The digital signature is - as the name suggests - an electronic signature and has the same function as a hand-written signature. In daily life signing documents or contracts is a reliable and commonly accepted procedure. Today however more and more business transactions are conducted via public networks. The goal is to improve the efficiency of business processes between partners. As one does not see the partner 'in persona' anymore, the necessary integrity, authenticity and reliability have to be implemented digitally.
The digital signature allows to keep track of who signed at a given time which document. It also guarantees that there have not been any subsequent changes after the signature of the document.
For all our documents that are digitally signed and used for external communication (quotations, orders,...) PDF/A will be used as a standard. PDF/A is a specific variant of PDF that allows long-term archiving and support digital signatures.
Signature Process Overview
The generic process for signing a document will be as follows
- An MS-Word / MS-Excel / MS-PowerPoint document is converted to PDF/A.
- The PDF/A document will be signed using an internal digital signature process.
- The signed document will then be sent out to the contracting partner.
Adobe PDF/A as a standard
Information technology has the tendency to change quickly over time. To guarantee readibility of electronic documents (including the digital signatures) over a long period of time; it is required to use the correct file format. The file should not contain hidden information (comments, deleted or invisible blocks etc.) and should contain all info needed to reproduce its content on screen or paper regardless of the platform (fonts, colors,...). Acceptable file formats for external communication using digital signatures should therefore be reduced to ASCII, TIFF and PDF/A.
Siemens Public Key Infrastructure (PKI)
The basis for our digital signatures are the authentication certificates issued within the Siemens PKI. The Siemens Trust Centre provides services for the operation of the Public Key Infrastructure (PKI). The Siemens Issuing Certificate Authority delivers the user certificate needed to digitally sign documents.
Siemens employees have been provided with a corporate ID-card (smart card) containing their digital certificate. A cryptographical chip is integrated into the SmartCard which is protected by a PIN defined and managed by the employee himself.
How to enable validation of Siemens PKI signatures in Adobe Reader ?
Click here to get a detailed description of the procedure to follow to check & validate the Siemens PKI signatures on a non-Siemens PC.