A security advisory was published on 11th November 2014 by Microsoft, describing a security threat that may allow arbitrary code execution by hackers. This vulnerability could allow remote code execution, if an attacker sends carefully crafted packets to a Windows server. This issue lies within Microsoft's SChannel implementation, and has been rated as "Critical" by Microsoft, for all the supported releases of Microsoft Windows. This is a test
Bulk signing is a powerful feature of SigningHub which allows users to digitally sign multiple documents in one go thus saving substantial time in opening the document and signing them one by one. This feature works both when you are using either a local (client-side) signing keys OR server side signing keys.
OpenSSL is one of the most commonly used toolkits to implement PKI services. It is free/open source, regularly updated and comes bundled with Linux. You can also install its binaries on Windows. Although issues in the SSL protocol have been identified in the past, this time most OpenSSL implementations have a critical vulnerability.
Researchers in Codenomicon and Google found the vulnerability inside the OpenSSL implementation code, see this link for more details: CVE-2014-0160. Once exploited, a threat agent can access sensitive information which includes passwords and secure key information. OpenSSL has recently provided a patch to address this vulnerability.
The SigningHub “in-person signing” feature is a new capability that enables a person to electronically sign documents without requiring them:
SigningHub currently enables users to create a combined e-signature with a digital signature. The e-signature part is the hand-signature image displayed on the document, whilst the advanced PKI digital signature is the part that is embedded into the PDF document and is verifiable upon clicking the signature appearance.
In the real-world often it doesn't matter who signs a document but rather do they have the sufficient authority to do this. That is the "identity" of the signer is not as important as the "authorisation". E.g. a Purchase Order typically requires an authorised member from the Procurement department to sign-off on it.
We have recently added a strong user authentication method into SigningHub that uses X.509 SSL/TLS client authentication certificates. This feature is only available to on-premise installations of SigningHub.
The latest release of SigningHub provides a very handy way to guide users on the form fields they are required to complete before signing the document. This is achieved through the use of navigation tooltips guiding the user in a step-by-step fashion.
Form filling is an integral part of many business workflow processes. Organizations big or small require their employees, partners or customers to fill forms e.g. account opening forms, signing up to company policy documents, filling in and signing insurance claim forms, completing expenses and holiday requests etc.