The digital signature is the outcome of an IT procedure that guarantees a real, acknowledged legal value to your electronic documents. Thus, they can be shown in court and they are concrete witnesses of some steps or actions that a specific party has performed.
In easier terms, the digital signature generates the three fundamental features for an electronic document to become legally valid:
Authenticity (to guarantee the identity of the person who signs the document);
Integrity (to ensure that the document has not been changed after it was signed);
How do you generate a digital signature?
To generate a certified digital signature, you must use two asymmetrical digital keys assigned univocally to a party, namely the owner. This is a real digital identity that characterises and identifies you.
The owner only knows the private key and uses it to generate the digital signature to sign the document. Vice versa, the public key is needed to verify if the signature is authentic.
When a digital signature is required, you must usually interact with two parties:
– The Registration Authority Operator (RAO), whom the Issuer has authorized, through a special agreement, to perform the following specific functions:
To identify the user ad record data in the electronic application form;
To request the issue of digital certificates and store them on a token;
To customize and deliver the token to the owner;
To support the owner when renewing/revoking the certificates.
The Attesting Officer (AO), whom the certificate issuer has instead delegated – through a special mandate – to identify the applicant, to register the data required to generate the certificates and to deliver it in a token.