Joan Website | Joan Bio | Joan Licensing Info | Joan Contact Info | Blog Main Page

Art Licensing by artist Joan Beiriger: I'm happy to share art licensing info but please
give me credit and link to my blog when using it on your site. Thanks.

Sunday, September 23, 2012

Adobe Acrobat / Reader Tip: How to Create a Certified Digital Signature

Electronic signatures on documents are legal in most countries including the US. And if the signature is certified and the document unchanged after it was signed, the more likely it will be trusted to be authentic. Adobe Acrobat and Reader are the predominate software that allows a person to sign a .pdf file with a certified digital signature. Read "Art Licensing: Using Certified Digital Signatures in Contracts" for more information on certified digital signatures, certified certificates, what requirements makes digital signatures legal, and why digital signatures created in Adobe Acrobat and Reader conform to legal requirements and gives assurance that the documents are authentic.

There are three steps to create your own personal certified digital signature in Acrobat and Reader* (version 8 and later).
1. Either scan a handwritten signature into the computer or write the signature with a digital tablet/pen in graphic software.
2. Create a digital ID with a password. The password will be used each time a document is signed.
3. Configure how the signature appears on the document by opening the signature appearance window to select the graphic and information you wish to appear with the signature. Below are instructions on how to do these steps in version 10 of Acrobat and Reader.

These instructions may be long and seem complicated but they are really easy. Once the signatures, digital ID and look of the signature (appearance) are created, certified digital signatures can then be applied to .pdf files with a click and drag of the mouse.

* Adobe Reader .pdf file cannot be signed with a digital signature unless the Usage Rights were enabled when the .pdf file was saved by Adobe Acrobat. Read the enabling Usage Rights for Adobe Reader with Adobe Acrobat second at the bottom of this article.

Creating Signature Graphic File(s)
A signature can be handwritten, scanned as a .jpg file, and placed into graphic software such as Adobe Photoshop or it can be created with a digital tablet and stylus while in graphic software. The signature then needs to be saved as a .pdf file.

Or the signature file can include a logo or a photo of the owner of the signature. The photo adds more authenticity to the signature. It can be created in Photoshop and saved as a .pdf file. The example at the top of this article shows this type of certified digital signature. Note: An actual photo of a person and signature should be used but for illustration purposes I used a drawing of a person and a font to type the signature.

Creating a Digital ID in Acrobat
1. Open a .pdf file in Acrobat and select "Tools" at right top of Acrobat panel to open the tool bar.
2. Select "Sign & Certify" and then "More Sign & Certify"
3. Select "Security Settings" in the pull down menu to open the "Digital IDs" window. See example A.
4. Click on "Add ID" at top of window to open the "Add Digital ID" window, click on "A new digital ID I want to create now". See example B. Then click on "Next >" button.
5. In the new window enter the name of the signee, organizational Unit (optional; example = artist), Organizational Name (optional; example = Fun Art), Email Address. Note: The key Algorithm (code that secures the data) default is 1024-bit RSA but Adobe literature states that 2048-bit RSA is more secure. See example C. Then click on "Next >".
6. In the new window enter the file location on your computer where you want the digital ID filed, and assign a password to protect the digital ID data. A password with a combination of numbers and lower/upper case letters give a better rating. The password will be required every time a document in Adobe Acrobat is signed with a digital signature. See example D.
7. Click on "Finish" to go back to the Security Settings window. The digital ID is now listed in the window. Click on "close". Note: More than one digital ID can be created for different uses or persons.

Creating a Digital ID in Reader
Open a .pdf file in Reader and choose Edit > Protection > Security Settings to open the "Digital IDs" window. Then follow the same steps used in Acrobat (#4 - 7) for creating a digital ID.

Configure the appearance of the digital signature in Acrobat or Reader
1. Open a .pdf file in either Acrobat or Reader. Select "Preferences" under the word Acrobat (Command + Comma) to open the preferences window.
2. In the Preference window select "Security" to open the "Digital Signatures" window.
3. Check the box for "Verify signatures when the document is opened" and for "View documents in preview document mode when signing". See Example E.
4. Select the "Advanced Preferences" in the upper right of the window. In the "Digital Signatures Advanced Preferences" window select "Creation."
5. Check "Include signature's revocation status when signing", "Show reasons when signing", and "Show location and contact information when signing." See example F. Then press "OK" to go back to the Preferences window.
6. On the right side of the "Appearance" box press the "New..." button to open the "Configure Signature Appearance" window.
7. Name the appearance in the "Title" box.
8. Click on "Imported graphic" button in the "Configure Graphic" section and import the .pdf Graphic of the signature from your computer.
9. Click on the text items in the "Configure Text" section that you wish to appear in the digital signature. See example G. Click on OK to go back to the "Preferences" window.

You can create multiple appearances that can be used for different purposes. Do steps 6 through 9 (above) to create another appearance. You have the option to choose which appearance you wish to use when signing a document. See example H.  Example I shows the two newly created signature Appearance names.

Applying Digital Signatures to documents in Acrobat and Reader
A digital ID can be created in Adobe Reader but as mentioned above a person cannot apply a digital signature to the document in Reader UNLESS the .pdf file Usage Rights was saved by Adobe Acrobat. A person can tell if the usage rights was saved if the Extended pull down menu is listed at the top right of the Reader window (next to Comment). To learn how to enable Usage Rights for Reader, see the section below "Enabling Usage Rights for Adobe Reader with Adobe Acrobat".

To sign the document in Adobe Acrobat with a digital signature
1. open Tools > Sign & Certify.
2. Click on the Sign Document. Then click and drag a rectangle box on the area in the document that you want the digital signature to appear. If a message appears that says "This document contains rich content that . . . " click on Continue. A grayed out area appears on the document.
3. Click on "Sign Document" at the top of the window. After a pause the "Sign Document" window appears.
4. Select a "Digital ID" in the "Sign As" space, enter the password for the Digital ID, select the appearance you want, and enter any additional signature information. Press Sign and a "Save As" dialog box appears. Change the name and press "Save" OR simply press "Save" to save the file with the Digital Signature. If another signature is needed and the person only has Adobe Reader the file should also be saved with Usage Rights. See the section below on "Enabling Usage Rights for Adobe Reader with Adobe Acobat".

To sign the document in Adobe Reader with a digital signature, the file must have the word Extended (next to Comment) at the top of the window. If Extended is missing, the file does not have Usage Rights and a digital signature cannot be applied to the document.
1. Click on Extended to open the menu and then click on Sign Document.
2. Follow the on-screen instructions to create and place the signature on the document.
3. Then follow step 4 for signing documents in Acrobat. When the file was saved after signing the document, the Usage Rights were also saved and Extended is still enabled. Thus, additional persons can sign the document in Reader. Caution: If you save the file by selecting File > Save As > PDF the Usage Rights will be lost and no more signatures will be allowed.

Enabling Usage Rights for Adobe Reader with Adobe Acrobat
In Adobe Acrobat the Usage Rights can be enabled by selecting File > Save As > Reader Extended PDF > Enable Additional Features. When the file is opened in Reader the Extended pull down menu is enabled and a digital signature can be applied to the document.

Summary
To apply a certified digital signature to a .pdf file a person must first create a digital signature, then a Digital ID, and finally an appearance on what information is included in the digital signature. The originator of the document or the first person that applies a digital signature must own Adobe Acrobat. That person must save the file with Usage Rights enabled if other persons that need to sign the document only have Adobe Reader.

Your comments are welcome. Please click on the comments section (below) to write your comment.

4 comments:

  1. thanks for sharing..

    ReplyDelete
  2. Good common sense discussion.

    You might want to discuss ways to time-stamp for legality on any documents that are time sensitive.

    http://www.css-security.com/blog/time-stamping-authority/

    A buddy of mine clued me in that my signature can be dated whatever date I can set my computer to. Time stamp servers provide a means to correct that.

    I found https://timestamp.geotrust.com/ will allow you to timestamp your documents for free in Adobe X / XI

    ReplyDelete
  3. Time stamping is really key.

    http://www.css-security.com/blog/time-stamping-authority/

    Later versions of Adobe Acrobat can time stamp. Free time stamp server at:

    https://timestamp.geotrust.com/

    has been working for me. Just something to think about for any documents with legal implications. If the time stamp comes from your computer, it may be difficult to prove that you did not tamper with the computer's time.

    ReplyDelete