Electronic signature provides reliable information about the identity of the signatories. Signatures are technically created via signature key pairs, that shall be bound to the identity of a natural person or of an organizational entity (legal person).
In a signature key pair, the private part (i.e. private key) is used to sign, the public part (i.e. public key or address) is used to verify this signature. The owner of the private key is the only one that can sign with this pair of signature keys.
To be able to manage the identity of keys that were generated outside from Woleet.ID Server (in a mobile or a Ledger), it is necessary to register them with Woleet.ID Server. This will result in storing in Woleet.ID Server a public key bound to a user, while the private key remains under the strict control of the owner of the smartphone or Ledger.
It will then be possible to send signature requests to this user, identified by his/her name, and not only by his/her bitcoin address.
The following article describes how to register a public key with the Woleet signature service.
In Woleet.ID Server, for a given user, you can select the button "Send Key Registration Request".
This opens a form in which you need at least to fill-in the name of the key pair you want to register.
You can also define a hosting device, being either a mobile phone or a Ledger.
Other fields concern:
- The key expiration date
- The request expiration date.
Validating the form will send an email to the user you selected for the key registration request.
The user gets an email inviting him to follow the Key Registration procedure.
The Key Registration procedure falls into the following steps:
- Acknowledge the identity information.
- Create a signature key pair (the private key stays under the control of the signatory).
- Accept and sign Woleet Signature Service Terms and Conditions of Use using this key.
The user can see the identity information that is stored in the Woleet.ID Server database and that will be bound to his/her signature key if he/she accepts it.
The user can refuse this identity information, for any reason, and notably if the identity information is not correct. It is possible to explain the refusal, and to ask for modifications, via an email to the point of contact configured in Woleet.ID Server.
While the identity information is not acknowledged, the Key Registration procedure cannot be completed.
The Key Registration Procedure requires to have a signature key pair. It can be created or restored with Woleet applications on mobile (iOS, Android) or Ledger.
The User is asked to accept the Terms and Conditions of Use (TCU) of the signature service. Downloading the TCU is mandatory, as the signature of this document is required to complete the procedure.
The User can refuse, but he/she won't be able to go to the end of the Key Registration procedure.
Once the signature TCU are accepted, the User gets an email inviting him to sign the TCU with the newly registered keys.
Once the signature is created, the signature public key is stored in Woleet.ID Server and bound to the User.
Updated almost 3 years ago