On 15th November 2018, Ascertia launched the ADSS Server Winter ’19 release (v5.10). This release delivers a new Cryptographic Service Provider (CSP) Service enabling Remote Signing with a range of applications including Microsoft Word, Outlook and Adobe Acrobat®. The benefits of remote signing for end users include no specialist hardware (smart cards), reduced costs, and a simplified signing process with strong security. We hope you enjoy using this new functionality!
MD Rod Crook recently spoke at the eID Forum, Tallinn. Rod’s talk, Enabling business applications to take advantage of eIDAS Remote Signatures, discussed how signing solutions are beneficial to organisations and what features they should be looking for when purchasing a solution.
On 18th September 2018, Ascertia launched the ADSS Server Autumn ’18 release (v5.9). This release delivers a brand new Signature Activation Module (SAM) and Remote Authorisation Service (RAS) to support eIDAS compliant Remote Signing with Level 2 Sole Control. The benefits of remote signing for end users include: no specialist hardware or software; reduced costs; simplified key management; and better security and auditing. We hope you enjoy using this new functionality!
At this year’s eID Forum in Tallinn, Ascertia will be presenting and discussing how all organisations can benefit from the use of document workflow and digital signature technology. The focus will be on eIDAS compliance and in particular the way in which the new remote signing standards can be employed to optimize the user experience.
A recent Forrester report outlined several interesting trends – firstly, the adoption of e-signatures within businesses continues to grow steadily throughout the world and in Europe enterprises are engaging with e-signature providers for a broader set of digital services than their US counterparts.
Last year’s IoT Solutions World Congress was an opportunity for the industry to focus on the increasing influence of the Internet of Things in PKI planning. We attended the event with our technology partner Thales e-Security, which has just published a report with the Ponemon Institute looking at PKI trends across eleven countries.
Recently a vulnerability in the implementation of TLS protocol has been found called ROBOT (Return Of Bleichenbacher's Oracle Threat). This is the return of a 19-year-old vulnerability that allows RSA decryption and signing operations with the private key of a TLS server.
We’re pleased to announce that Ascertia has been ‘Highly Commended’ at this year’s UK IT Industry Awards in the Cloud Innovation Provider of the Year category!
Companies trading within the EU must comply with countless regulations every day, including directives specifically relating to VAT and electronic invoicing.
Launched in 2012, the G-Cloud framework has revolutionised how public sector departments access innovative IT solutions. By providing the UK Government the ability to procure services from approved cloud-based suppliers, IT costs have been driven down and efficiency increased.
This article discusses the features that should be on a highly desirable feature list when looking for an OCSP Responder product. Although the main focus of this topic is technical there are of course also commercial aspects that need consideration, these are summarised briefly at the end. The technical features explained here are all available and implemented in Ascertia ADSS OCSP Server, which is downloadable on trial basis.
It is clear that digital signatures are a very valuable security technique that enables data integrity (proving that the information has not changed since signing) and user authentication (proving who signed-off or approved the information). Digital signatures are now widely used in various industries and applications from signing of machine-readable travel documents to payment transactions to e-invoicing.
The ADSS Connector for SharePoint has always provided tight integration with the Microsoft SharePoint portal and ADSS Server Go>Sign Service. This allows enterprise users to "click and sign" on a document in SharePoint. The internal process first uploads the target document to ADSS Server, (converting the document to PDF/A if required) and then shows it to the user using the ADSS Go>Sign Viewer.
The ADSS Server Signing Service can create PDF digital signatures or all common ETSI PAdES formats (PAdES Part 2,3,4) and it can also create and apply visible signature appearances where requested. While other digital signature approaches have quite limited signature appearance functionality, the ADSS Server Signing Service includes a sophisticated and yet easy to use signature appearance designer. This enables administrators to create visible signatures that are optimised for their business purpose.
Hardware Security Modules (HSMs) are a fundamental part of a high trust solution. They offer fast, secure processing of private keys, which ensures that keys cannot be created, copied, changed or deleted without appropriate permission or stolen without being noticed. They also off-load the processing cost of digital signatures for high performance systems such as time stamping servers or certificate validation servers.
This article describes why RFC3161 compliant Time Stamp Authority (TSA) servers are needed and what to look for when choosing a Timestamp Authority (TSA) server. ETSI TS 101 861 and TS 102 023 also places important requirements for TSA services providers and these are also considered in this hot topic.
ADSS Server v4.8+ supports clever integration with Active Directory and other LDAP compliant directories to enable seamless and automatic management of each user’s digital certificate, including generation, revocation and re-issuance.
SSL Trust Issues
India's National Informatics Centre (NIC) has now joined the infamous Dutch CA DigiNotar in issuing fake and unauthorized digital certificates, yet again damaging the faith we place in Certification Authorities to provide high trust identity assurance.
Using PKI-based digital certificates has become a widely accepted means of electronic identity authentication for all kinds of purposes, from logical/physical access control to document signing, server authentication for e-commerce sites and software code authentication.