Method and system for certifying the authority of a signer of an electronic document
First Claim
Patent Images
1. A method for verifying authority of a signer of a document, the method comprising:
- receiving, at a server, the document after the signer has signed the document, wherein the document is electronically signed;
verifying, by the server, identity of the signer;
establishing, by the server, a type for the document;
establishing, by the server, the authority of the signer to sign the type of document and that the document is signed by the signer, wherein establishing, by the server, the authority of the signer to sign the type of document further comprises;
identifying, by the server, the type of documents the signer is authorized to sign and constraints on the authority of the signer;
responsive to establishing, by the server, the authority of the signer to sign the type of document and that the document is signed by the signer, referencing, by the server, an authority endorsement with the document, wherein the authority endorsement comprises an attestation of the authority of the signer at the time the authority server signed the attestation; and
identifying a hash of all contents of the document which are signed, wherein the hash is a digest of the contents, wherein the contents comprise the authority endorsement, a signature of the signer, and an identification of content covered by the signature.
1 Assignment
0 Petitions
Accused Products
Abstract
Method and system for endorsing and verifying the authority of a digital signature is provided. The system includes, a server that is operationally coupled to a user'"'"'s computer via a network link, wherein the server receives a signed document; the server identifies the type of document submitted and the signer'"'"'s authority to sign it; and if all conditions are met, the server provides a signed statement or endorsement stating the user was authorized to sign the electronic document.
21 Citations
27 Claims
-
1. A method for verifying authority of a signer of a document, the method comprising:
-
receiving, at a server, the document after the signer has signed the document, wherein the document is electronically signed; verifying, by the server, identity of the signer; establishing, by the server, a type for the document; establishing, by the server, the authority of the signer to sign the type of document and that the document is signed by the signer, wherein establishing, by the server, the authority of the signer to sign the type of document further comprises; identifying, by the server, the type of documents the signer is authorized to sign and constraints on the authority of the signer; responsive to establishing, by the server, the authority of the signer to sign the type of document and that the document is signed by the signer, referencing, by the server, an authority endorsement with the document, wherein the authority endorsement comprises an attestation of the authority of the signer at the time the authority server signed the attestation; and identifying a hash of all contents of the document which are signed, wherein the hash is a digest of the contents, wherein the contents comprise the authority endorsement, a signature of the signer, and an identification of content covered by the signature. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for signing on behalf of a signer and endorsing an authority of the signer, the method comprising:
-
receiving a document by a server on behalf of the signer, wherein the document is electronically signed; verifying, by the server, identity of the signer; signing, by the server, on behalf of the signer by applying a digital signature to the electronic document, the digital signature indicative of the signer; establishing, by the server, a document type; establishing, by the server, the authority of the signer to sign the type of document; responsive to establishing, by the server, the authority of the signer to sign the type of document, including, by the server, an authority endorsement with the document, wherein the authority endorsement comprises an attestation of the authority of the signer at the time the authority server signed the attestation; and identifying a hash of all contents of the document which are signed, wherein the hash is a digest of the contents, wherein the contents comprise the authority endorsement, a signature of the signer, and an identification of content covered by the signature. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for signing on behalf of a signer whose public key certificate contains an authority or policy extension, the method comprising:
-
receiving a document by a server on behalf of the signer, wherein the document is electronically signed; verifying, by the server, identity of the signer; establishing, by the server, the a document type; establishing, by the server, the authority of the signer to sign the type of document using the authority or policy extension of the public key certificate of the signer; responsive to establishing, by the server, the authority of the signer to sign the type of document using the authority or policy extension of the public key certificate of the signer, signing, by the server, on behalf of the signer by applying a digital signature with embedded authority information of the signer to the electronic document, the digital signature indicative of the identity and authority of the signer, wherein the authority endorsement comprises an attestation of the authority of the signer at the time the authority server signed the attestation; and identifying a hash of all contents of the document which are signed, wherein the hash is a digest of the contents, wherein the contents comprise the authority endorsement, a signature of the signer, and an identification of content covered by the signature. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A system for verifying the authority of a signer of a document, the system comprising:
-
a server configured to receive a document, wherein the document is electronically signed; verify identity of the signer; establish a type for the document; establish the authority of the signer to sign the type of electronic document; including an authority endorsement with the electronically signed document in response to establishing the authority of the signer to sign the type of document and that the document is signed by the signer, wherein the authority endorsement comprises an attestation of the authority of the signer at the time the authority server signed the attestation; and identify a hash of all contents of the document which are signed, wherein the hash is a digest of the contents, wherein the contents comprise the authority endorsement, a signature of the signer, and an identification of content covered by the signature. - View Dependent Claims (22, 23, 24, 25, 26, 27)
-
Specification