3 Terminology
Terminology used within this specification.
Last updated
Terminology used within this specification.
Last updated
Copyright © 2024
Term
Description
eSignature, e-Signature, electronic signature, digital signature
A data unit which is used by a Signatory to indicate his or her link to a Document
Certificate
Data that links a public key to a natural person and confirms the name of that person
Signatory/User
A natural person or an application delegated by the user who can create a digital signature
eSignature creation device (SCD)
Configured software and/or hardware used to create an eSignature. Two types of eSignature creation devices are supported: * Local - Private keys are stored locally on mobile devices. * Remote - Private keys are stored on the remote secure storage.
Signing application, Signature requestor, Third-Party
An application that has the Document that needs the Signatory's signature
Document (to be signed)
Data that needs to be signed by the Signatory. It can be any data file in an arbitrary format. Document to be signed is usually handled by a third party and made available to Signatory after signing.
Onboarding
The process of identifying Signatory, issuing a Certificate, and binding it to an eSignature Creation Device. User identification is performed using Govstack's Identity Building Block.
HSM
Hardware Security Module - a device or software that can store private keys safely.
SCD
Signature Creation Device - Can be local or remote based on where the keys are stored.
X509
A certificate format as defined in V3
Timestamp
Compliant to RFC3161
Sign
The process of using SCD or One Time signature APIs to encrypt the hash of the document.
CSR
Certificate Signing Request as per RFC 2986
One time Signature
A private key is created upon authentication of the user and expires right after the signature. Should not be confused with OTS or related signature models.
Revocation
All revocation of certificates will be available over OCSP. Follows the respective standards RFC 8954.