![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><g d="M 22.75 0 C 23.44 0 24 0.559 24 1.25 L 24 22.75 C 24 23.441 23.44 24 22.75 24 L 1.25 24 C 0.559 24 0 23.441 0 22.75 L 0 1.25 C 0 0.559 0.559 0 1.25 0 Z M 6.826 11.39 C 7.972 11.39 8.901 10.46 8.901 9.312 C 8.901 8.164 7.972 7.233 6.826 7.233 C 5.681 7.233 4.752 8.164 4.752 9.312 C 4.752 10.46 5.681 11.39 6.826 11.39 Z M 17.381 11.39 C 17.4 11.39 17.418 11.39 17.436 11.39 C 18.578 11.386 19.502 10.457 19.502 9.312 C 19.502 8.164 18.573 7.233 17.427 7.233 C 17.412 7.233 17.397 7.233 17.381 7.233 C 15.599 7.233 14.155 5.785 14.155 4 C 14.155 3.981 14.155 3.963 14.155 3.944 C 14.15 2.801 13.223 1.875 12.081 1.875 C 10.935 1.875 10.006 2.806 10.006 3.954 C 10.006 5.099 10.93 6.028 12.071 6.032 C 12.09 6.032 12.108 6.032 12.127 6.032 C 13.908 6.032 15.353 7.48 15.353 9.265 L 15.353 9.303 C 15.353 9.31 15.353 9.318 15.352 9.325 C 15.321 11.083 13.889 12.498 12.127 12.498 L 12.089 12.498 C 12.086 12.498 12.084 12.498 12.081 12.498 C 10.935 12.498 10.006 13.429 10.006 14.577 C 10.006 15.725 10.935 16.656 12.081 16.656 C 13.211 16.656 14.131 15.75 14.155 14.623 C 14.155 12.837 15.599 11.39 17.381 11.39 Z M 4.75 20.974 C 4.75 21.223 4.838 21.435 5.014 21.611 C 5.19 21.787 5.402 21.875 5.651 21.875 L 18.551 21.875 C 18.8 21.875 19.012 21.787 19.188 21.611 C 19.364 21.435 19.452 21.223 19.452 20.974 L 19.452 17.82 C 19.452 17.571 19.364 17.359 19.188 17.183 C 19.012 17.007 18.8 16.919 18.551 16.919 L 5.651 16.919 C 5.402 16.919 5.19 17.007 5.014 17.183 C 4.838 17.359 4.75 17.571 4.75 17.82 Z M 15.232 19.786 C 14.786 19.667 14.31 19.742 13.922 19.994 C 13.919 19.942 13.919 19.889 13.922 19.837 C 13.929 19.737 13.855 19.65 13.755 19.641 C 13.369 19.614 13.059 19.83 12.816 20.111 C 12.757 20.18 12.7 20.25 12.645 20.322 C 12.611 20.359 12.58 20.399 12.553 20.441 L 12.553 20.297 C 12.57 20.174 12.588 20.05 12.603 19.926 C 12.618 19.803 12.627 19.632 12.494 19.554 C 12.362 19.477 12.168 19.535 12.032 19.588 C 11.682 19.725 11.359 19.998 11.086 20.253 C 10.814 20.507 10.551 20.827 10.187 20.961 C 9.794 21.106 9.423 20.938 9.302 20.532 C 9.189 20.159 9.22 19.713 9.282 19.333 C 9.336 18.962 9.482 18.61 9.707 18.31 C 9.948 17.999 10.3 17.795 10.69 17.74 C 11.129 17.688 11.511 17.921 11.807 18.222 C 11.971 18.387 12.244 18.149 12.08 17.983 C 11.785 17.689 11.436 17.446 11.017 17.385 C 10.623 17.341 10.226 17.441 9.9 17.665 C 9.188 18.129 8.903 18.974 8.878 19.791 C 8.864 20.219 8.887 20.694 9.166 21.043 C 9.421 21.364 9.843 21.448 10.224 21.338 C 10.639 21.214 10.939 20.912 11.243 20.618 C 11.408 20.456 11.585 20.306 11.772 20.169 C 11.862 20.103 11.957 20.042 12.055 19.988 C 12.103 19.962 12.153 19.939 12.205 19.921 C 12.219 19.915 12.233 19.91 12.248 19.906 C 12.2 20.004 12.207 20.2 12.194 20.31 C 12.177 20.404 12.177 20.5 12.194 20.594 C 12.208 20.683 12.259 20.761 12.333 20.81 C 12.408 20.86 12.499 20.876 12.586 20.856 C 12.797 20.802 12.918 20.568 13.044 20.413 C 13.184 20.242 13.352 20.074 13.565 20.02 C 13.572 20.136 13.593 20.25 13.629 20.361 C 13.667 20.479 13.817 20.569 13.923 20.459 C 14.234 20.145 14.687 20.019 15.115 20.127 C 15.337 20.186 15.458 19.845 15.232 19.786 Z" fill="transparent" height="24px" id="c4GPdTPWa" width="24px"><path d="M 22.75 0 C 23.44 0 24 0.559 24 1.25 L 24 22.75 C 24 23.441 23.44 24 22.75 24 L 1.25 24 C 0.559 24 0 23.441 0 22.75 L 0 1.25 C 0 0.559 0.559 0 1.25 0 Z" fill="rgb(49, 107, 172)" height="24px" id="yDUSzsYly" width="24px"/><path d="M 2.076 9.515 C 3.222 9.515 4.151 8.585 4.151 7.437 C 4.151 6.289 3.222 5.358 2.076 5.358 C 0.931 5.358 0.002 6.289 0.002 7.437 C 0.002 8.585 0.931 9.515 2.076 9.515 Z M 12.631 9.515 C 12.65 9.515 12.668 9.515 12.686 9.515 C 13.828 9.511 14.752 8.582 14.752 7.437 C 14.752 6.289 13.823 5.358 12.677 5.358 C 12.662 5.358 12.647 5.358 12.631 5.358 C 10.849 5.358 9.405 3.91 9.405 2.125 C 9.405 2.106 9.405 2.088 9.405 2.069 C 9.4 0.926 8.473 0 7.331 0 C 6.185 0 5.256 0.931 5.256 2.079 C 5.256 3.224 6.18 4.153 7.321 4.157 C 7.34 4.157 7.358 4.157 7.377 4.157 C 9.158 4.157 10.603 5.605 10.603 7.39 L 10.603 7.428 C 10.603 7.435 10.603 7.443 10.602 7.45 C 10.571 9.208 9.139 10.623 7.377 10.623 L 7.339 10.623 C 7.336 10.623 7.334 10.623 7.331 10.623 C 6.185 10.623 5.256 11.554 5.256 12.702 C 5.256 13.85 6.185 14.781 7.331 14.781 C 8.461 14.781 9.381 13.875 9.405 12.748 C 9.405 10.962 10.849 9.515 12.631 9.515 Z M 0 19.099 C 0 19.348 0.088 19.56 0.264 19.736 C 0.44 19.912 0.652 20 0.901 20 L 13.801 20 C 14.05 20 14.262 19.912 14.438 19.736 C 14.614 19.56 14.702 19.348 14.702 19.099 L 14.702 15.945 C 14.702 15.696 14.614 15.484 14.438 15.308 C 14.262 15.132 14.05 15.044 13.801 15.044 L 0.901 15.044 C 0.652 15.044 0.44 15.132 0.264 15.308 C 0.088 15.484 0 15.696 0 15.945 Z" fill="rgb(255, 255, 255)" height="19.99999960327149px" id="ermHhO9Yw" transform="translate(4.75 1.875)" width="14.75187483596801px"/><path d="M 6.357 2.411 C 5.911 2.292 5.435 2.367 5.047 2.619 C 5.044 2.567 5.044 2.514 5.047 2.462 C 5.054 2.362 4.98 2.275 4.88 2.266 C 4.494 2.239 4.184 2.455 3.941 2.736 C 3.882 2.805 3.825 2.875 3.77 2.947 C 3.736 2.984 3.705 3.024 3.678 3.066 L 3.678 2.922 C 3.695 2.799 3.713 2.675 3.728 2.551 C 3.743 2.428 3.752 2.257 3.619 2.179 C 3.487 2.102 3.293 2.16 3.157 2.213 C 2.807 2.35 2.484 2.623 2.211 2.878 C 1.939 3.132 1.676 3.452 1.312 3.586 C 0.919 3.731 0.548 3.563 0.427 3.157 C 0.314 2.784 0.345 2.338 0.407 1.958 C 0.461 1.587 0.607 1.235 0.832 0.935 C 1.073 0.624 1.425 0.42 1.815 0.365 C 2.254 0.313 2.636 0.546 2.932 0.847 C 3.096 1.012 3.369 0.774 3.205 0.608 C 2.91 0.314 2.561 0.071 2.142 0.01 C 1.748 -0.034 1.351 0.066 1.025 0.29 C 0.313 0.754 0.028 1.599 0.003 2.416 C -0.011 2.844 0.012 3.319 0.291 3.668 C 0.546 3.989 0.968 4.073 1.349 3.963 C 1.764 3.839 2.064 3.537 2.368 3.243 C 2.533 3.081 2.71 2.931 2.897 2.794 C 2.987 2.728 3.082 2.667 3.18 2.613 C 3.228 2.587 3.278 2.564 3.33 2.546 C 3.344 2.54 3.358 2.535 3.373 2.531 C 3.325 2.629 3.332 2.825 3.319 2.935 C 3.302 3.029 3.302 3.125 3.319 3.219 C 3.333 3.308 3.384 3.386 3.458 3.435 C 3.533 3.485 3.624 3.501 3.711 3.481 C 3.922 3.427 4.043 3.193 4.169 3.038 C 4.309 2.867 4.477 2.699 4.69 2.645 C 4.697 2.761 4.718 2.875 4.754 2.986 C 4.792 3.104 4.942 3.194 5.048 3.084 C 5.359 2.77 5.812 2.644 6.24 2.752 C 6.462 2.811 6.583 2.47 6.357 2.411 Z" fill="rgb(49, 107, 172)" height="4.00878150437474px" id="QqeSMGV74" transform="translate(8.875 17.375)" width="6.477730889237764px"/></g></svg>)
What is a digital signature?
In this article, you will learn how a digital signature works in principle, what the legal conditions are, and how the interplay between tegolySIGN and a Trusted Service Provider is structured.
What is a TSP?
A TSP (Trust Service Provider) is an organisation or entity that issues and manages digital certificates. These certificates are used to electronically confirm the identity of individuals, organisations, or devices and to ensure the integrity and authenticity of digitally signed data or documents.
What is a digital signature?
A digital signature, also known as an electronic signature, is a legally binding method by which digital documents, such as a PDF, can be signed, thereby providing your consent.
The legal framework for electronic signatures is set out in the European Union's eIDAS Regulation (European Regulation on electronic identification and trust services for electronic transactions). This also defines the requirements for the three different levels of electronic signatures:
the simple electronic signature (SES)
the advanced electronic signature (AES)
the qualified electronic signature (QES)
The three types of eSignatures differ essentially in their level of security. Here, they differ in evidentiary value, i.e., in the degree of trust in the signer's identity and in proof that the signed document is indeed the one presented. You can find more information here.
Definition and function of the digital signature
The digital signature is an electronic fingerprint generated using cryptographic algorithms. It serves to guarantee the authenticity and integrity of a message or document and to confirm the identity of the signer.
Definition: A digital signature is a cryptographic mechanism used to verify whether a message or document comes unaltered from a specific sender. Technically speaking, a digital signature consists of a data set generated by cryptographic algorithms, typically based on the document to be signed or a hash representation of the document.
Function:
Authentication: It confirms that the document indeed originates from the person or entity claiming to have sent it.
Integrity: It ensures that the document has not been altered after signing. If even a single bit of the document is altered after signing, the digital signature becomes invalid.
Non-Repudiation: The sender cannot later deny having signed the document, as the digital signature is specific to both the sender and the document.
It is important to emphasise that digital signatures and electronic signatures are not always synonymous. An electronic signature can be any type of electronic confirmation, such as a scanned image of a handwritten signature. A digital signature, by contrast, always has the cryptographic background described above.
How does a digital signature work?
How it works:
A hash value (also called a "checksum") of the document is created. This hash value serves as a compact representation of the content.
Using the sender's private key, this hash value is signed. The result is the digital signature.
Both the document and the signature are sent to the recipient.
The recipient uses the sender's public key to verify the signature. If verification is successful, this confirms the authentication and integrity of the document.
It is important to emphasise that digital signatures and electronic signatures are not always synonymous. An electronic signature can be any type of electronic confirmation, such as a scanned image of a handwritten signature. A digital signature, by contrast, always has the cryptographic background described above.
Difference between a digital and an electronic signature
The terms "digital signature" and "electronic signature" are often used interchangeably, but they refer to different concepts. Here are the fundamental differences:
Digital Signature:
Technical Basis: The digital signature is based on cryptographic methods. A private key, known only to the signer, is used to sign a document, and a public key is used to verify the signature.
Authentication: It provides a strong assurance that the document indeed comes from the stated sender.
Integrity: It ensures that the document has not been altered after signing.
Non-Repudiation: A signer cannot later deny having signed a document.
Standardisation: Often governed by legal frameworks and technical standards.
Electronic Signature:
Technical Basis: Can be any form of electronic confirmation or consent to a document or record. This can be, for example, a scanned image of a handwritten signature, a tick in a checkbox, or typing a name into an online form.
Authentication: The security level varies and can be lower than that of a digital signature. Sometimes it can be difficult to establish with certainty who provided an electronic signature.
Integrity: It does not always guarantee that the document has not been altered after signing.
Non-Repudiation: Can often be disputed, depending on how the electronic signature is implemented.
Standardisation: Less strictly regulated and standardised than the digital signature.
In summary, a digital signature is a specific form of electronic signature that uses cryptographic security features. While all digital signatures are electronic signatures, not all electronic signatures are digital signatures. It is important to consider the context and requirements of a specific use case to choose the appropriate type of signature.
Legal validity of the digital signature
The legal validity of a digital signature varies from country to country, based on the respective statutory regulations. Many countries have enacted laws and regulations to govern the use of digital signatures and clarify their legal status. Below, I introduce the legal frameworks for the digital signature in the European Union (EU) and the USA:
European Union:
eIDAS Regulation (Regulation (EU) No 910/2014):
This regulation establishes an EU-wide legal framework for electronic identification and trust services for electronic transactions.
It classifies electronic signatures into three categories: simple electronic signature, advanced electronic signature (AES), and qualified electronic signature (QES). Only the qualified electronic signature has the same legal effect as a handwritten signature.
Creating a qualified electronic signature requires a qualified certificate from a recognised trust service provider.
USA:
Electronic Signatures in Global and National Commerce Act (ESIGN Act) of 2000:
This law ensures that electronic signatures, contracts, and records have the same legal validity as their paper equivalents.
Uniform Electronic Transactions Act (UETA):
This draft legislation was adopted by the National Conference of Commissioners on Uniform State Laws (NCCUSL) in 1999 and implemented in most US states.
Like the ESIGN Act, UETA gives electronic signatures and records the same legal validity as their traditional counterparts.
It is important to note that many other countries have their own legal frameworks for electronic and digital signatures. In any case, individuals or businesses wishing to use digital signatures in a specific jurisdiction should familiarise themselves with the relevant local laws and regulations or seek legal advice.
What is a Trusted Service Provider – TSP?
A TSP stands for "Trust Service Provider". These are organisations or companies that offer trust services, particularly in connection with electronic signatures, seals, time stamps, and similar services.
In the context of the eIDAS Regulation (Regulation (EU) No 910/2014), a TSP refers specifically to an entity that offers one or more of the following services:
Creation, verification, and validation of electronic signatures: This involves the entire process, from issuing the digital signature to confirming its validity.
Creation, verification, and validation of electronic seals: An electronic seal is a type of digital signature used by a legal entity (e.g., a company) rather than an individual. It guarantees the origin and integrity of documents or data.
Creation, verification, and validation of electronic time stamps: An electronic time stamp confirms that a specific document or piece of information existed at a specific point in time and has not been altered since.
Delivery of certificates for website authentication: These are SSL/TLS certificates that ensure communication between a user and a website is secure.
Management of authentication means: This includes services enabling individuals or companies to electronically confirm their identity.
TSPs play a crucial role in creating a secure digital environment by providing the necessary infrastructure and services that allow individuals, businesses, and governments to secure their electronic transactions and communications. To be recognised as a TSP, these service providers must typically meet strict standards regarding security, reliability, and data protection.
What regulations govern a TSP in Germany?
In Germany, Trust Service Providers (TSPs) are primarily regulated by the eIDAS Regulation (Regulation (EU) No 910/2014), which applies to all member states of the European Union. The eIDAS Regulation establishes a common legal framework for electronic identification and trust services for electronic transactions in the internal market.
In addition to the eIDAS Regulation, Germany has enacted national regulations to implement and specify certain aspects of the regulation:
Vertrauensdienstegesetz (VDG - Trust Services Act): The VDG is the primary law in Germany governing the implementation of the eIDAS Regulation. In particular, it clarifies the tasks and powers of the national supervisory authority, which in Germany is the Federal Office for Information Security (BSI). The VDG also regulates specific requirements for trust service providers and the services they offer.
Vertrauensdiensteverordnung (VDV - Trust Services Ordinance): The VDV flesh out many of the regulations set out in the VDG and places detailed technical and organisational requirements on TSPs.
Federal Office for Information Security (BSI): In Germany, the BSI is responsible for supervising trust service providers. It monitors compliance with legal requirements, conducts security assessments, and can impose sanctions in the event of violations.
Trust service providers operating in Germany must register with the BSI before they can offer their services. If they wish to offer qualified trust services (e.g., qualified electronic signatures), they must undergo a rigorous assessment by a conformity assessment body and obtain certification from the BSI.
In summary, TSPs in Germany are subject to both European regulations (mainly the eIDAS Regulation) and national regulations (specifically the VDG and VDV), and they are supervised by the BSI.
How does the TSP provide certificates for QES, for example?
A Trust Service Provider (TSP) provides certificates for qualified electronic signatures (QES) via a multi-stage process involving both technical and organisational measures to verify the applicant's identity and ensure the integrity and confidentiality of the certificate. Here is a simplified overview of the process:
Application: An individual or organisation applies for a certificate for a qualified electronic signature from the TSP.
Identity Verification:
The TSP verifies the applicant's identity. This can be done in person, online, or through other reliable identification procedures.
For individuals, this may involve checking a valid ID card or passport.
For organisations, this may involve checking company documents, registers of commerce extracts, or similar documents.
Certificate Creation: Upon successful verification, the TSP generates a pair of public and private keys. The private key remains secret and is securely handed over to the applicant or stored on a secure signature creation device (e.g., a smart card or a secure signature token). The public key is embedded in the certificate.
Certificate Issuance: The TSP issues the qualified certificate to the applicant. This contains information such as the name of the certificate holder, the public key, the validity period of the certificate, and the digital signature of the TSP.
Storage and Publication: The TSP may store the certificate in a certificate repository or publish it in a public directory so that third parties can retrieve it and verify the authenticity of documents signed with the certificate.
Using the Certificate: The holder of the certificate can now use the private key to digitally sign documents. Third parties can use the public certificate to verify the signature.
Revocation: If the private key is compromised, or if the certificate should no longer be used for other reasons, it can be revoked. In this case, the certificate is added to a Certificate Revocation List (CRL), and third parties can check whether a certificate has been revoked.
It should be noted that the exact process may vary depending on the TSP and the respective national and regional regulations. However, the procedure described above aligns with general practices followed in many jurisdictions, including the EU under the eIDAS Regulation.
How long is a certificate valid and what happens if the provider goes insolvent?
A certificate has a fixed validity period, determined by the issuing Trust Service Provider (TSP). The exact duration depends on the type of certificate and the TSP's policy. Common validity periods for certificates are 1 to 3 years, but other periods can be set.
Nevertheless, all documents issued with a certificate remain valid for 10 years.
If the certificate provider (TSP) goes insolvent:
Notification: In most jurisdictions, trust service providers are legally obliged to notify customers and supervisory authorities in advance of significant operational disruptions or the cessation of their business operations.
Data Backup: In some jurisdictions, TSPs must make provisions for the event of business failure, for example, by backing up their data with a third party or making arrangements to transfer their services to another provider.
Continuation by another provider: It is possible that another TSP or organisation will take over the operations of the insolvent TSP, ensuring the continuity of services. Customers might then be asked to renew their certificates or obtain new certificates from this new provider.
Can certificates be forged?
Yes, certificates can be forged, but there are important distinctions and technical barriers to consider:
Forged Certificates: An attacker can attempt to generate a certificate that looks like a valid certificate from a trusted Certificate Authority (CA). The main problem for the attacker is signing the forged certificate with a valid private key from the real CA, which in practice is extremely difficult as these keys are meticulously protected.
Improperly Issued Certificates: In some rare cases, CAs have issued certificates that were fraudulently applied for, or they have been hacked and exploited to issue invalid certificates. These are not "forged" in the traditional sense, as they were signed by a genuine CA, but they were acquired or created in bad faith.
Self-Signed Certificates: Anyone can create a self-signed certificate that has not been signed by an official CA. While such certificates can be legitimate in certain use cases (e.g., for internal testing), they are considered untrusted in most public and commercial contexts.
To protect against forged or improperly issued certificates:
Certificate Verification: Modern software and operating systems verify certificates against a list of trusted CAs. If the certificate was not signed by one of these CAs, or if something else is wrong with the certificate (e.g., expired validity), a warning is usually displayed.
Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP): CAs publish lists of certificates that have been revoked or reported as compromised. Modern software can use these services to check the status of a certificate in real time.
Public Key Pinning: Some web services use public key pinning to ensure that only specific certificates or public keys are accepted for their services, even if other certificates have been signed by a trusted CA.
Certificate Transparency: This is a system for publishing and monitoring SSL certificates. It allows the public to see all certificates issued by a specific CA, making improperly issued certificates easier to detect.
Although certificates can be forged, the security measures and technologies mentioned above make it difficult to successfully exploit such forgeries in practice. However, it is always important to remain vigilant and update software and systems regularly to protect against the latest threats.
How is a PDF signed with such a certificate for QES?
Signing a PDF file with a qualified electronic signature (QES) using an appropriate certificate is a process typically performed with specialised software or a signing service. Here is a general guide on how to sign a PDF with a QES:
Preparation:
Ensure that you have a valid certificate for the QES. This certificate is often stored on a secure signature creation device (SSCD), such as a smart card or a USB token.
You will also need a card reader if your certificate is stored on a physical smart card, along with the required drivers and middleware to communicate with the device.
PDF Signing Software:
There are many software solutions, both commercial and open-source, that offer the ability to apply digital signatures to PDF documents. Some well-known PDF readers and editors, such as tegolySIGN, support signing documents.
Open your PDF file with the chosen software.
Add Signature Field:
Typically, you must add a signature field in the PDF software where your signature will be displayed. This field defines where on the page your signature (e.g., your name, the date, and potentially a seal) will appear.
Signing the Document:
Select the option to sign the document in the software and select the previously created signature field.
The software will prompt you to select the certificate for the QES that you wish to use. If you are using a smart card or a USB token, you may be prompted to insert it and enter the corresponding password or PIN code.
Once the certificate is selected and you confirm the signing process, the software will sign the PDF file with the private key associated with the QES certificate.
Verification:
After signing, you or others can verify the signature by opening the PDF document. The verifying software will use the public key from the QES certificate to confirm the validity of the signature.
Save and Share:
Save the now-signed PDF file and share it as needed.
How is all this implemented in tegolySIGN and what do I need to do as a user?
First of all, tegolySIGN is not a TSP. But we do not need to be, because in our application, tegolySIGN uses certificates from GlobalSign. GlobalSign is a leading global provider of identity and security solutions for businesses of all sizes. GlobalSign is registered as a TSP in the EU and listed on the EU Trusted List. Thus, every document signed with a GlobalSign certificate is legally valid across the EU under the eIDAS standard. As a software manufacturer, we can therefore focus entirely on our customers' needs and boast a TSP partner at our side who enjoys global trust.
As a user of tegolySIGN, you don't have to worry about anything, because even in our simple electronic signature (SES), all documents are signed and protected with the GlobalSign certificate. In the AES (advanced electronic signature) process, all documents are also signed with the GlobalSign certificate. Additionally, we use a second factor to authenticate the individual—in our case, an SMS PIN is sent to uniquely identify the person. From AES onwards, documents are also provided with a qualified time stamp from GlobalSign, which further increases the evidentiary value.
tegolySIGN and DATEV = digital trust
With tegolySIGN, trust becomes digital and is easily available for all DATEV users. To use it, you only need our application and our tegoly DATEVconnector; then you can hand over documents directly from DATEV to tegolySIGN for signature and have them signed with legal security.
What is a digital certificate?
What is a digital certificate? A digital certificate is an electronic document issued by a Certification Authority (CA). It contains the public key of a digital signature and specifies the identity in connection with the key, such as the name of the organisation. The certificate confirms that the public key belongs to the specific organisation. The Certification Authority acts as a guarantor. Digital certificates must be issued by trusted organisations and are only valid for a certain period. They are required to generate digital signatures.
What is the Public Key Infrastructure (PKI)?
The Public Key Infrastructure is a set of requirements that (among other things) make it possible to generate digital signatures. Through PKI, every transaction involving digital signatures includes a key pair: a public key and a private key. The private key, as the name suggests, is not public and is used exclusively by the signer of an electronic document. The public key is freely available and is used when needed to verify the signer's electronic signature. PKI requires additional elements such as the Certification Authority (CA), a digital certificate, end-user software, and tools for managing, renewing, and revoking keys and certificates.
What is a Certificate Authority (CA)?
Digital signatures rely on public and private keys. These keys must be protected to guarantee security and prevent fraud or malicious use. When you sign or send a document, there must be a guarantee that the documents and keys are securely generated and that valid keys are used. Certification Authorities (CAs), a type of trust service provider, are independent organisations that have established themselves as a reliable body for secure keys and provide the necessary digital certificates. Both the sender of a document and the recipient must use a specific Certification Authority.
Can I obtain signatures directly from DATEV using tegolySIGN?
Yes, with tegolySIGN, trust becomes digital and is easily available for all DATEV users. To use it, you only need our application and our tegoly DATEVconnector; then you can hand over documents directly from DATEV to tegolySIGN for signature and have them signed with legal security.
