prove you created the content before someone who claims something more recent of theirs is prior art).
You also need to stay within LE's limits, so if using only one domain that is at most 50 signed documents per week if you do each individually. You could batch the documents to be signed up in a single set and hash that instead of individual documents, so if you are happy with daily granularity that is only 7/week. If sticking to a regular interval with nice round numbers you can get approx 4-hour granularity (4 signing timeslots per day, so 42 per week, leaving you 8 in case there are circumstances where something time sensitive wants signing right this instant).
Feel free to give back any feedback. I am a mere DevOps Engineer, but I will forward it !
There is no delete account option.
Thanks for the feedback regarding the delete account option, I will transmit it.
The only open source answer I know of is probably not what you want as it would require every party to participate and would require a little setup thus not making it widely adopted. Documents can be signed with GPG but this alone is useless. Every party involved would need a way to publish their public keys and prove that each party actually created said keys. This to me implies inclusion of a public notary in the process. None of this matches your requirement of widely trusted not to mention the added friction. The original method of getting EV certs proves that people will not do this. It used to require a notary Now I can just give a Dun & Bradstreet number and some money to get one.
To my knowledge there is no widely trusted document signing system nor do I expect that to become a thing unless a service that people already use started implementing what I described above. I could see one or more banks offering a service like this. Many already have public notary services.
There are services like Docusign and Docushare as others mentioned and they are used and abused by lawyers and realtors day and night. I honestly do not see any added value by these services beyond being lazy-friendly. If I log in using my email address and click a button that adds a cursive signature that I did not create, that is not really proof of anything. Anyone that could intercept my email could impersonate this. I expect these services to be legally challenged and dissolved in the future for lack of attestation, especially when a future high profile case involves powerful political and corporate persons having to prove they did not embezzle money. Covid made them super popular but I was very surprised to see the legal documents I could get away with clicking in signatures with no other evidence it was me that did this. I am not a lawyer but I am not sure that matters in this case.
In my opinion if you have important documents that you want to prove were signed by you then my suggestion would be to see if your bank offers free public notary services and have them notarized. The page containing the signatures and the notary/bank information can be scanned as part of the document set.
[Edit] I should add that some of the bigger banks will only offer free notary services if the account holder has one of their special accounts. They usually have the name Premier or Priority or some other glorified name.
I think document verification should be more stringent: you want to be sure whoever signed a document is who they claim to be and have the authority to do so, not just that they owned some domain and got a free certificate.
That’s not true — it proves that the certificate issuee (is that a word?) has control over the domain that the certificate is issued to, and thus prevents MITM attacks, which a self-signed cert does not do. It’s not simply a workaround to make browsers happy.
You are correct that it doesn’t prove legal ownership of the entity.
LetsEncrypt exists because identity in SSL/TLS is only about domain name ownership, which is easily checkable using automated scripts if you handwave away the question of how to securely connect to that domain without TLS - ultimately it needs DNSSEC to be theoretically sound but in practice we cross our fingers and hope for the best without it.
The standard PKI is not a monopoly, it's the opposite. It's a competitive market with several players (vs SSL certs where LE just totally dominates due to being subsidized). CAs will sell you certificates usable for PDF document signing but they have to charge money because there is no automated way to verify your legal identity, so manual labor is required and that's expensive.
Therefore, the problem of how to build a LetsEncrypt for data is the problem of how to verify identities at scale automatically. There are two possible approaches you can use here, all of which require new software or infrastructure (which is why it hasn't happened).
1. Sign documents with your domain name! There is no specific reason you can't use an SSL cert to sign a document, it's just that the certs have flags in them that say they're not meant to be used that way. But a key is a key. You can write software that will override those checks and then use the regular standards like CMS, Authenticode or PDF signatures. This could work as long as you domain name was the same as your business/project name, or otherwise unique to yourself somehow. But judges would have to accept it. In the USA it's possible because the law doesn't say much about the exact nature of digital signatures, in the EU it's probably not because the Commission has spelled out in excruciating detail exactly how the PKI and signing specs must work.
2. Verify identities using e-Passports. Every e-passport contains a signed certificate holding your personal data signed by government root authorities, including a JPEG2000 encoded image. To automatically issue a certificate against such an identity, you need:
2a. A mobile app that can dump the NFC chip contents. This is done already, you can find such apps on the Play store (dunno about iPhones though). The data in the chips are public, it's not locked down.
2b. Some way to verify that the person with the public key is the same as in the passport photo. This can be done with face recognition/matching AI.
2c. Some way to re-assure people that uploading their passport contents to a remote server isn't a dumb thing to do. This can be done by running the CA and verification logic inside an SGX enclave, with open source clients (e.g. the mobile apps) that verify the enclave's remote attestation before uploading anything. The data will be encrypted and protected from the owner of the CA hardware.
Now you can create a PKI that auto-issues certs with people's public key, legal name, country and maybe photo in them. The enclave can also issue sub-certs that reveal less information or even certs that use a keyed hash of the passport number or something to give you an anonymous yet unique credential. Of course this new PKI won't be recognized by Windows, PDF viewers, governments or anything else that consumes signatures. That's step 2.
What we really need is a human notary that digitally signs a document that is scanned and printed with a QR sort of notarization on each page.
This has always struck me as a fatal flaw, and yet in practice it seems to never be a problem.
I don't know what to make of this. The easily-drawn conclusions (power of law, ambient human honesty) from these conflicting ideas feel inadequate.
I have witnessed that as well. I made them scan the documents again. It doesn't even have to be a major change in a document to change the context entirely. Sometimes just changing and to or, or our to your can drastically change the agreement. That is easy for a busy lawyer to miss.
You can get free digital certificates to sign PDFs with your email address, from basically any company. But that is hardly a way to verify your identity. Anyone can create any email address they want, and use any name in the address.
The eIDAS directory lists some companies that are pretty cheap. But you will still have to verify your identity, so you can't get a certificate as easily as with Let's Encrypt for websites.
Edit : Docusign and similar services have a free plan, but you can only sign a few documents before you or the submitter have to pay. So it's not free per se, it just has a trial. And they don't really check your id, most of the time. So anyone can create an account with your name too.
Did I miss something ? Can someone give me some clue ?
Digital signatures are an interesting topic.
basically :
- understand the levels of digital signatures There are some security levels about signatures, on whether a timestamp is necessary, on whether the CA should be official your country, about the HW that create the signature... That allow different properties for different usages.
A 'Trust service provider' offers the highest level of certificate. It will typically be rock solid in court.
But it's ultimately still up to a judge to decide if signatures are valid when you go to courts. If you don't get a signature from the TSP in your country, it doesn't mean it will necessarily be invalid. It's just not pre-aproved, and you will have to establish it yourself. (Is there some law person on HN to back me up here ? Do you know of any case where this had been a point ?)
- find a company that provides you a digital certificate. Some IDs in Europe already come with one (especially in Estonia)
If your country does not, you can browse the EU's list of trusted services to purchase one https://esignature.ec.europa.eu/efda/tl-browser/#/screen/hom...
The price of these services can be widely different between companies. I suggest you shop around, as usual.
- Then follow the procedure of the company. They will verify your identity, so don't be surprised if you have to meet them and show some ID.
Notaries are essentially a (relatively) low-friction compromise between just trusting that the person who put some squiggles on a piece of paper is who you think they are and that person traveling to a lawyer's office (or a brokerage etc.) that may be in another state.
Same way you can hopefully get a locked computer account restored without traveling to a Google office in Mountain View between 1 and 2pm on a Thursday to make your case with multiple forms of ID.
The rigor depends on the transaction but usually it's chosen to be a reasonable compromise.
To the specific example of a contract etc., presumably the lawyer has a copy of the original document and that's probably considered canonical in the case of a dispute. There can be edge cases obviously but there are edge cases with everything.
I wouldn't be surprised by DocuSign's involvement as you describe, we have the same corruption in every industry, justified always by the same excuse "They're the experts! Who else would we (congress) ask?" I don't believe the ignorance of the massive conflict of interest in this approach is a coincidence but I digress.
Definitely possible in Belgium.
But they're not convenient for businesses : either they buy certificates for their employees, or they have them signed by the IT department, that provisions their key into any piece of corporate equipment.
Few companies are into the community initiatives, especially when it comes to security.
Also, CACert is not widely recognized. The root certificate is only included in a handful of Linux distros (like Arch or Mandriva, but not Debian)
The amount of time not lost having people watch me perform magic with the pen must have saved way more than DocuSign cost.
While that's true, it probably leaves out a lot of tasks that involved writing checks, running errands, going to various offices to sign things, etc. that have been, if not entirely eliminated, certainly cut back on.
Even passport renewal is available online now.