Associating MS Certificates w/ handwritten signatures

pts.
Tags:
Biometrics
Development
Digital certificates
Identity & Access Management
provisioning
Security
Security tokens
Single sign-on
Does anyone know if it is possible to associate a Microsoft PKI/Certificate to a signature image (handwritting) so that a document/email can be signed (digitally) but will also have an image of the associated handwritten signature embedded within the document (and secured)? I know more advanced PKIs (like Entrust) have tools to do this, and I have found a few applications on the web (like specialized fonts), but I have not found any that specifically work with Microsoft 2000/2003 certificate authorities. Any help is greatly appreciated. Thanks, Mike

Answer Wiki

Thanks. We'll let you know when a new response is added.

Would be a two part process. Since the ‘signing’ of a document derives form checksum hash against the private key allowing the public key to verify content as unchanged, then adding an image with key would invalidate the checksum. Add the image first then generate the key. Depending on document processor/e-mail you may get to usa a batch file and combine the steps as one command. Basic is still two processes – attach/embed image of signature and then generate ‘signature’.

Discuss This Question: 7  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Michael711
    Thanks for your response. What I am hoping for is an image that is tied to the certificate in such a way as to protect it. If I include just an image/bitmap of my handwritten signature it would be too easy for anyone receiving a copy of the document to copy/paste my signature onto another document. I was hoping that there is some way of making Microsoft's CA work somehting like this: http://www.silanis.com/page.aspx?file_id=901 Thanks, Mike
    0 pointsBadges:
    report
  • Amigus
    Given that the hand-written signature has no bearing on the authenticity or integrity of the message wouldn't it be sufficient to simply configure the users email client to attach the bitmap as part of their signature?
    0 pointsBadges:
    report
  • SecTech
    Hi Micheal, it is unclear to me what you are trying to "tie" together... Is it the message to image .. no that is done by imbedding; is it the certificate to the message .. no most e-mail clients can do so; the image to the certificate.. try that one with an adobe-like program to create a certified pdf from your handwriting.. but still that image can be copied... do you want the reader to know that you were the issuer of the message...? Thawte has a free of charge system... and last but not least: If you want the information in the message together with the image of your signature in one certified message: you could try the software I know as "signature 995" (part of www.pdf995.com) to create a certified encrypted pdf-format file which you can sent to your recepient by plain or certified email client. In that case the image of your handwritten signature rests securly in the document where it belongs to. Good luck.
    0 pointsBadges:
    report
  • Michael711
    I wanted to let everyone know that I have found something that I think meets all my requirements... other than it is not freely part of the base Microsoft PKI. If you are interested, check out this link: http://www.silanis.com/page.aspx?file_id=1049 Thanks, Mike
    0 pointsBadges:
    report
  • Ve3ofa
    you have a document and an image file (signature).. once the message is sent digitally signed if any part of the document is changed the digital signature is invalid. an unsigned document with the copy of the signature would stand out.. i.e. you could have the recieving program only accept digitally signed messages. (you can further restrict the valid certificates) are you using tablet pc's in which the pc is owned by the department and the signatory does not have their own account on the network and you want to compare the signature on the tablet pc with a stored image and then generate a digital certificate? Almost impossible since computers are generally yes/no machines and any difference in the signature (a persons handwriting / voice etc) changes throughout the day and this test would in all likelyhood fail. Your question is a bit vague.. an image is just a piece of data.. are you attempting to digitally sign the image data AND the document data? an adobe pdf can be digitally signed and locked down so it cannot be changed...
    80 pointsBadges:
    report
  • Michael711
    I am not trying to just certify the document that contains the signature, but to also protect the signature itself so that someone can not copy/paste the signature into some other docuement (i.e. identity theft?). What I like about the ApproveIT is that it appears to watermark the signature image so that you know if it is paired with a valid certificate. If someone where to copy/paste it into another document it would (allegedly) change the image to indicate it is invalid. Maybe I am misunderstanding their features statements because I have not tested their software, but this is what is looks like to me. Hope this clarifies things. Mike
    0 pointsBadges:
    report
  • Jaysea
    Hello Mike, We use the ApproveIt software in our Field Service department for customer signatures and it works great.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following