Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2025-11-12 07:43:16 +10:00
Code Issues Packages Projects Releases Wiki Activity
Files
e1464ac2d3015b34bd2a59bb1569189f530c7dd9
documenso/apps/documentation/pages/users/compliance/signature-levels.mdx
Catalin Pit 8367878395 feat: documentation site (#1101) 
## Description

<!--- Describe the changes introduced by this pull request. -->
<!--- Explain what problem it solves or what feature/fix it adds. -->

## Related Issue

<!--- If this pull request is related to a specific issue, reference it
here using #issue_number. -->
<!--- For example, "Fixes #123" or "Addresses #456". -->

## Changes Made

<!--- Provide a summary of the changes made in this pull request. -->
<!--- Include any relevant technical details or architecture changes.
-->

- Change 1
- Change 2
- ...

## Testing Performed

<!--- Describe the testing that you have performed to validate these
changes. -->
<!--- Include information about test cases, testing environments, and
results. -->

- Tested feature X in scenario Y.
- Ran unit tests for component Z.
- Tested on browsers A, B, and C.
- ...

## Checklist

<!--- Please check the boxes that apply to this pull request. -->
<!--- You can add or remove items as needed. -->

- [ ] I have tested these changes locally and they work as expected.
- [ ] I have added/updated tests that prove the effectiveness of these
changes.
- [ ] I have updated the documentation to reflect these changes, if
applicable.
- [ ] I have followed the project's coding style guidelines.
- [ ] I have addressed the code review feedback from the previous
submission, if applicable.

## Additional Notes

<!--- Provide any additional context or notes for the reviewers. -->
<!--- This might include details about design decisions, potential
concerns, or anything else relevant. -->


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

- **Documentation**
- Enhanced project README for clarity and improved environment variables
section.
- Added comprehensive developer and user documentation, including guides
on local development, public API, self-hosting, and compliance
standards.
- Introduced specific guides for contributing, creating API keys, using
webhooks, and setting up security measures.
- Detailed documentation on various fields available for document
signing to improve user understanding.
- Added metadata structuring to improve navigation within the
documentation site.

- **Chores**
  - Updated `.gitignore` to better handle project files.

- **New Features**
- Introduced detailed metadata and documentation for various Documenso
functionalities, including signing documents, user profiles, and
compliance levels.
- Added functionality for Direct Link Signing, enabling easy sharing for
document signing.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Timur Ercan <timur.ercan31@gmail.com>
Co-authored-by: Lucas Smith <me@lucasjamessmith.me>
Co-authored-by: David Nguyen <davidngu28@gmail.com>
2024-07-22 13:34:37 +02:00

106 lines
4.6 KiB
Plaintext
Raw Blame History

import { Callout } from 'nextra/components';
# Signature Levels
This page outlines our adherence to key regulations across various jurisdictions, including:
- U.S. ESIGN Act
- Uniform Electronic Transactions Act (UETA)
- European Union's eIDAS regulation
- Switzerland's ZertES
Whether you require simple electronic signatures or advanced cryptographic sealing, Documenso guarantees that all documents are securely sealed and compliant with the highest standards. Explore our compliance details below to understand how we maintain the integrity and enforceability of your electronic transactions.
<Callout emoji="🔏">
Documenso seals all signed documents cryptographically, regardless of signature level, to prevent
any alterations after signing.
</Callout>
## 🇺🇸 ESIGN (Electronic Signatures in Global and National Commerce) Act
<Callout type="info" emoji="✅">
Status: Compliant
</Callout>
The Electronic Signatures in Global and National Commerce Act (ESIGN Act) is a U.S. federal law that
ensures the legal validity and enforceability of electronic signatures and records in commerce.
### Main Requirements
- [x] Intent to Sign: "Parties must demonstrate their intent to sign [..]"
- [x] Consent: "The ESIGN Act requires that all parties involved in a transaction consent to the use of electronic signatures and records [..]"
- [x] Consumer Disclosures: Before obtaining their consent, financial institutions must provide the consumer a clear and conspicuous statement informing the consumer [..]
- [x] Record Retention: Electronic Records must be maintained for later access by signers.
- [x] Security: The ESIGN Act does not mandate specific security measures, but it does require that parties take reasonable steps to ensure the security and integrity of electronic signatures and records. This may include implementing encryption, access controls, and authentication measures.
## UETA (Uniform Electronic Transactions Act)
<Callout type="info" emoji="✅">
Status: Compliant
</Callout>
The Uniform Electronic Transactions Act is a law that provides a legal framework for the use of electronic
signatures and records in electronic transactions, ensuring they have the same validity and enforceability
as paper documents and handwritten signatures.
### Main Requirements
_See [ESIGN](/users/compliance/signature-levels#-esign-electronic-signatures-in-global-and-national-commerce-act)_
## 🇪🇺 eIDAS
<Callout type="info" emoji="✅">
Status: Compliant for Level 1 - SES (Simple Electronic Signatures)
</Callout>
eIDAS (Electronic Identification, Authentication and Trust Services) is an EU regulation that standardizes
electronic identification and trust services for secure and seamless electronic transactions across European
member states.
### Level 1 - SES (Simple Electronic Signatures)
eIDAS SES (Simple Electronic Signature) is a basic electronic signature with minimal security features.
### Main Requirements
- [x] Visual Signature
- [x] Clear Intent to Sign
### Level 2 - AES (Advanced Electronic Signatures)
<Callout type="warning" emoji="⏳">
Status: [Planned](https://github.com/documenso/backlog/issues/9) via third party until [Let's
Sign](https://github.com/documenso/backlog/issues/21) is realized.
</Callout>
eIDAS AES (Advanced Electronic Signature) provides a higher level of security with unique identification
of the signer and data integrity.
### Main Requirements
- [x] Cryptographic Signature Sealing the Document against tampering
- [x] Signing Using Dedicated Hardware (Hardware Security Module)
- [ ] Embedding Signer Identity in the Cryptographic Signature
- [ ] Being a Government Audited Trusted Qualified Services Provider
### Level 3 - QES (Qualified Electronic Signatures)
<Callout type="warning" emoji="⏳">
Status: [Planned](https://github.com/documenso/backlog/issues/32) via third party until [Let's
Sign](https://github.com/documenso/backlog/issues/21) is realized.
</Callout>
eIDAS QES (Qualified Electronic Signature) is the highest security level, legally equivalent to a handwritten
signature within the EU.
### Main Requirements
- [x] Cryptographic Signature Sealing the Document against tampering
- [x] Signing using dedicated hardware (Hardware Security Module)
- [ ] Embedding Signer Identity in the Cryptographic Signature
- [ ] Being a government-trusted qualified services provider
- [ ] eIDAS-compliant identification before signing using local passports or similar
## 🇨🇭 ZertES
<Callout type="warning" emoji="⏳">
Status: [Planned](https://github.com/documenso/backlog/issues/34)
</Callout>
ZertES is a Swiss Federal law that regulates electronic signature compliance.
Reference in New Issue View Git Blame Copy Permalink