Digital signature allows you to electronically and without using any paper perform the actions for which you previously had to give a signature on paper. Watch the video introducing digital signature.
The nature of digital signature and the use thereof is regulated in Estonia by the Digital Signatures Act (DAS) which was adopted on 7 March 2000. According to legislation, a digital signature is equal to a hand-written signature. All Estonian authorities are obliged to accept digitally signed documents.
- An infinite number of copies of equal legal force can be made of a digitally signed document. There is no more need to worry about securely archiving the only copy.
- Digital documents do not take up space.
- A digital document needs no paper, printer or other excess resources.
- There is no need to personally deliver documents anywhere. They are delivered to the necessary recipient by e-mail.
- It is also possible to find digital documents faster and archive them on the basis of various criteria by using document management software.
If you wish to create a digitally signed document with your own signature, use one the following:
- the DigiDoc3 program that is installed into your computer along with the ID-card software
- the State Portal www.eesti.ee
- the DigiDoc Portal https://digidoc.sk.ee
Digital signature support can be basically added to all the applications and programs where it is required.
The nature of digital signature
We use paper and a writing instrument to give an ordinary signature. The computer, as the name suggests, only deals with computing. A digital signature is expressed mathematically, ensuring the accuracy of the signature and protection against forging with the help of complex methods and calculations. It is not necessary to know or learn these methods and calculations when using the digital signature, yet knowledge concerning some basic facts is required.
Use of ID-card for signing – private key
The ID-card has a secret signature key that can be used with the help of the PIN2. This key is used to mark the signed document in a unique manner that cannot be forged. This in turn later allows you to certify that you signed it yourself. When giving a signature, the computer or card reader sends the PIN2 entered by the user along with the document to be signed to the ID-card, and this is used by the card to calculate a digital signature via the private key. A digital signature is a long sequence of numbers that is unique for every user and every document.
Upon the issuance of ID-cards, every user receives two certificates of which one is related to digital signing. The certificate may be compared to the specimen signature of a person – it is public and it can be used by anyone to examine whether the signature given by the person is authentic. The certificate also holds the personal data, name and personal identification code.
All certificates are different and correspond to the private keys of specific persons. The certificate can be used to examine digital signatures – if the certificate and the signature match mathematically (all the necessary calculations are obviously performed by the computer on behalf of the user), it can be claimed that the signature has been given by the person named in the certificate.
In case of digital signature, it is not merely sufficient if the user has entered the PIN2 and the digital signature has been 'calculated'. It is necessary to distinguish between valid and void digital signatures, as pursuant to the Digital Signatures Act, any signatures given with a void or suspended certificate are null and void.
After giving a signature, it must be examined whether the certificate of the person who gave the signature is valid. For this purpose, the program used for giving the signature automatically connects to the SK server and examines whether the certificate is valid. The SK server issues a special certification to a valid certificate that will be appended to the signature.