Introduction to digital signatures
In this article
What is a digital signature?
You can use a digital signature for many of the same reasons that you might sign a paper document. A digital signature is used to authenticate digital information — such as form templates, e-mail messages, and documents — by using computer cryptography. Digital signatures help to establish the following assurances:
Authenticity The digital signature helps to assure that the signer is who he or she claims to be.
Integrity The digital signature helps to assure that the content has not been changed or tampered with since it was digitally signed.
Non-repudiation The digital signature helps prove the origin of the signed content to all parties. "Repudiation" refers to the act of a signer denying any association with the signed content.
To make these assurances about a form template, you must digitally sign your form template. You can also enable digital signatures for your form template so that your users can make the same assurances about the forms that they fill out. In either case, the following requirements must be met in order to digitally sign a form or form template:
The digital signature is valid.
The certificate associated with the digital signature is current (has not expired).
The signing person or organization, known as the publisher, is trusted.
The certificate associated with the digital signature is issued to the publisher by a trusted certificate authority (CA).
When you create a form template, you can enable digital signatures so that users can add them either to the entire form or to specific parts of the form. In Microsoft Office InfoPath 2007, you can also choose to design a browser-compatible form template. A browser-compatible form template is a form template that is designed in InfoPath by using a specific compatibility mode. A browser-compatible form template can be browser-enabled when it is published to a server running InfoPath Forms Services. In browser-enabled form templates you can only enable digital signatures to be added to specific parts of the forms that users fill out. When you enable digital signatures for parts of the form, the signatures apply only to the data in those specific parts of the form.
How to use digital signatures in InfoPath
When designing a form template, you can specify whether users can add digital signatures when they fill out a form based on your form template. You can also specify whether users can sign the whole form or just part of the form. If you enable digital signatures so that they can be added to part of the form, you must determine which data in the form can be signed. You can additionally associate that data with a section that you add to the form template. Once signed, the form or part of the form that was signed cannot be altered without invalidating the signature.
When designing a form template, you can also specify whether users are allowed to add multiple digital signatures to a form, and whether those signatures should be co-signed (in which case each signature is independent of the other signatures) or counter-signed (in which case each signature signs the form, as well as the signatures that precede it).
Note If a form template was designed based on an XML Schema, you can enable digital signatures for that form template only if the XML Schema has a node that is in the World Wide Web Consortium (W3C) XML digital signature namespace.
In addition to enabling digital signatures so that users can sign forms that are based on your form template, you can also digitally sign the form templates that you design. Digitally signing a form template authenticates you as the designer of the form template in the same way that a digital signature on a form authenticates the user who filled out the form. Adding a digital signature to a form template also enables the form template to operate at the Full Trust level. For example, a form template that contains managed code that uses the Full Trust level of security must either be installed on a user's computer or digitally signed by the form template designer so that it can be used.
Note When Microsoft Office Outlook 2007 users send a copy of an InfoPath form as an e-mail message to other Office Outlook 2007 users, and that form is set to run at the Full Trust security level, the associated form template must be signed with a digital signature in order to work properly.
To add a digital signature to a form or a form template, a digital certificate is required. You can obtain a digital certificate through a commercial certification authority or from your internal security administrator. The decision to purchase a digital certificate depends on how widely your organization plans to deploy form templates.
When you digitally sign a form template, InfoPath uses only those certificates that have a private key and a Digital Signature or Both value for the Key Usage attribute. In addition, the purpose of the certificate must be a Code Signing certificate.
Because InfoPath uses XML Signatures to digitally sign forms, when a user signs a form with a digital certificate, the following guidelines apply to the user's certificate:
The certificate must contain valid values for the date and time that the certificate was issued, and the date and time that it expires.
The certificate must be installed on the user's computer and associated with a private key.
The key usage properties contained in the certificate must include either digitalSignature or nonRedpudiation values. The key usage defines what the certificate key should be used for.
Note Because a digital certificate that you create is not issued by a formal certification authority, form templates that are signed using a certificate that you created are referred to as self-signed form templates. These self-signed certificates are considered unauthenticated and will generate a security warning if the form template's security level is set to Full Trust. InfoPath trusts self-signed certificates only on computers that have access to the private key for that certificate. In most cases, this means that InfoPath trusts self-signed certificates only on the computer that created the certificate, unless the private key is shared with other computers.
There are two types of certification authorities, commercial certification authorities and internal certification authorities.
Commercial certification authorities
If you are a developer and you want to obtain a digital certificate from a commercial certification authority, such as VeriSign, Inc., you or your organization must submit an application to that authority.
Depending on your status as a developer, you should apply for a Class 2 or Class 3 digital certificate for software publishers:
Class 2 digital certificate A digital certificate designed for people who publish software as individuals. This class of digital certificate helps provide assurance about the identity of the individual publisher.
Class 3 digital certificate A digital certificate designed for companies and other organizations that publish software. This class of digital certificate helps provide greater assurance about the identity of the publishing organization. Class 3 digital certificates are designed to represent the level of assurance provided by retail channels for software. An applicant for a Class 3 digital certificate must also meet a minimum financial stability level based on ratings from Dun & Bradstreet Financial Services.
When you receive your digital certificate, you are given instructions on how to install it on the computer you use to sign your InfoPath form templates.
Internal certification authorities
Some organizations and corporations might have a security administrator or group that acts as their own certification authority. This administrator or group can produce or distribute digital certificates by using certification authority tools such as Microsoft Certificate Server. Depending on how Microsoft Office digital-signature features are used in your organization, you might be able to sign your form templates using a digital certificate from your organization's internal certification authority. Or you might need to have an administrator sign your form templates for you using an approved certificate. For information about your organization's policy, contact your network administrator or IT department.