Digital signatures are among the most secure electronic signatures. When you use digital signatures, each user is given a digital certificate. This certificate is actually a small file on a disk or on another device, such as a smart card. Each certificate also contains a unique code, and the certificate imprints this code on each signature you create with it. This means that all of your signatures can be traced back to your certificate, and the certificate itself can be traced back to you. In this way, digital signatures identify you through a clear chain of ownership.
® Forms supports signatures based on the RSA standard. This is a public standard that is broadly supported by both Public Key Infrastructure (PKI) and browser vendors. IBM
Forms products rely on the security libraries in the Microsoft
™ Internet Explorer and Netscape browsers to provide support for RSA signatures.
When to use digital signatures
Digital signatures are best used for controlled groups who require tight security. Remember that each user must receive a certificate, and further that each user must keep that certificate safe from theft and copying. This means that applications for the general public are not normally good candidates for digital signatures unless there is a large body already distributing certificates to the public (such as the government).
Digital signatures also incur significant overhead. To issue and track digital signatures, you need a Public Key Infrastructure (PKI), which can be costly and time consuming to maintain. In general, most organizations will not adopt this sort of system unless they have a strong security need (or are mandated through law). For example, military organizations or other government agencies might use digital signatures.
Parent topic: Signature types