Digitally signing PDF docs (forms)
I've been asked to investigate digital-signing of PDF forms. Had anyone dealt with this before?
The idea is to replace the paper-based forms currently used to record each student's progress in work-based learning, with PDF forms.
The assessor would fill-in the form and perhaps the student as well. When in agreement, both the assessor and the student need to be able to digitally sign the form (the equivalent to a pen/paper based signature but using digital IDs aka Certificates).
The form then gets sent back to College. The electronic copy is retained and used in two ways:
A permanent record of the document (and the two signatures can be checked electrically, presumably by auditors).
Data from the fields can be extracted into a DB.
I did a little test with a PDF form that the guy sent me to try out the signing process. It provided me with 3 options:
1) Use a "roaming ID server". I am prompted to type in the URL of the Roaming ID server, from where it can download the user's digital certificate to sign the document.
2) Create a self-signed document
3) Select an existing certificate file.
1) I am having trouble getting any info on this, is this a Adobe specific technology or could Certificate Services for Windows be adapted to perform this function?
2) I think I can safely exclude as it doesn't provide any real level of authentication, anyone can create a self-signed certificate in anyone's name.
3) The candidates/assessors could be provided with a certificate each (including the secret key) which requires a password to be unlocked. The problem is it would be bit would be a faff because each assessor/student would need a way of storing their own certificate. And we would have to have a secure method of telling the student their password to unlock their certificate. If the password isn't secure it undermines the whole process/signatures and the user could deny having signed it.
Is anyone aware of any cloud-based solutions that might simplify all this? I.e. by allowing the user to sign the PDF online without the need to worry about signatures, but does allow the College to download the PDF for storage. But then how would the assessor/candidate authenticate themselves to the service?
I did ask if they could not stick to using paper-based forms but scan them all (we can scan to email) so they can be stored electronically, but they said that this wouldn't meet requirement no. 2 (extracting data from the forms directly into a DB).
Digital signatures are obviously the future when it comes to signing of digital documents, but I am just having trouble how they could be implemented in a practical way in this scenario.
Any help would be very much appreciated.