Sign XML documents with a digital signature in a WYSIWYS environment, thanks to Connective eSignatures
Connective’s digital signature solution offers the feature to digitally sign XML-data, among a wide range of other formats. While this is a rather common format, it remains quite rare in the market of digital signatures. The reason for this is that Connective eSignatures solution has a unique ‘What You See Is What You Sign (WYSIWYS)’ feature for signing XML-data. This means the signer sees exactly what he will be signing. While this is common for PDF and Word files, it is not for XML. This particular addition contributes to the integrity of these digital documents and their digital signatures.
What you see is what you sign (WYSIWYS)
First, let´s explain why the WYSIWYS principle is important. Ideally, a digital signatures solution guarantees that literally “what you see is what you sign”. It enables the user to see the document or data to be signed before effectively signing it. The user interface is built as such that the user can only view the document but not alter anything.
Here’s an example:
For both signer and sender this WYSIWYS property means they have an extra control over the data to check if it is the data they both agreed upon and that it has not been tampered with before signing. While this WYSIWYS principle is obvious for documents in Word or PDF, it is not for XML files.
XML signing and security
XML was designed to store and transport data. It is a common data format for machine-to-machine communication.
Just like PDF documents, XML often includes specific data that needs to be protected or approved. Meaning that for many companies there is an equal need to secure XML as well as PDF or other formats. XML data needs protection and guarantee in terms of authentication of origin and sufficient proof that the data has not been changed in transit. The globally-recognized method to ensure this protection, is to use digital signatures based upon PKI (Public Key Infrastructure) technology to enable the encryption and digital signing of the exchanged data.
Although digitally signing XML data is nothing new and is in use for many years now, we believe that the XML signing we introduced in our electronic signature solution is revolutionary. Many XML signature solutions do not allow you to see what you are exactly signing and are far from being as user-friendly as you’ll find ours to be. In other software solutions you might be able to view the XML document but as XML documents are not easily readable, you are not sure what you are signing. XML files consist of raw code fields (tags) and data (values), like this:
How does digitally signing XML-data in eSignatures work?
Through our API, the sending party can easily upload XML files together with a representation in PDF. For an XML expert, transforming an XML file to PDF is a piece of cake. This representation will help the signer to view what he is about to sign in a human readable format.
The user doesn’t need to download anything to read the document in a secure way. The document can be read remotely before signing on whatever device the signer prefers, whether it is a desktop, laptop, tablet or mobile phone. The signing itself will still be done in XML.
If you would like to see how XML signing works in Connective eSignatures, here is a short demo movie:
Compliant with European legislation
This type of XML signature is highly secure and in accordance with the ETSI EN 319 132 XML Advanced Electronic Signatures (XAdES). Meaning it is compliant with the European eIDAS legislation and standards and therefore at least valid within Europe, but also recognized beyond.
The WYSIWYS of our digital signature software combines the benefits of security and compliance of placing an XML signature with a user-friendly interface.
Practical use case of digitally signing XML-data in Belgium
As of January 2019, municipalities need to sign municipal documents – like birth and marriage certificates – in XML before sending it to the federal government. To date, 45 Flemish municipalities have implemented Connective’s digital signature solution with XML signing. For the municipal employees, it is a revelation. They can easily check the document and sign it before forwarding it to the federal authority.
A broadly applicable solution
As a legally recognized European signature, signing XML data will be valuable for many more organizations in the future. This WYSIWYS addition to XML signatures will be practical for everybody using XML files because it is:
- User-friendly: both sender and receiver can see the relevant document
- Compliant with all European legal standards,
- Secure as no subsequent changes can be made after signing.
Most of our signing methods are usable for XML signing.
It supports Simple, Advanced and Qualified electronic signatures.
Are you curious if this digital signature solution is suitable for your company? Please contact us. We will gladly discuss the specific needs of your company or organisation.
Questions? Don't hesitate to contact us!