Following the developments on OpenID and all kind of new applications that are created, I tried to find a way to use your openID for electronic signatures or online approval. I think the following application could be an interesting scenario to make a next step.
In general you could say an electronic signature = Document*Identity. So the identity should be uniquely linked to the document. Although we know that high-end electronic signatures based on qualified certificates are a good mechanism for many applications, a mediate level of digital signatures could be very usefull. Silanis decribes this in more detail and uses the term electronic proces signature.
The application I propose using the OpenID framework works as follows:
- Service Provider provides a contract, form etc in a browser to the end-user
- End user fills in his details and clicks on sign button
- PDF or XML is presented once more (What you see is what you sign) in a signing window provided by an independent trust provider.
- End user provides his OpenID username and selects sign
- End user is redirected to his OpenID provider to authenticate
- If authentication is OK, the signature service “server signs” the PDF or XML document using a X509 certificate and incorporates (Seals) the openid credentials
- Result is a PDF or XML signed document legally binding to an openid.
Please see above scenario in action looking at the demonstration video. For the demonstration we used the option to upload a PDF file. Also XML document format is possible, the document can also be provided using webservices, e-mail or FTP.
For internal OpenID servers, like SUN is working on, you could already start using this mechanism for internal approval. Looking at “external” environments, OpenID providers should work on the level of trust for issuing openid’s .
I also provided the demo online, so you can test the application yourself.
Please provide your feedback or comments.