cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

California Secretary of State Approved List of Digital Signature Certification Authorities

eric7265
Community Beginner ,
Mar 26, 2020 Mar 26, 2020

Copy link to clipboard

Copied

The California Secretary of State Approved List of Digital Signature Certification Authorities (https://www.sos.ca.gov/administration/regulations/current-regulations/technology/digital-signatures/...) does not list AdobeSign.  The page says "The following is a list of certificate authorities authorized to issue certificates for digitally signed communications with public entities in California. A provider of a digital signature product is not required to be on this list, but the product is required to use a certificate from a certificate authority on this list. "

 

The certificate that I see on a AdobeSigned document is from "Adobe Root CA G2" and which is not issued by a certification authority on that list.  

 

We are a public entity in California.  Does this mean that we cannot use AdobeSign for digitally signed communications?

 

I understand that AdobeSign is valid esignature product but we also want to digitally sign out notice of meetings, etc. which I believe are communications to the public.  Want to make sure that AdobeSign is valid for that purpose.

 

Thanks for your help.

TOPICS
Security digital signatures and esignatures

Views

3.1K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 4 Replies 4
latest latest Jump to latest reply
margueritek
Engaged ,
Mar 26, 2020 Mar 26, 2020

Copy link to clipboard

Copied

That's an awfully small list of CAs, among all the CAs in business. And there is no guarantee that some of them will appear in the Acrobat Trust Lists, so those signatures won't be valid by default when opened by Acrobat. That's a problem when political entities take it upon themselves to issue these types of regulations without a background in PKI and Digital Signatures. In general, I would think that individual Certificate Authorities wouldn't be interested in going around to every small political entity to register their CA as valid. But that's for them to decide.

 

Note that AdobeSign only Certifies documents, and doesn't Sign them as an individual signer (yes, it's the same PKI, but the Certifying signature is not signing by a person, e.g. signatory). Any individual signer would need to get a certificate from one of the 4 CAs that issue certificates that are accepted by California. That cuts out a lot of EU CAs, and cloud signing CAs, but that's California's business.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
eric7265
Community Beginner ,
Mar 30, 2020 Mar 30, 2020

Copy link to clipboard

Copied

In Response To margueritek

This is mentioned on the FAQ: https://www.sos.ca.gov/administration/regulations/current-regulations/technology/digital-signatures/...

 

What is a digital signature provider?

A digital signature provider is an entity that provides document signing services using digital technology. Adobe is an authorized provider of digital signatures which are issued in conjunction with an authorized certification authority.

 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
eric7265
Community Beginner ,
Apr 06, 2020 Apr 06, 2020

Copy link to clipboard

Copied

AB2296 allows us to use and accept "electronic signatures".

 

California Government Code Section 16.5:

(e) Nothing in this section shall limit the right of a public entity or government agency to use and accept an "electronic signature" as defined in subdivision (h) of Section 1633.2 of the Civil Code.

 

Digital signatures is a subset of electronic signatures but we don't have to use those.  If we did, we need to use the California Secretary of State Approved List of Digital Signature Certification Authorities.  Fortunately, we can just use the simplier electronic signatures.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Jessica24226740by6w
New Here ,
Apr 27, 2022 Apr 27, 2022

Copy link to clipboard

Copied

LATEST
In Response To eric7265

Hi Eric, 

 

Just wondering, did you end up using Adobe Sign for your public agency? I am also a public agency, and just want to make sure it is okay. 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
About Adobe Acrobat
Adobe Acrobat Learn & Support
Adobe Inc
Whats new in Acrobat DC
Adobe Inc
Plan and Pricing
Adobe Inc
Adobe Acrobat features and tools
Adobe Inc
Adobe Acrobat Feature & Workflow
Edit PDFs
Edit Scanned PDFs
PDF Forms
Sign a PDF
FAQs
How to Edit Scanned or Secured document
Rotate | move | delete and renumber PDF pages
Acrobat download and installation help
Copyright © 2024 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices