How can we improve WP E-Signature?

Ability to use an external certified Timestamp API

Hello again

This function is i think essential for European users like me.

With the new eIDAS law which defines better the law arround the electronic signature, it appears to me that ApproveMe is "almost" okay to be used in a court.

The eIDAS specifies a "strong" law recognition of the Electronic Signature with an addition to US laws : Only some specific Companies are certified by an official certificate from a country member of the European Union to deliver certified timestamp (like www.universign.eu)

These organisation delivers Timestamp API (paid by contract timestamped).

That would be a very strong step for APPROVEME to be used like this for the european union members. In that way, we would have a very strong argument to show to any law court.

thanks for reading me,

matt

17 votes
Vote
Sign in
(thinking…)
Password icon
Signed in as (Sign out)
You have left! (?) (thinking…)
Matthias Dorin shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

7 comments

Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    eIDAS is a must. UETA and ESIGN are of US legislation and thus useless in the EU on first approach if it comes to a lawsuit. That makes the conflicting parties dependend on a judges personal assessment rather than being able to rely on a legally valid standard which in the EU is eIDAS.
    This is a pre-sale comment. Not buying until EU standards will be met.

  • Cautious Buyer commented  ·   ·  Flag as inappropriate

    Any updates on this? It's been almost a year and your "International Compliance" statement in your support documentation is very vague. I think we need to see a statement of eIDAS compliance from you, and what type of eIDAS electronic signature (basic/advanced/qualified) you provide.

  • AdminKevin at WP E-Signature (Founder, WP E-Signature) commented  ·   ·  Flag as inappropriate

    We haven't set a date yet for our version 2.0 product. We will make formal announcements once we are closer to locking in a date. We have not looked in detail at the requirements of the EU trusted but in the future we do intend to explore further certification and compliance.

  • Matthias Dorin commented  ·   ·  Flag as inappropriate

    No, it i specified that a "trusted timestamp" can only be delivered by a certified organisation which garantee the independance of it (they consider that we can locally modify the time of the server which host the site)

    So for me the only missing thing is the ability to use the api of a independant cerified timestanp service

  • Jan Dou commented  ·   ·  Flag as inappropriate

    I think that ApproveMe comply with Article 26 of eIDAS Regulation (Regulation (EU) N°910/2014) (http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32014R0910&from=EN)

    This article says:

    "Article 26
    Requirements for advanced electronic signatures

    An advanced electronic signature shall meet the following requirements:
    (a) it is uniquely linked to the signatory;
    (b) it is capable of identifying the signatory;
    (c) it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and
    (d) it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.
    "

    Also
    Article 46 Legal effects of electronic documents: "An electronic document shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in electronic form."

Feedback and Knowledge Base