<TODO: Finalize with the team>
- Start with the use case. refer the scope once to be clear.
Definitions:
eSign, also known as eSignature or an electronic signature, is a way of signing documents digitally, without needing to print them. It’s sort of like an electronic version of a pen and paper signature or stamp, specific to a person or organization and is both secure and legally binding.
...
The ability for anyone to sign
Jürgen: one-time signature with OTP (i.e enter code sent via SMS) - weaker security
Jürgen: signature with hardware device (smart card, phone etc) - stronger security
Use ID BB to authorize and sign a document.
Jürgen: ID BB is probably good for cloud platforms (i.e signing portals)
Jürgen: Should be possible to sign with standalone app, without ID BB
Auditability
Validatable
Revoke signatures.
Jürgen: Is it meant to be revoke certificates? Revoking signatures I think very hard to do.
Highly secure.
Preservation of esignature
Jürgen: Non-Repudiation should be possible
Jürgen: Lawful/qualified e-signatures (i.e made equal to hand written signatures by law)
...