Electronic Signature

enaio® 10.10

OPTIMAL SYSTEMS GmbH has submitted a manufacturer's declaration for the signature module which declares that the enaio® signature module is a signature application component which enables data to be fed into the process used to generate or validate qualified electronic signatures and to verify qualified electronic signatures or qualified certificates and to display the results, meeting the requirements of the German Signature Act (SigG) and the German Signature Ordinance (SigV).

Make sure that Show PDF in browser is activated on each workstation where documents are signed in Adobe Reader under Edit > Preferences > Internet. If this option is disabled, the signature module will not open.

Different signature modules are available: Mentana, SecSigner (only in Ansi installations), and Governikus.

Functionality:

	Mentana	SecSigner	Governikus
Image module	Internal signature of a PDF	External signature	Internal signature of a PDF
Windows module	External signature if not already available as a PDF	External signature	External signature if not already available as a PDF
Video module	No signature	No signature	No signature
E-mail module	External signature	External signature	External signature
XML module	External signature	External signature	No signature
Container module	No signature	No signature	No signature
Sign several documents as a batch in succession	Yes	No	Yes

Do not switch from one electronic signature module to another as this will cause errors. Please contact our consulting team if you need to switch the signature module.

A password prompt may appear when documents are opened in signature mode for Mentana. To do this, enter the following in the as.cfg file in the \etc directory of the data directory:

[Signature]
PwdForSigning=1

Mentana

An electronic signature, including the information on the signature type, can be appended to documents in PDF format.

Image documents that are not available as PDFs will be converted into PDFs and signed using the features provided by Acrobat Reader. W-Documents not found in PDF format are given an external signature.

External signatures can also be appended to e-mail and XML documents.

Set up signature types to electronically sign image documents. When signing, users can then select a signature type from a list. The electronic signature is appended by the signature functions provided with Acrobat Reader.

To append external signatures to W-Documents, e-mail documents, and XML documents, the user does not need to choose a signature type.

If a card reading device for electronic signatures is installed at the workstation, the user will need a signature card and must enter a PIN.

The 'DIS' license key is additionally required at the workstation.

The validity of the hash algorithm SHA-1 expired on 1 July 2008. All components required for the signature are automatically updated; the latest version of Mentana's Certificate Manager must be installed manually. The certificate manager must be obtained directly from Mentana.

Based on the hash algorithm used, the HashAlgo entry in the [Signature] section in the as.cfg file of the \etc directory must be altered. The preset value for the entry is '1', thus allowing SHA-256 hash values. Changing the entry can generate SHA-386 ('2') or SHA-512 ('3') hash values. The appended numbers indicate the length of the hash value, respectively. Where required, enable the previously used hash algorithm SHA-1 by setting the HashAlgo value to '-1' or '0'.

Archived documents cannot be signed. External signatures are only archived during archiving if document histories are created and archived. You can specify this in enaio® editor.

Users can print a signature at verification. The \verify.xsl style sheet located in the client directory is used for printout.

SecSigner

Only external signatures are created using SecSigner. For this purpose, image documents are converted into PDF files, whereas other document types are not converted.

For external signatures, signature types are not available.

SecSigner requires the appropriate software and hardware. Install the software and hardware in accordance with the manufacturer's instructions. Additionally, you will need to specify the path to the SecSigner installation directory using the 'Path' environment variable.

The external SecSigner components will be run for both signing and verification.

The 'DIS' license key is additionally required at the workstation.

Archived documents cannot be signed. External signatures are only archived during archiving if document histories are created and archived. You can specify this in enaio® editor.

To use SecSigner, open the Electronic signature configuration dialog and add the 'SecCommerce SecSigner' signature module. Further information is not necessary.

Governikus

Governikus generates external signatures. Image documents are integrated into a PDF and signed internally similar to existing PDF documents. A signature type can be assigned to internally signed documents.

XML documents, container documents, and film documents are not signed.

Governikus Signer Integration Edition requires appropriate software and hardware. Install the software and hardware in accordance with the manufacturer's instructions. Governikus Signer must be started prior to signing.

External Governikus components are used for both signing and verification.

The 'DIS' license key is additionally required at the workstation.

Archived documents cannot be signed. External signatures are only archived during archiving if document histories are created and archived. You can specify this in enaio® editor.

For Governikus, use the Electronic signature configuration dialog to integrate the 'Governikus' signature module. You can create signature types with a signature text.

You can specify in the GovernikusConfig.xml configuration file in the \etc directory in the data directory how many files a user needs to view in order to sign them. '2%' is preset. You can change this value.