How do I upload a digital signature to epfo

Details about the digital signature

What are digital signatures?

Digital signatures or digital signatures are like electronic fingerprints. In the form of an encoded message, the digital signature securely connects a signer with a document as part of a stored transaction. Digital signatures use the accepted standard format Public Key Infrastructure (PKI) to guarantee the highest level of security and universal acceptance. This is a special technology for electronic signatures. Electronic signatures are also called electronic signatures, e-signatures or e-signatures.

What is the difference between a digital signature and an electronic signature?

The broad category of electronic signatures includes many different types of electronic signatures. The electronic signature is a broad category of different types, including the digital signature. The digital signature is a specific way of implementing the electronic signature.

Both the electronic and digital signature enable the signature and authentication of the signer. However, there are differences with regard to the purpose, the technical implementation, the geographical use as well as the legal and cultural acceptance of the digital signature compared to the electronic signature.

The Anglo-Saxon countries, with their legal system based on common law, have open, technology-neutral laws. In continental Europe, South America and Asia, multi-level models with defined standards based on the technology for digital signatures have established themselves. In addition, some industries can support specific standards based on the digital signature.

Do you want to sign online but don't need a digital signature?

Learn more about electronic signatures

How do digital signatures work?

Like handwritten signatures, digital signatures are unique to each user. Digital signature solution providers such as DocuSign use a special protocol called Public Key Infrastructure (PKI). PKI requires the use of a mathematical algorithm to generate long strings of numbers, so-called keys. One of these keys is public and the other is private.

When a user electronically signs a document, a signature is generated using the signer's private key. The private key is kept secret by the signer. The mathematical algorithm works like a cipher and generates data on the document in question, called a hash, and encrypts the data. The resulting encrypted data is the digital signature. The signature is also provided with a time stamp. If the document is changed after it has been signed, it is invalid.

For example, Ms. Jensen signs a declaration to sublet her apartment using her private key. The interested party receives this document. He also receives a copy of Ms. Jensen's public key at the same time. If the public key is unable to decrypt the document, this means that it is not Ms. Jensen's signature or that the document was changed after it was signed. The signature will then be deemed invalid.

To protect the integrity of the signature, PKI requires that the keys be generated, executed and stored in a secure manner. In many cases, the service of a trustworthy institution is required, the certification authority (English: Certificate Authority, in short: CA).

First steps

Frequently asked questions about digital signatures

How do I create a digital signature?

Electronic signature providers like DocuSign offer solutions based on digital signature technology and make it easy to digitally sign documents. They provide a platform to sign and send documents online and work with certification authorities to provide trusted certificates.

Depending on the respective certification body, the provision of additional information may be requested. There may also be restrictions as to who the documents may be sent to for signature or a special order may be required. The DocuSign interface guides you through the process and ensures that you meet these requirements. When you receive a document for signature via email, you must authenticate yourself according to the instructions of the certification authority and then sign the document by filling out an online form.

What is the Public Key Infrastructure (PKI)?

The public key infrastructure is a series of requirements that make it possible (among other things) to generate digital signatures. With PKI, every digital signature transaction includes a pair of keys: a public and a private key. The private key, as the name suggests, is not public and is only used by the signer of an electronic document. The public key is freely available and is used when necessary to check the electronic signature of the signatory. PKI requires additional elements such as the certification authority (CA), a digital certificate, software for the end user and tools for the management, renewal and revocation of keys and certificates.

What is a Certificate Authority (CA)?

Digital signatures are based on public and private keys. These keys must be protected to ensure security and prevent fraud or malicious use. When you sign or send a document, it must be guaranteed that the documents and keys are securely generated and that valid keys are used. Certification authorities (CA), a type of trust service provider, are independent organizations that have established themselves as a reliable body for secure keys and that provide the necessary digital certificates. Both the sender of a document and the recipient must use a specific certification authority.

DocuSign is also a certification authority if the DocuSign Express Digital Signature is used for signing or the DocuSign EU Advanced specially developed for the European market. Information on the eIDAS guideline

Why should I use a digital signature?

Many industries and geographic regions have established eSignature standards for business documents based on digital signature technology, as well as special certification authorities. Compliance with these local standards and cooperation with trustworthy certification authorities ensures the acceptance and enforceability of a solution for electronic signatures in every local market. Using the PKI method, digital signatures use an internationally recognized and standards-based technology that helps prevent forgery or changes after signing.

What digital signature solutions does DocuSign offer?

DocuSign's standards-based signatures enable you to comprehensively automate and manage digital work processes. The powerful functions of the solution are used, while compliance with local and industry-specific standards, including CFR Part 11 and the eIDAS guidelines, is guaranteed within the EU. In the EU, DocuSign delivers all signature types defined in eIDAS, including advanced electronic signatures (AdES) and qualified electronic signatures (QES).

What is a digital certificate?

What is a digital certificate? A digital certificate is an electronic document that is issued by a certification authority (CA). It contains the public key of a digital signature and specifies the identity in connection with the key, such as the name of the organization. The certificate confirms that the public key belongs to the specific organization. The certification body acts as a guarantor. Digital certificates must be issued by trustworthy organizations and are only valid for a certain period of time. They are required to generate digital signatures.