6.4.3    Setting options of the signing function

On the "Options" dialog you can select the signature format and further options. While selecting the signature format make sure that the selected format is permitted and accepted on the receiver's side.

Governikus DATA Boreum supports several, internationally standardised formats for electronic signatures. These formats are explained in chapter 9 section 9.7.

6.4.3.1       Select default signature mode (CAdES)

·     Embed document in signature file (enveloping): The file is signed according to the CAdES standard. Exactly one new file is created. The file that is to be signed is embedded into a signature file (enveloping). The newly created file has the same name as the original file; the file is extended by the suffix p7s. Example: The file name example.docx becomes example.docx.p7s. The contained original file can only by viewed or extracted by an appropriate validation program, for example by the "Validate" function of Governikus DATA Boreum.

·     Add signature as extra file (detached): The file is signed according to the CAdES standard. The original source file is kept; a second file contains the electronic signature according to CAdES (detached). For proving integrity and authenticity both files are needed. If for example the file example.docx is electronically signed with this option, the file named example.p7s is created, which contains the electronic signature. If the target directory is the source directory the p7s file is saved there. In case you have set a separate target directory, the original source file and the p7s file are saved there.

Note

Note: A file (e.g. sampleletter.docx) can be signed detached by any number of persons in succession. The signatures are all included in a signature file (e.g. sampleletter.docx.p7s), provided the signature file is in the same folder as the content file. If the signature file is in a different folder than the content file selected for signing, a new signature file is created with the signature process.

6.4.3.2       Signing of PDF documents (PAdES)

In this dialog section you first select in which format the PDF file should be signed.

·     The standard signature format (CAdES) is rather rarely chosen for PDF files.

·     The PAdES format is the usual format for signing PDF files.

Selecting the signature format

·     Use default signature format: Like all other files, PDF files are signed in the format CAdES, selected under "Select default signature mode", see above. This setting is rarely used for PDF files.

With the following option you specify that you want to use the PAdES signature format, typical for PDF files.

Achtung

Attention: Please be sure to note that the settings for the PDF signature are largely determined by the configuration on the "PDF" tab in the "Settings" and not via this dialog section! Please read chapter 5.6.

·     Use PDF signature: After selecting this option the fields "Signature field template" and "Cause of signature" are active. In this format the signature is applied within the PDF-file and the file gets the suffix _signed.pdf.

-      Signature field template: If templates are already created or imported you can select a template here. If you select "None" the PDF signature is applied with the settings saved on the "PDF" tab in the "Settings" dialog. You can call the "PDF" tab via the link "Set options" on the right above the select list. The "PDF" tab is explained in chapter 5.45.6.

-      Cause of signature: Here you can enter a cause for the signature, like "confirmed correct" or "payment authorised". The input field is limited to 50 characters. If you don't want to specify a cause, leave the field blank.

-      Location: Here you can enter the place of signing with a maximum length of 50 characters or, if you do not want to specify a place, leave the field blank.

Note

Note: If you enter a reason and/or place for the signature here, this information is displayed when a visible signature field is selected. For invisible signatures, this information is also included in the signature information of the PDF document.

6.4.3.3       Signing of XML documents (XAdES)

XAdES is an acronym for XML Advanced Electronic Signatures. If the file that is to be signed is an XML document, you can decide here how the signature is applied.

·     Use default signature format (CAdES): Governikus DATA Boreum does not try to create a signature in XAdES format. Instead the signature of the XML file is created in a separate file that has the additional file suffix sig (CAdES detached), see above.

·     Use XML signature: In this case a signature in XAdES format is created. An advantage is that the validity of documents signed with XAdES is extended and independent of underlying encryption algorithms. The signature is created detached. For detached signatures an additional file is added where the suffix sig.

6.4.3.4       Timestamp Service

If you have configured the Authentication Service and the Timestamp Service in the settings on the "Governikus" tab, see chapter 5.4, you can select the checkbox "Apply timestamp" here.

·     Apply timestamp: You can add a timestamp on this dialog. Please read chapter 7.1 for further information.

Default

As explained in chapter 6.3 you can save the settings on this page as default. If you use the navigation arrows in the lower right area of the dialog, this dialog is omitted in later signing calls.