2019-07-29 Product news

Signing with multiple keys in ProofKeeper

In Woleet team, ProofKeeper has become our favorite tool to sign NDAs and contracts. We have worked on a feature adapted to enterprise contexts, where the signature of the legal department must be clearly distinguished from the signature of the finance department. You can now use different signature keys via ProofKeeper. These keys, if related to different user accounts, are protected by distinct API tokens, for more security.

Making signatory's identity information inalterable

As you know, Woleet.ID Server is the key component for identity management in Woleet electronic signature services. Each electronic signature is attached to an identity URL that provides up to date identity of signatories.

We have refined our identity verification method, to ensure the inalterability of the signatory's identity on the date of signature. This contributes to meet the requirements of eIDAS advanced electronic signatures. It is now possible to add in the signed information, in addition to the file hash, the signatory’s identity and the name of the organization having performed identity check. On our signature verification tools, you can now compare the signatory identity on the date of signature with today’s date. The format of signature proof receipts has been updated, while maintaining backwards compatibility (see API documentation).

You can also see this evolution in ProofDesk. Even if ProofDesk is not integrated with Woleet.ID Server, the identity of the signatory as set in the signature request is included in the signature and is still visible at validation time. For adepts of pseudonymous signatures, don’t worry, it is still available (just don't precise a signatory in the signature request).