Validate electronic signature
A validation checks the validity of an electronic signature and (uniquely) assigns it to a signatory. If a validation is not carried out or if the assignment between signature and signer is not unambiguously possible (e.g. by using a self-signed certificate), it cannot be assumed that the natural person named in the certificate has provided the signature himself.
The use of an advanced electronic signature enables a clear assignment to a natural person, since only this person has access to the certificate file including the associated password to execute such a signature.
Simple validation
If you have set your Adobe Reader or Adobe Acrobat as recommended (security settings, root certificate, timestamp, personal certificate), a simple validation of the electronic signature is sufficient.
1. Open the PDF document to be verified in Adobe Reader or Adobe Acrobat.
2. All electronic signatures in the document are now automatically verified by the default settings (this may take a little time)
A blue display bar will then appear below the menu bar.
3. If you see a green check mark and the text 'Signed and all signatures are valid' in this blue display bar, you can assume that the signature(s) applied are valid and trustworthy [Picture 1].
For all other displays, check the signature more closely. The most common messages and error messages, as well as the corresponding procedure can be found here.
4. Further details, such as the order of multiple signatures, can be seen in the 'Signature Panel' [Picture 2].
Extended validation
If you want to check the signature in detail, you can take a closer look at the following points:
- Certificate: validity, holder, issuer
- Time stamp: Time, validity, issuer
- Document: not modified or damaged
You can do this as follows:
1. Click on the signature in the document and select 'Signature Properties'. Even if the electronic signature does not contain any known representation of a handwritten signature, it can be valid.
2. Here you can check the following points, among others
- Certificate owner (full name, e-mail address of the UoC)
- Signing time
- Integrity of the document
- Usage of the timestamp service
- Validity of the signatory's certificate
To obtain further information on the signatory's certificate, find 'Show Signer's Vertificate...' and click 'Signer Info'.
3. There you can view the following information in the 'Summary' tab:
- Certificate holder (full name, e-mail address of the UoC, (if applicable) organizational unit, UoC as organization)
- Issuer: DFN-Verein Global Issuing CA
- Period of validity of the certificate
4. In the tab 'Revocation' you can check whether the signer's certificate is valid or is listed on a revocation list.
5. For more information concerning the timestamp used, close the 'Certificate Viewer' window and select 'Advanced Properties...' from the Signature Properties window that is still open [Picture1]. There you can display the certificate of the time stamp used ('Show certificate...') [Picture 2]. In the 'Summary' tab [Picture 3] you can check whether
- the issuer of the time stamp is DFN-Verein (DFN-Verein Global Issuing CA) and
- the time stamp is valid.
Overview
Trust levels
[Picture 1]: This electronic signature is based on a certificate which can be used for an advanced electronic signature. This can be recognized by the issuer of the certificate (DFN-Verein Global Issuing CA).
[Picture 2]: This electronic signature is based on a certificate that can be used for a qualified electronic signature. This can be recognised by the blue lock.
[Picture 3]: This electronic signature is based on a self-signed certificate. This can be recognised by the fact that the signatory and issuer of the certificate are identical. In addition, you receive the message "This is a self-signed certificate" in Adobe Reader/Acrobat.
Signature representation
An electronic signature often does not resemble the familiar manual signature in its visual representation. Even if the visual representation does not contain the name of the signer, for example [Picture 4], the certificate on which the signature is based can still be valid. Validation is required to determine this.
Contact
If you have any questions or problems, please contact the RRZK-Helpdesk