Digital Signature (Digitale handtekening)
Users can sign documents either before or after publishing, if they have the "sign" role assigned to them. Up to two signatures are possible and a user can only sign a document once.
On signing a cryptographic hash* is calculated from a string consisting of the URI of the person signing, the date time of the moment the user initiated the signature and the content of the document. Small changes in the content of this string result in large changes of the hash, meaning it's impossible to update the document and generate a similar looking hash.
A cryptographic hash is a mathematical algorithm that maps data of arbitrary size (often called the "message") to a bit array of a fixed size (the "hash value", "hash", or "message digest"). It is a one-way function, that is, a function which is practically infeasible to invert.Ideally, the only way to find a message that produces a given hash is to attempt a brute-force search of possible inputs to see if they produce a match, or use a rainbow table of matched hashes. Cryptographic hash functions are a basic tool of modern cryptography.
The content of the document as signed, the hash, the created date and the person who signed it (and his roles at the time of signing) are stored in a sign:SignedResource.
The application does not allow editing of signedResources, it can only create new ones.
The first and lastname of the person who signed, the date of the signature and the cryptographic hash are displayed in the interface.
https://binnenland.atlassian.net/browse/GN-2408 (restricted access)
Erase/delete a signature
Description
Het is nu ook mogelijk om een handtekening te verwijderen na ondertekening. zie daartoe ook de handleiding hoe deze functionaliteit werkt.
Design
Figma link for mockups: GN-4022
Description/notes:
In the figma file, you will find 2 sections:
1 Orange section with the screenshots of the pages as they are now
1 green section with the new feature
New feature
We are dealing with the “Ondertekenen“ section of each document in a zitting
This includes reshuffling of the layout and addition of new elements
We remove the hash from this page (it is now available in the action log*)
We move the date next to the name of the person who signs
when logged in as the person that signed, we add a button to revert the signature
this button turns into an alert where the user needs to confirm the action
We add a new label next to the name if the signature has been reverted
we keep the logs of the reverted and active signatures for that document visible (only name, the other details are in the action log*)
When one signature has been reverted, it is still possible to publish the document → we add an alert to warn the user that one of the signatures has been removed
When both signatures are reverted and a document is deleted + new one gets added, we add a pill “New version available“ to the document to alert the user there are changes.
Action log
This is a new page in the Zitting
it will show a detailed table view of al the sign-actions users have taken within that document
it also offers a link/detailed view of the document the action relates to
if the document has been deleted, a view is still offered, but greyed out with no possible actions
Last updated
