Abstract: Various embodiments include one or more of systems, methods, software, and data structures for validating a digital signature, wherein common information in a certification chain is maintained in one entry of a Document Secure Store (DSS). The DSS separates the Long Term Validation (LTV) information from the digital signature, allowing amendment of and addition to the LTV information in the DSS after a digital signature is applied to a document.

Abstract: Systems and methods are provided for authorizing third-party access to a specific service from a service provider. In an example embodiment, a server system identifies a shared service from multiple services provided by the server system. The shared service is specified by an authorizing entity. The server system provides a credential associated with the shared service and the authorizing entity. The server system receives a request to access the shared service from a requesting entity that is separate from the authorizing entity. The server system verifies that the request includes the credential and that the credential is associated with the shared service and the authorizing entity. The server system provides access to the shared service to the requesting entity based on verifying that the request includes the credential. The requesting entity is restricted to accessing the shared service identified by the credential as authorized by the authorizing entity.

Abstract: Various embodiments include one or more of systems, methods, software, and data structures for validating a digital signature, wherein common information in a certification chain is maintained in one entry of a Document Secure Store (DSS). The DSS separates the Long Term Validation (LTV) information from the digital signature, allowing amendment of and addition to the LTV information in the DSS after a digital signature is applied to a document.

Abstract: Systems and methods are presented for distributed validation of a digitally signed electronic document. A computing device accesses both a representation of the electronic document and a digital signature for the electronic document that includes a digest generated by the digital signature's creator by applying a one-way function to the electronic document. The computing device applies the same one-way function to the accessed representation of the electronic document to generate a new digest, and includes both the digital signature and the new digest in a request sent to a separate validation server. The request does not include the electronic document. The validation server generates validation results that depend on comparing the digest from the digital signature with the new digest, and that do not depend on having the electronic document available to the validation server. The computing device receives the validation results from the separate validation server.

Abstract: Various embodiments include one or more of systems, methods, software, and data structures for validating a digital signature, wherein common information in a certification chain is maintained in one entry of a Document Secure Store (DSS). The DSS separates the Long Term Validation (LTV) information from the digital signature, allowing amendment of and addition to the LTV information in the DSS after a digital signature is applied to a document.

Abstract: Systems and methods are provided for authorizing third-party access to a specific service from a service provider. In an example embodiment, a server system identifies a shared service from multiple services provided by the server system. The shared service is specified by an authorizing entity. The server system provides a credential associated with the shared service and the authorizing entity. The server system receives a request to access the shared service from a requesting entity that is separate from the authorizing entity. The server system verifies that the request includes the credential and that the credential is associated with the shared service and the authorizing entity. The server system provides access to the shared service to the requesting entity based on verifying that the request includes the credential. The requesting entity is restricted to accessing the shared service identified by the credential as authorized by the authorizing entity.

Abstract: Systems and methods are provided for authorizing third-party access to a specific service from a service provider. In an example embodiment, a server system identifies a shared service from multiple services provided by the server system. The shared service is specified by an authorizing entity. The server system provides a credential associated with the shared service and the authorizing entity. The server system receives a request to access the shared service from a requesting entity that is separate from the authorizing entity. The server system verifies that the request includes the credential and that the credential is associated with the shared service and the authorizing entity. The server system provides access to the shared service to the requesting entity based on verifying that the request includes the credential. The requesting entity is restricted to accessing the shared service identified by the credential as authorized by the authorizing entity.

Abstract: Systems and methods are presented for distributed validation of a digitally signed electronic document. A computing device accesses both a representation of the electronic document and a digital signature for the electronic document that includes a digest generated by the digital signature's creator by applying a one-way function to the electronic document. The computing device applies the same one-way function to the accessed representation of the electronic document to generate a new digest, and includes both the digital signature and the new digest in a request sent to a separate validation server. The request does not include the electronic document. The validation server generates validation results that depend on comparing the digest from the digital signature with the new digest, and that do not depend on having the electronic document available to the validation server. The computing device receives the validation results from the separate validation server.

Abstract: Systems and methods are presented for distributed validation of a digitally signed electronic document. A computing device accesses both a representation of the electronic document and a digital signature for the electronic document that includes a digest generated by the digital signature's creator by applying a one-way function to the electronic document. The computing device applies the same one-way function to the accessed representation of the electronic document to generate a new digest, and includes both the digital signature and the new digest in a request sent to a separate validation server. The request does not include the electronic document. The validation server generates validation results that depend on comparing the digest from the digital signature with the new digest, and that do not depend on having the electronic document available to the validation server. The computing device receives the validation results from the separate validation server.

Abstract: A method and apparatus are presented to perform a distributive computation of a digital signature in a document signing process. A signing request from a remote device initiates the document signing process including the distributive computation. The server verifies digital certificates corresponding to a signer's public key. An encryption request including a set of authenticated attributes and a hash value based on the to-be-signed content is transmitted to the remote device. A signer at the remote device encrypts the hash value in the encryption request with an encryption process utilizing a private key. The resulting encrypted hash value is transmitted to the server to produce the digital signature used to sign the subject content. This distributive computation process minimizes the amount of data transmitted between devices, while minimizing remote device resource requirements, and maintains the integrity of the signer's private key during generation of the digital signature.

Abstract: Systems and methods are provided for authorizing third-party access to a specific service from a service provider. In an example embodiment, a server system identifies a shared service from multiple services provided by the server system. The shared service is specified by an authorizing entity. The server system provides a credential associated with the shared service and the authorizing entity. The server system receives a request to access the shared service from a requesting entity that is separate from the authorizing entity. The server system verifies that the request includes the credential and that the credential is associated with the shared service and the authorizing entity. The server system provides access to the shared service to the requesting entity based on verifying that the request includes the credential. The requesting entity is restricted to accessing the shared service identified by the credential as authorized by the authorizing entity.

Abstract: A method and apparatus are presented to perform a distributive computation of a digital signature in a document signing process. A signing request from a remote device initiates the document signing process including the distributive computation. The server verifies digital certificates corresponding to a signer's public key. An encryption request including a set of authenticated attributes and a hash value based on the to-be-signed content is transmitted to the remote device. A signer at the remote device encrypts the hash value in the encryption request with an encryption process utilizing a private key. The resulting encrypted hash value is transmitted to the server to produce the digital signature used to sign the subject content. This distributive computation process minimizes the amount of data transmitted between devices, while minimizing remote device resource requirements, and maintains the integrity of the signer's private key during generation of the digital signature.

Abstract: Long-Term Validation (LTV) of a digital signature status indicator is disclosed. In some embodiments, the Long-Term Validation of a digital signature status indicator includes automatically determining whether a digital signature of a digitally signed document is LTV enabled based at least in part on LTV information; and generating an LTV status indicator that displays whether the digital signature of the digitally signed document is LTV enabled.

Abstract: Systems and methods are presented for distributed validation of a digitally signed electronic document. A computing device accesses both a representation of the electronic document and a digital signature for the electronic document that includes a digest generated by the digital signature's creator by applying a one-way function to the electronic document. The computing device applies the same one-way function to the accessed representation of the electronic document to generate a new digest, and includes both the digital signature and the new digest in a request sent to a separate validation server. The request does not include the electronic document. The validation server generates validation results that depend on comparing the digest from the digital signature with the new digest, and that do not depend on having the electronic document available to the validation server. The computing device receives the validation results from the separate validation server.

Abstract: Various embodiments include one or more of systems, methods, software, and data structures for validating a digital signature, wherein common information in a certification chain is maintained in one entry of a Document Secure Store (DSS). The DSS separates the Long Term Validation (LTV) information from the digital signature, allowing amendment of and addition to the LTV information in the DSS after a digital signature is applied to a document.