This service is provided by the Digital Signature Service System in MeSign Cryptographic Infrastructure to provide the digital signature service of PDF files, the time stamping service system provides the time stamping service, and the certificate revocation status system provides signature long-term validation data (LTV). The key management system provides the signing key escrow service. The certificate issuing system issues the document signing certificate on demand after the user completes the identity validation, and the identity validation system is responsible for completing the user’s identity validation. In other words, to complete the digital signature service of PDF files, six systems in the MeSign cloud cryptographic infrastructure are required to provide services in collaboration. This service can be used to digitally sign PDF documents, electronic contracts, electronic employee agreements and other PDF format files. The signed PDF files are Adobe global trusted and global legal effect.
The PDF file digital signature service is delivered in the SDK mode, which helps users realize the PDF file digital signature with timestamp plus LTV service with one click, so that users do not need to upload the file to be signed to any e-signature platform. The signature service is completed locally, thereby protecting user document privacy information and business secret security.
For users who have PDF programming capability and want to integrate MeSign digital signature service more flexibly, they can call MeSign E-sign API service without integrating any SDK package to directly implement digital signature of PDF documents.
For PDF files used for internal office, in order to protect the security of the confidential information in these confidential documents, you can use the certificate encryption technology to protect it, encrypt it with the public key of the user who has the right to read the document, and the user uses his own private key to decrypt the encrypted documents using Adobe Reader for decryption automatically. So, even if other unauthorized readers get this PDF file, they cannot decrypt and read it. Only in this way can the security of the confidential file be truly protected, because even if the file is illegally leaked, it is still secure. The encrypted confidential files stored in the system makes the file lose its value of being stolen and leaked, thereby ensuring the security of confidential files.
Each user must have an encrypting certificate (including encryption key). The user submits a request to obtain an encrypting certificate through the SDK. The certificate is bound to the user email address. After the email control validation is done, the encrypting certificate is issued to the user and downloaded to SDK key store, used to decrypt the encrypted PDF file. The business system posts the email address of the authorized reader to the SDK, and the SDK obtains the public key of the authorized reader, and the SDK is responsible for encrypting the PDF file with this public key to realize PDF file certificate encryption.
Because Adobe Reader supports automatic and non-sense decryption of the encrypted PDF files, you only need to have a decrypting certificate on the user's computer. Therefore, there is no need to post the encrypted file to the SDK, and the user has the right to read the encrypted PDF file can read it using Adobe Reader directly.