Versions Compared

Old Version 13

changes.mady.by.user Md. Abdul Muttalib Hossain

Saved on

compared with

New Version 14

changes.mady.by.user sasi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  •  Start with the use case. refer to the scope once to be clear.

Definitions:

eSign, also known as eSignature An E-Signature or an electronic signature , is a way of signing documents digitally, without needing to print them. It’s sort of like an electronic version of a pen and paper signature or stamp, specific to a person or organization and is both secure and legally binding.

In our context, eSign E-Signature will mean cryptographically validatable signatures.

...

  • Government signing the document G2P – Priority

  • End The end user signing signs the document. P2G - Priority

  • Business signing the document. B2B or B2C - last

...

  • The ability for anyone to sign

    • One time signature - OTP, Biometrics. authentication based E-signature

      • OTP

      • Biometrics

      • PIN

    • One Time Signature

      • WOTS+

      • XMSS

    • Long-term signature -

      • Smart cards

      ,

      • Smart Phone.

    • HD Signature

      • Smart phone

  • Use ID BB to authorize and sign a document.

    • Should be possible to sign with a standalone app, without ID BB.

  • Auditability

  • Validatable

  • Revoke certificate.

  • Highly secure.

  • Preservation of esignature E-Signature

  • Non-Repudiation

  • Long-term validatable.

  • Inclusive

    • Supports multiple social economic backgrounds.

  • Presentation

...

Sample Use cases: - Priority 1

Use case 1: Payroll signature

...

Can we have the payroll statement signed before its sent for the payment block.

Type:

G2B or B2B or B2G

Related use cases

  • Sign you invoice.

  • Sign an RFP

  • Sign a business agreement.

Use case 2:

Use case 3: Signing and verifying a document using desktop computer or mobile phone

...

  • An ID-card, which is a mandatory identity document for all Estonian citizens. The PINs required for electronic signing are issued to you in a security envelope with the card. In order to use your ID-card, you also need a card reader and ID-software.

  • digital ID card: Estonian citizens can use their digital IDs in parallel with ID-cards while foreigners are issued e-resident’s digital IDs.

  • mobile-ID is a SIM card-based solution for electronic authentication and digital signing with a mobile phone. Mobile-ID SIM cards are issued by mobile network operators.

  • Smart-ID is a SIM-independent device-based solution for smartphones.

Standards

PAdES - PDF

https://www.etsi.org/deliver/etsi_en/319100_319199/31914201/01.01.01_60/en_31914201v010101p.pdf

https://www.etsi.org/deliver/etsi_en/319100_319199/31914202/01.01.01_60/en_31914202v010101p.pdf

XAdES - XML

http://www.etsi.org/deliver/etsi_ts\101900_101999\101903\01.04.02_60\ts_101903v010402p.pdf

CAdES

https://tools.ietf.org/html/rfc5126.html

Timestamping

https://datatracker.ietf.org/doc/html/rfc3161