E-Signatures

You can configure electronic signatures to use them for contracts. You must verify the e-signature to establish their security and legal validity.

Public and private keys

A valid e-signature contains public and private keys.

When documents are e-signed, the public key and a certificate are distributed. The private key is not publicly circulated and is kept secure with the e-signature owner.

The public key of an organization may be distributed in an insecure method. The private key must always be secure. If the private key becomes available to unauthorized entities, the validity of the e-signature cannot be guaranteed.

In Emptoris® Contract Management, e-signatures are distributed as an addendum to the PDF files that are generated for executed contracts. With the public key, the digital signature of the contracts is verified.

The certificate that is distributed with the public key must be registered with an appropriate certificate authority, such as VeriSign. The authentication of the public key is done by using the certificate, ensuring that the key is valid.

Where to get information about configuring e-signatures

For information about configuring e-signatures, see the IBM® Emptoris Suite Maintenance Guide.