1 Reply Latest reply on May 15, 2017 10:37 AM by Tariq Dar

    PKIs and Digital Signatures


      I am trying to implement an Digital Signature solution that meets the requirement in the below regulation.


      CFR - Code of Federal Regulations Title 21


      In Adobe Reader when you digitally sign a document, there is an option to create a self signed certificate for signing. Will this hold up with this regulation? I have seen third party document signing USB PKI certs that also allow for signing. I'm just not sure why I would go with a third party cert over a self signed cert.


      Thanks for your help.

        • 1. Re: PKIs and Digital Signatures
          Tariq Dar Adobe Employee

          Hi mdfi13,



          Sorry for the delay in response,


          Self-signed certificates do not qualify for CFR. Per section 11.100, there is no identity verification done at creation time.

          As required by 11.200, users are *not* administered and executed to ensure that attempted use of an individual's electronic signature by anyone other than its genuine owner requires the collaboration of two or more individuals.

          There are no controls (11.300) for loss management, such as revocation checking.

          There's nowhere to report unauthorised use (no central Certificate Authority, for instance).


          We support the broadest range of legal requirements. Digital signatures, secure and compliant globally | Adobe Sign



          Whether you do business in the EU, create medical devices regulated by the FDA, or need to meet specific requirements for any industry — Adobe Sign has you covered. Digital signature processes in Adobe Sign comply with the U.S. FDA 21 CFR Part 11. They support rigorous requirements such as Advanced (AdES) and Qualified (QES) Electronic Signatures in the EU’s eIDAS regulation. And they provide comprehensive support for working with accredited certificate authorities (CAs) and qualified signature creation devices (QSCDs).





          Let us know if you have further questions.



          -Tariq Dar.