APPLICATION MANAGEMENT


Using electronic signatures in Notes applications
For extra security in IBMR LotusR NotesR applications, you can design forms that will attach electronic signatures to documents. Electronic signatures assure a reader that the writer's identity is genuine and that information has not changed since the writer mailed or saved the document.

Note Signatures are valid only in Notes applications; they are not supported on the Web.

How designers create a form

To design a form whose documents can be signed, you create at least one field to which you assign the property "Sign if mailed or saved in section." This feature is available only for forms that are mail-enabled and for forms that contain controlled-access sections.

You can enable signing of one or more fields on a form. If the field is in a controlled-access section, the signature applies only to the section and is generated when the document is saved. If the field is not in a controlled-access section, the signature is generated only when the document is mailed.

To generate multiple signatures on a form, create multiple signature-enabled fields in separate controlled-access sections.

How Designer stores and verifies electronic signatures

IBMR LotusR Domino(TM) Designer combines the data in a signature-enabled field with the private key from the sender's User ID to create a unique electronic signature. Designer stores the signature, along with the public key and the list of certificates from the sender's ID, in the document.

Storing signatures in documents

Designer stores signatures in mailed documents with the document.

If a user with Editor access in the database ACL changes a field in a document, Notes replaces the existing signature with the signature of the editor when the document is mailed. Notes cannot save more than one mail-time signature for a document.

If the document contains several signature-enabled fields, Designer uses data from each signature-enabled field to generate a signature. After mailing, a change in any field causes verification to fail when the recipient opens the document.

Storing signatures in sections

Instead of signing an entire document, you can sign a section within a document and store an electronic signature with the section.


Example of signature verification

1. Mary mails or saves a sign-enabled document. IBMR LotusR NotesR uses the private key from Mary's User ID and the sign-enabled field data to create a unique signature. IBMR LotusR Domino(TM) Designer also stores Mary's public key and certificates with the document.

2. David opens the signed document to read it.

3. Notes checks to see if the document was signed. If it was, Designer checks the signature against the data to see if it matches.

4. Notes checks the certificates that came from Mary's ID against David's ID to see if they share a common certifier or cross-certificate in the ID.

5. One of the following occurs:

For more information on certification, see Lotus Domino Administrator Help.

See Also