Setting the signature typeAdded by IBM on October 10, 2012 | Version 1 (Original)
|You can use a number of different signatures engines. Tags: signatures, signature engines, generic RSA, authenticated clickwrap, Microsoft CryptoAPI, Netscape, entrust, clickwrap, Silanis, Microsoft cryptoAPI, Entrust, Clickwrap, XML DSig, signature type, XFDL, 8.0, spec
XFDL supports a number of different signature engines. Each signature button must be configured to use a specific engine when signing the form. The available engines are:
For forms that are opened in Webform Server, all signature types except for Clickwrap require the use of the Webform Server plugin/ActiveX control. The plugin/ActiveX control is automatically downloaded to the browser when it is needed.
You can specify the signature engine for your form by using the engine parameter in the signformat option. If you do not include a signformat option or do not set the engine parameter, the form will use the Generic RSA engine by default.
Note: XML DSig is not a signature engine itself, but a set of rules that determines what should be signed. An external signature engine, such as Generic RSA, Microsoft CryptoAPI orNetscape, is used to sign the form.
- Generic RSA
- Authenticated Clickwrap
- Microsoft™ CryptoAPI
- XML Digital Signature (DSig)
The Generic RSA engine is the default signing engine, and is used if no other engine type is specified in the signformat option. It automatically searches for any standard RSA certificates on the user's computer, which includes both Microsoft CryptoAPI and Netscape certificates.
The CryptoAPI engine uses certificates located in the Microsoft certificate store to encrypt signature buttons for security purposes.
The Netscape engine uses certificates located in the Netscape certificate store for signature security. Although the Viewer does not support Netscape, the Firefox browser also uses Netscape certificates.
Clickwrap signatures are electronic signatures that do not require digital certificates. While they still offer a measure of security due to an encryption algorithm, Clickwrap signatures are not security tools.
Authenticated Clickwrap enables users to securely sign a form without relying on an extended PKI infrastructure.
The Entrust engine uses Entrust certificates rather than RSA certificates. As such, users must have Entrust software installed on their computers to access those certificates.
The Silanis engine uses special Silanis technology. As such, users must have Silanis software installed on their computers to access those certificates and use Silanis to set signatures.
XML DSig (Digital Signature) is a standard published by the W3C that defines a common way of creating a signature in an XML document. This standard defines how to express the signature within an XML syntax, and how to determine what portions of the XML document are signed.