We recently hosted a webinar with iText and one of our joint customers, Zetes, where we talked about cloud-based digital signatures. In addition to explaining the cryptographic technology underlying digital signatures, we talked about the two main deployment options - desktop and server.
Server-based solutions are gaining in popularity, in part because the signer doesn't need to carry around a token (the signing credential is stored on an HSM), and also because they can integrate with automated document generation software (e.g., Adobe LiveCycle, iText-based solutions, Ascertia DSS, EldoS SecureBlackbox) to support high volume signing. We received a bunch of questions about server-based deployments, so I wanted to share a few of them here for anyone who is considering using one.
Hosted HSMs
You said you offer a Hosted HSM option. How does that work?
HSMs have multiple partitions, each of which can hold multiple credentials (key pairs). When it comes to high volume document signing solutions, most only require a single department or company credential, making an entire HSM overkill.
With our hosted solution, you essentially lease a partition from one of our HSMs hosted in the cloud. This significantly reduces the cost, while still providing a scalable solution with high signing capacity.
It also makes implementation much easier as we handle the key management and cryptographic operations, so in-house expertise is not required.
Certificate/Key Pair Installation
How is a digital certificate transferred from a Certificate Authority (CA) to the hosted or owned HSM?
All of the key material is generated and stays on the HSM itself (or other cryptographic device, such as a USB token). In simple terms:
- A user generates a key-pair on the HSM. The private key always stays on the HSM and is non-exportable.
- The user generates a certificate signing request (CSR), which contains the public key and company information that will bevetted by the Certificate Authority (CA) issuing the signing certificate. The private key signs the CSR.
- The CSR is submitted to the CA, which verifies and signs the submitted information and public key.
- The signed public key is sent back to the user and imported onto the HSM for use.
During the signing process, the document never leaves the signing environment and the private key always remains on the HSM. A hash of the document, which is generated by the signing solution, is sent through the HSM, generally through an NTLS-protected connection. The HSM signs the hash and sends it back to the signing environment.
For more information on digital signatures, desktop- or server-based, check out the full recording of the webinar. You'll also hear from our customer, Zetes, who combined our timestamping and signing services with iText's document workflows to create a custom B2C digital signature platform. Check it out and let us know what you think!