Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

When a section is signed, the data in the section, together with a time stamp, the signing user, and a few other things are used to generate a message digest. The message digest is digitally signed using the private key. The signatures (there can be more than one) are included with the submission – in the repository and sent in the HTTP POST so you can can save it yourself if you want.

When the form is re-initialized from the submission documents, you must also supply the signatures. The initialization process will verify that the data has not changed (i.e., has not been tampered with) and the signature is still valid. If the signature is not valid, it is removed and the entire Section is displayed with a visible error (large red background). If it is valid, there is a green background and the Section cannot be edited.

...