LogoLogo
Give FeedbackGovStack Home
23Q4
23Q4
  • E-Signature
  • 1 Version History
  • 2 Description
  • 3 Terminology
  • 4 Key Digital Functionalities
  • 5 Cross-Cutting Requirements
  • 6 Functional Requirements
  • 7 Data Structures
  • 8 Service APIs
  • 9 Internal Workflows
  • 10 Other Resources
Powered by GitBook

Copyright © 2024

On this page

Was this helpful?

Export as PDF

3 Terminology

Terminology used within this specification.

Last updated 1 year ago

Was this helpful?

Term

Description

eSignature, e-Signature, electronic signature, digital signature

A data unit which is used by a Signatory to indicate his or her link to a Document

Certificate

Data that links a public key to a natural person and confirms the name of that person

Signatory/User

A natural person or an application delegated by the user who can create a digital signature

eSignature creation device (SCD)

Configured software and/or hardware used to create an eSignature. Two types of eSignature creation devices are supported: * Local - Private keys are stored locally on mobile devices. * Remote - Private keys are stored on the remote secure storage.

Signing application, Signature requestor, Third-Party

An application that has the Document that needs the Signatory's signature

Document (to be signed)

Data that needs to be signed by the Signatory. It can be any data file in an arbitrary format. Document to be signed is usually handled by a third party and made available to Signatory after signing.

Onboarding

The process of identifying Signatory, issuing a Certificate, and binding it to an eSignature Creation Device. User identification is performed using Govstack's Identity Building Block.

HSM

Hardware Security Module - a device or software that can store private keys safely.

SCD

Signature Creation Device - Can be local or remote based on where the keys are stored.

X509

A certificate format as defined in

Timestamp

Compliant to

Sign

The process of using SCD or One Time signature APIs to encrypt the hash of the document.

CSR

Certificate Signing Request as per

One time Signature

A private key is created upon authentication of the user and expires right after the signature. Should not be confused with OTS or related signature models.

Revocation

All revocation of certificates will be available over . Follows the respective standards RFC 8954.

V3
RFC3161
RFC 2986
OCSP