The software most coplete and sure for digital signature with legal value

In compliance with Italian and European laws and verifications ITSEC

Integration with the software more diffuse:

Microsoft® Word, Excel, PowerPoint®, Internet Explorer, Outlook®, Project,
Adobe® Acrobat®, Acrobat® Reader…

Thoroughness: all that that serves to the customer of the digital fingerprint

DigitalSign 2,0 concours to carry out all the relative operations to the digital company of documents informed to us: from the generation of the keys of company to their autocertification and certification according to the law, from the subscription of documents to the verification of signed documents, until the conservation of their legal value in the time. It is possible, using the most diffuse software of individual productivity, to create documents and contracts with opponibile legal value to thirds party, to exchange them in sure way by Internet with Microsoft Outlook 2000, signing and number for confidentiality also the email. A comfortable and exhausting "Help On Linens" assists the user in all the operations and explains the base concepts of the digital company in compliance with requirement of the Italian and European law and the coding of documents. For greater emergency the product has an integrated module, IS View, for the visualization of documents in forms more diffuse standards, without having to resort to external applications, not always available. DigitalSign 2,0 can be supplied complete of smartcard according to the law, the relative reader for PC and the certificate of the public key of company, released o from a recognized italian legal certificator

 

Semplicity: your digital company with the more diffuse software

 DigitalSign 2,0 is integrated with the most diffuse software of individual productivity, between which: Microsoft® Word, Excel, PowerPoint®, Project, Visio, Internet Explorer and Outlook® 2000, Adobe® Acrobat® and Acrobat® Reader, CorelDRAW® and, in a generalized manner, all the compatible software with the architecture "Active Document" of Microsoft. Directly from inside of DigitalSign 2,0, with more elevated level than emergency, the user manages ( creates, opens, visualizes, saves...) all the managed types of document from such applications, in the area of protect memory, seeing visualized in a complete window the directory of the present companies and, in coding case, the list of the adressees authorizes  to the reading. DigitalSign 2,0 moreover concurs to user to sign and number the messages of e-mail, complete of eventual rows encloses , directly from Microsoft Outlook 2000, simply "clicking" on the rights ones icon. The single encloses  can  be constituted from documents informed to  signed from various subjects and eventually coded   for various adressees.

 

What You See Is What You Sign: you see what you sign

The technology WYSIWYS What You See Is What You Sign confers to the operation the most elevated level than today is possible  in emergency. It goes evidenced that for before the time in the history the underwriter does not have the same possibility of directed physical control on the document, but only through the instruments informed  of digital fingerprints. The informed documents are  sequences of "bit", not understanding by user and readble only through the visualization software. The same operation of company is a computer science procedure (applied to "reassumed" of the document, the fingrprint to 160 bit), also it's  outside of the control of the underwriter, that it associates to the computer science document a bit sequence, the digital fingerprint, and engages the titular subject. It turns out easy to comprise as it is important to arrange of just a software of digital fingerprint that  guarantees a reasonable level of emergency and that just what we sign represents has been introduced to video. Technology WYSIWYS, applied  to ST-View and to the software integrated in DigitalSign 2,0 (is looked  table) manages documents to sign, to verify and/or number in an area of protect memory, allowing the user to verify their content with clarity and to sign them with the greater level of today possible emergency.

 

Greater emergency for the customer

In adding to the technology "What You See Is What You Sign", DigitalSign 2,0 has some series of functions and of dispositions in a position to offering to greater emergency in the operating activities of digital fingerprints and coding of documents for confidentiality. As instruments for the generation of the keys of company and the same companies come used special smartcard equipped of cryptographic microprocessor, devices electronic progrmmable at the origin, not "clonable" like a simple floppy disk, whose activation is protect from a mechanism of password (PIN/PUK) definable from user. The use of such smartcard comes rendered still surer in the working truth completing DigitalSign with the reader of digital print them (dispositive optional). The necessity dell'apposizione of the finger of the holder of the smartcard integral in fact in simple way, the emergency offered from the codes of protection of the smartcard. Such sagacity turns out very useful in job atmospheres crowds, to directed contact with the public (where the code could be spied on during the digitation and the smartcard easy embezzled) or in the case in which it is necessary to prevent operations of "delegation "of the subscription. The availability of functions of "key backup" concurs to carry out copies of emergency of the private key of coding (not of that one of subscription or certification), assuring therefore, in breakdown case or loss of the smartcard, the possibility to recover documents number to you for confidentiality.

 

Legal value of documents informed to us and contracts via Internet

The digital fingerprint realized them in compliance with the norms renders to all the law effects valid and important the documents informed, their recording on computer science support and their transmission for data transmission. Its employment concurs therefore to exchange documents via Internet with legal value and to conclude contracts in short time at  distance, without the necessity to move itself in order to meet the other  rappresentant and with the guarantees of opponibility to thirds party in judgment equal, or quite advanced, to those of contracts concluded in traditional way. In the applications in which it is important to conserve in the time the legal value of the computer science document, it is necessary to be able to attribute to it one given sure and to demonstrate that the company has been on purpose during the period of validity of the public key of the underwriter. That is obtained through "marks thunderstorm to it", rising of signed computer science certificate from a certificator recognized in the Italian legal ordering, that associates date and hour just to that particular document. DigitalSign 2,0 is predisposed in order to concur with the customer to have use of  the services of temporal marking through Internet. Validity limited in the time marks thunderstorm has one: in order to extend it  is necessary to affix  marks before the expiration. For the organizations in a position to managing of an articulated procedure, an alternative to  renew of the Marches is the recording of documents on optical supports second the norms of Deliberation AIPA 24/98. In the cases in which the possibility is particularly important to make to be worth in judgment the content of an agreement concluded through Internet or, more in a generalized manner, than a computer science document, it is recommended, and DigitalSign concurs, to use forms you of document covered from international standards ISO, which ASCII, tiff and JPEG, or of market, which the pdf.

 

Sure email and documents reserve on your PC

The customer of DigitalSign 2,0 can sign and number messages email from Microsoft Outlook 2000 directly. The company and the coding include documents enclose, to they time, can be signed and number also from various underwriters. Es: the mr White send to the mr. Red a signed and number message email, that it contains in attached a contract signed from the sig. Greens and destined to the sig. Black. For confidentiality the contract can be number on the key of the mr. Black, so that only these can read it. The mr. Red, receipt the mail, transmits the attached one to the mr. Black that will be able to verify the inthegrity of the contract and the identity of the underwriter (the mr. Greens), with the emergency that, during the transit on the Internet and in several passages, the confidentiality of the information always has been protect. Moreover the customer can use DigitalSign 2,0 also in order to conserve documents reserves you on just the PC in number shape, with a level of emergency between more elevates to you.

Main characteristics and functions

 

Firmable documents

Whichever type of computer science document - textual, audio, video and multimedial- presentable to the underwriter at the moment of the company.

 

Coding documents (for confidentiality)

 It is possible number whichever type of document or rows in order to conserve it on just the PC or to send it with the highest level than confidentiality.

Company and coding of documents with the software more diffuse on the market

Directly from DigitalSign 2,0, the user can use the software in order to create and/or to visualize documents, put the own company, to verify the companies of others, number them for confidentiality (for greater details looks at table 1): Microsoft® Word, Excel, PowerPoint®, Project, Visio, Internet Explorer, Adobe® Acrobat® and Acrobat® Reader, CorelDRAW®. Other compatible products software with the architecture "Active Document" of Microsoft. To outside of the direct control of DigitalSign it is however possible to visualize - and consequently to sign and number - whichever gestible document by means of an application installed in just it arranges.

Visualizator of display unit integrated for documents in standard format 

ST-View®, the module in DigitalSign 2,0, is in a position to visualizing documents memorize  in forms  more diffuse: JPEG, tiff, BMP, rtf, plain text (TXT), Adobe Photoshop (PSD), EPS, PCX, png, TGA, WMF (for greater details look at table 1). In the document case with particular legal importance, The use of form specifies in international standards ISO (ASCII, tiff or JPEG as an example) or de facto (as the pdf) can facilitate the possibility of demonstration of the content in judgment.

What You See Is What You Sign: greater emergency in the visualization and fingerprint of documents

Technology WYSIWYS - that you see is that firm - elaborates documents visualizes to you to the customer into an area of protect memory, controlling the operations of calculation of the print and relative passage to the smartcard, so as to to associate the company to the document with the greater level of today possible emergency. Such technology of emergency covers  visualizes the documents from ST-View that those it visualizes from DigitalSign 2,0 by means of the software more diffuse on the market (looks at table 1 for an indication of the various levels of protection).

Mutiple signatures

The customer can open a document already signed from one or more subjects and put the own digital sign; the companies associated to the document  haven't particular limits to the number of possible companies and are all clearly visible and verifiable thanks to technology WYSIWYS.

Email surer

Operations of signing and coding directly from the e-mail software (the sure company concurs of to the integrity of the message and, if it is certifyed, of identity of the sender, while the coding protect the confidentiality of the information). The sign and the coding include documents enclose to you that, to they time, can be signed and number to you also from various underwriters. DigitalSign 2,0 is usable directly from inside of Microsoft Outlook 2000.

Conservation in the time of the legal value of documents: it marks thunderstorm and DigitalFile®

When it is important to conserve in the time the legal value of a computer science document is necessary to be able to attribute to it one given sure and to demonstrate that the company has been on purpose during the period of validity of the public key of the underwriter: this can be obtained affixing to the document one "marks thunderstorm". DigitalSign 2,0 is predisposed in order to concur with the customer uses of services of marks it thunderstorm; the architecture of the product previews the following functions: demand for marks thunderstorm to the supplier of services, verification and association to the document, monitoring of the temporal Marches in expiration, warning of expiration of marks and to new marks, in way automatic rifle or after confirmation. Professional applications into of organizations (companies, Public Administration, notarial associations, studies or lawyers...) can make use of the functionalities of conservation in the time of the legal value of documents informed through DigitalFile, thanks of archiiving on optical supports to norms AIPA (Delib. AIPA 24/98)..

Conformity to the Italian and European laws and verifications ITSEC

 In compliance with requirement of the Italian law on the digital company them, documents informed to us and on use of optical supports (DPR 513/97, DPCM 8/2/99, Delib. AIPA 24/98) and of the Directive of relative the European Parliament to a communitarian picture for electronic companies (1999/93/CE). In compliance with the "Guides lines for the inter-operability of the certificatori" of the AIPA (AIPA/CR/24). The declarations of conformity of the same ones to the Italian law and of verification of the correspondence to established requirement of emergency from DPCM 8.2.99 are to cargo of the producer of the company devices you (currently smartcard), second carried out the mode previewed from the level of E3 appraisal and robustness of mechanisms HIGH of the ITSEC. DigitalSign 2,0 can be supplied with smartcard for for internal uses only, smartcard equipped with the mentioned declarations of the producer or without smartcard; in such last case it is to the user cure to acquire smartcard suitable for the own ends, compatible with DigitalSign 2,0 and to obtain from the supplier, if of the case, the written declaration of the relative producer to the verification and conformity aspects.

Inter-operability with the Certificator  comprised in the Public index of AIPA

DigitalSign has the objective to achieve the inter-operability with all the suppliers of certification services that they give adapted stability guarantees. Currently it has caught up agreements of technical interoperability with Finital SpA and BNL Multiservice SpA. Agreements with IS SpA and with other certificators in phase of definition. This puts into effect it them situation for the various levels of inter-operability (for greater details looks at table 3): verification of certifys given from the suppliers of certification services currently  Public index  edited by AIPA (www.aipa.it) and automatic consultation of the respective lists on linens of certifys suspended  and revoke, provided that adherent to the norms and to the standards, inter-operable with the services of release of certifys you of Finital SpA, BNL Multiservice SpA and IS SpA, predisposed in order to have use of of the services of temporal mark of Finital SpA. Particular functions of DigitalSign 2,0 can be usable with some certificator because of limitations in the services from supplied they (do not look at table 3).

Functions of verification of documents informed and the digital signature

The Verification of integration (not alteration) of the document and, in the case of digital signature certified , the identity of the underwriter. Verification of the validity of the digital signature of a computer science document to all the levels:

 a) certification of the public key from part of a credited certificator

 b) presence of such Public certificator in the index of AIPA at the moment of the verification

c) Public authenticity of Index of AIPA

 d) eventual presence of the certificate of public key of the underwriter in the lists of certifys to you suspended or recall you

e) validity of all certifys to you been involved in the process (AIPA, Certificator, Underwriter)

Greater operating emergency

WYSIWYSn Technology Protection of access to smartcard through customer password (PIN) and administrator password (PUK) to 8 characters. Definable criterion and value password from user (personal codes, number of tried before the block). Additional protection of the smartcard through reader digital fingerprints (password + digital fingerprint of the holder). Function of rescue in protected shape (backup) of the private keys of coding (function not available for the keys of subscription and certification), in order to avoid the loss of documents number in breakdown case or loss to you of the smartcard.

Measures for the verification of integrity of DigitalSign® 2,0

the control that the user  has on documents informed, on the digital signature  associated on the function of subscription is exercised through DigitalSign 2.0. It is therefore important to be able to verify in every moment the integrity and the originality of such software installed on just the PC.

Smartcard, relative drive and readers of digital fingerprint

 DigitalSign 2,0 supports various cryptographic, drive types of smartcard and relative readers  of digital fingerprint, supplied optionally. For the complete directory of the devices it supports you looks at table. In order to verify the support of the smartcard and the functions put to disposition from DigitalSign 2,0 with the services supplied from the various certificatori table 3 is looked at.

Digital signature and coding of Adobe® 4,0 Acrobat®

The appropriate plug-in in DigitalSign 2,0 concurs to affix digital companies and number documents from inside of Adobe Acrobat 4.0; for technical reasons taxes from Adobe it is necessary to decide of Acrobat 4,0 also in order to verify the company and/or to decipher the document. The use of plug-in creates rows in format pdf with the digital signature  to the just inner one and not in format PKCS#7 recommended from AIPA norms. Therefore, if the employment of plug-in can turn out useful in the case of particular applications for internal use only, for the document company pdf with legal importance it is advised to resort to modality WYSIWYS.

Other technical characteristics 

Digital signature through asymmetric cryptography RSA, with keys (publishes and private) to 1024 bit. Calculation of the "fingerprint" (160 bit) of the document to sign through the functions hash standard SHA-1 and RIPEMD-160. Coding for confidentiality through technique of symmetrical and asymmetric cryptography arranged (triple DES + RSA). Construction and decodes of the signed messages and/or number to you in standard PKCS#7. Generation of the braces of keys inside of the company device. Guard of the private keys inside of the signed device. Distinguished management of the certification and coding, signed keys (to use itself in the autocertification case or if applications are carried out that do not demand the certification of the digital company them). Generation of demands in format standard PKCS#10 for the release for certifys you of the public keys. Possibility to generate signatures of type "root" for applications that do not demand the certification of the public keys from part of the certificators credit AIPA . Possibility to conserve certifys inside the smartcard. The maximum dimension of documents to signe/codeis similar to the RAM available. Function of "log" (registry) of all the carried out meaningful operations. The archives of certify to you of the public keys (of the user, the collaborators, the correspondents, the partner trade them...) and relative functions of management and import/export of certify to you, usable for the functions of coding of documents to respect adressees to you.

 Gratis DigitalSign® Reader 2,0, the software in order to verify the digital signature

Informed documents underwrite with the digital signature comes represents in the format standard  PKCS#7 recommended from the lines guides for the inter-operability of AIPA. DigitalSign Reader 2,0 concurs to read signed documents and to verify of integrity and, in presence of digital signature certify them, the identity of the underwriter. DigitalSign Reader 2,0 gratis and not demands the use of smartcard neither of other particular devices you. Also the originality of DigitalSign Reader 2,0 is controlable from the customer.

 DigitalSign® Corporate Solution, the digital signature in the Organizations

Whichever organization, Public Administration or company that  makes use of the digital signature and the cryptography of documents informed to us needs another series of functions, which as an example: automatic recording of all documents informed, entering and outgoing, that  can constitute part of the contractual relationship between the organization and the own customers, suppliers and partner in kind, conservation in the time of the legal value of documents, automatic verification of the companies of documents informed  in income, functions of key backup of the private keys of coding and key recovery of the keys of session (3DES), to the aim to avoid the loss of documents in the breakdown case or loss of one smartcard, cetralized emplacements for initializing of the smartcard, the autocertification and the certification of the public keys of subscription, emplacements of job with the sun company functions and coding, in order to avoid involuntary cancellations of smartcard and the consequent losses of time. Specifically for the use of digital signature them and coding inside of an organization  is possible to demand the DigitalSign Corporate Solution, participating to the plans in course.

The digital company  in the applications on-line:

DigitalSign® WebServer Solution the digital company can be applied to the e-government, to e-commerce, to trading on-line, to e-banking, to the private ones banking,  to e-insurance and to every shape of e-business, with all the advantages deriving from the emergency and the legal value of the transactions. Beyond satisfying automatically to verify and to sign "volumes" of documents informed, DigitalSign WebServer Solution supplies to acquit to the tasks of recording and conservation of documents.

The digital signature on-linen, side customer (client)

DigitalSign 2,0 is predisposed in order to concour with the customer to digitally signature, in possible the surer way, orders, confirmations, documents and electronic modules in kind visualize on the situated ones web visit, succeeding in therefore to perfect agreements on-line "for document exchange". .

Integration in other applications software:

DigitalSign 2,0 is equipped of interface of programming COM; it is possible to distribute applications that make use of DigitalSign 2,0 underwriting the appositte Developer License.

Protect your situated Internet with the digital signature

 AuthenticWeb® DigitalSign is used in the AuthenticWeb product in order to confer authenticity to the information published on situated the Internet.

Requirement of the software

DigitalSign 2,0 bit is an application to 32 and can turn on any PC in a position to supporting Windows® 95 (with Microsoft® Internet advanced Explorer 4,01 or) or Windows® 98, Windows® Me. For a level of greater emergency Windows NT® 4,0 (with Service advanced Pack 4,0 or) or Windows® 2000 (with Service advanced Pack 1,0 is recommended). A PC Pentium with at least 10 MB of free space on HDD for the installation is advised. Requirement minimums of RAM for the operativity are: 16 MB with Windows® 95/98/Me, 32 MB with Windows NT® 4,0 and 64 MB with Windows® 2000. For relative requirement  the inter-operability of DigitalSign 2,0 with other products software, device hardware and the  recognized certificator from the Italian legal ordering, tables 1, 2 and 3 are looked at.

 

Notes: 1) the level of emergency is greater to growing of the number of "*" it indicates to you in table. The faces have indicative, relative character to the used type of technology.

2) The inthegration of DigitalSign 2,0 with Microsoft Outlook 2000 is realized from inside of format MIME and S/MIME the message firmato/cifrated in format PKCS#7 is contained recommended from the Italian norms.

 3) With the exception of ST-View the software over indicates to you is not included in DigitalSign 2.0.

Note: smartcard of the same model they can differ for code ATR (Answer To Request); codes ATR support to you from DigitalSign 2,0 are brought back in table.

 

Table 3 - Inter-operability of DigitalSign 2,0 with AIPA Certificators, and functions supported

 

 certificator presents in the public directory edited by AIPA (www.aipa.it) are those currently recognized Italian legal in the ordinament.