Avoco's Cloud signer permits end users to sign web forms, and produce an industry standard PKCS#7 signature without requiring the user to have an X509 digital certificate, browser plug-ins, server-side certificates, etc.
How it works
The cloud signer works by requesting claims from the user's cloud identity. The returned claims are transformed into a temporary X509 signing certificate, that is then used to sign the web form, before being destroyed. Because the private signing key is only seen by a trusted third party (hosting the signing service), the resulting signature has a high non-repudiation rating. This is further enhanced by incorporating into the signature the following:- A timestamp, from an independent time stamping service, to RFC3161, affording a non-forgeable timestamp for the time of signing
- A screen capture of the web form at the time of signing. This prevents the end user or form host from denying what the user saw and agreed to