Security Matters

Saving money.  Getting business done faster.  Eliminating the need to print and route paper contracts and documents.  These are some of the great benefits provided by electronic signatures and records.

But you still have questions:  Is it legal?  Can I use these technologies internationally?  In which sectors can I leverage these technologies?  Who else is using electronic signatures, and what benefits are they seeing in the real-world?

The E-Signatures 2011: Electronic Signatures and Records Conference will provide the answers!  Organized by the Electronic Signatures and Records Association (ESRA) and scheduled to be held in Washington, DC on November 9th and 10th, the conference brings together a number of government, industry, vendor, and customer speakers to cover topics including:

• IRS eSignature Programs and Initiatives
• International Adoption and Cross Jurisdiction Issues for eSignatures
• Enabling eSignatures and eRecords for eFiling and eTitling with Motor Vehicle Registration Offices
• eSignature Case Studies
• …and more!

“JITC certified,” you say…what’s that?  JITC stands for the US Department of Defense’s Joint Interoperability Test Command, which carries out extensive work on software and other systems intended to be used by the US military for mission critical purposes.

In this specific instance, Adobe Acrobat and Reader X have been certified by JITC for their compliance with the DoD’s application requirements for Public Key Enabled services, e.g digital signatures.  The testing included intensive, comprehensive evaluations of Acrobat and Reader’s capabilities in:

• Certificate operations
• Signature and certificate status validation
• Path processing and validation
• Configuration and documentation

Adobe is proud to note that we have consistently been certified for JITC compliance in every version of Adobe Acrobat and Reader back to version 7 back in 2006.

Click here for a link to the official JITC list of software and solutions that have been tested for Public Key Enabled compliance.

The Dutch government today announced that DigiNotar’s subordinate Certificate Authorities (subCAs) under the Staat der Nederlanden root certificates will be revoked next Wednesday, September 28th.  This follows on the Dutch government’s removal of trust from DigiNotar, DigiNotar’s removal from the Netherlands Trust List, and the company’s announcement of bankruptcy proceedings.

Continue reading…

Today, Adobe pushed out yet another update to its certificate trust program implemented in Adobe Reader and Acrobat.  The AATL program, launched in 2009, makes it easier for users to view and rely on digitally signed PDFs by automatically displaying a green checkmark for those signature credentials which meet higher assurance requirements when opened in Reader and Acrobat 9 and X.

The update today included the Columbian A.C. Raiz Certicamara S. A. root certificate for Acrobat and Reader X.

Continue reading…

On Wednesday, don’t be concerned/scared/shocked if you see your sales people looking somewhat calmer, your legal counsel winces a little less when you crack a lawyer joke, your chief risk officer smiles at you, and your controller pulls you over and eagerly points to the latest revenue figures.

Why? June 30th is the tenth anniversary of the US federal law that made their lives easier by putting electronic signatures on equal footing with wet ink! That’s right: 10 years ago tomorrow, President Bill Clinton digitally signed into law the ESIGN Act (eSignAct.pdf).

How is this important? The electronic signatures legalized with the ESIGN Act produce dramatic, real-world benefits for Adobe’s customers.

Continue reading…

Signatures are utterly ubiquitous today…so much so, that we don’t even recognize how often and in how many different ways we are signing off on things. Of course, we’re all well-aware when we’re signing a legal document in person, like a mortgage or rental agreement. But we’re also assenting to a purchase when we chicken-scratch our signature on grocery store point-of-sale terminals.  (OK, that’s my chicken scratch.)  Did you know we’re also signing and assenting to a contract when we install software, or agree to privacy terms on a website, by clicking an ‘I agree’ button?  

The truth is, there are many different ways in which we can express our intent.  In the paper world, some agreements require the signatures of multiple parties.  Others, by tradition, necessitate the signer use dozens of pens to sign one name!  Yet others require the use of specially designed stamps.  Different types of signatures for different types of transactions.

These same variations carry over into the electronic realm, based on
necessity, expediency, cost, regulations, and local and national laws.

We’ve explained in this blog what electronic signatures are and how they work.  Adobe eSignatures, launched last week, provides yet another option – a very convenient way to send documents out for electronic signature minus the cost of express delivery.

Continue reading…

Last week, the Swiss government announced (English translation) the launch of the SuisseID, a program intended to provide citizens and business with access to high assurance identity credentials that can be used to access government and business services as well as digitally sign documents with legally binding signatures.

Two Members of the Adobe Approved Trust List (AATL), SwissSign and newly joined QuoVadis, are also key Providers in the SuisseID program.

Continue reading…

Some of our savvy readers and users may have already noticed a dialog box asking them to download a “security settings update from Adobe Systems”:

No, it’s not the latest patch.  In fact, by clicking Yes, Acrobat and Reader 9+ users are downloading an update to the Adobe Approved Trust List (AATL), a list of trusted digital certificates that provides users with better assurances that the digitally signed documents they are receiving can be trusted.  This is visible to document recipients as a green check mark or blue ribbon, depending on the type of digital signature.

In this update, four certificates, two each from Entrust and QuoVadis respectively, have been added to the AATL…

Continue reading…

Adobe is excited to welcome Post.Trust, the certification authority subsidiary of An Post, the Irish postal service, into the Certified Document Services program.

CDS makes creating and receiving authentic documents easier by not
requiring a recipient to explicitly trust the author of the document. 
CDS signatures automatically validate in Adobe Acrobat or Adobe Reader 6.0 and above,
providing integrity and long-term assurance to electronic documents of
record.  Providers involved in the CDS Program are required to meet
stringent requirements for identity vetting, security, and operations.

Continue reading…

Euthymics BioScience, a start-up biotechnology company focused on developing next generation treatments for neuropsychiatric disorders, is now using Adobe Acrobat and GlobalSign Certified Document Services (CDS) signature credentials to digitally sign key documents, according to a recent announcement from GlobalSign, a member of the Adobe Security Partner Community. Euthymics can now eliminate the time and money associated with the traditional paper, pen, routing, and archiving of wet ink signatures, and also better meet critical US Food and Drug Administration requirements, which place a high priority on document authentication and integrity.

Continue reading…