How is the digital signature verified from different certification centers?

R

ryzhak2017-12-05 01:53:14

Electronic digital signature

ryzhak, 2017-12-05 01:53:14

Hello.
We have a logistics company that owns a huge warehouse. In the warehouse, various transport companies store their goods.
We need to organize electronic document management between our company and various transport companies in the web interface.
Example:
1. A document is created in the web interface
2. We upload a document signed by EDS from our side
3. A company representative downloads the document signed by us, then signs it from his side, then uploads it back to the web interface.
Different transport companies have different EDS from different certification centers.
Question: how to check that the digital signature was really added by the transport company so that the contract is legally binding?
CryptoPro has a cryptcp utility https://www.cryptopro.ru/products/other/cryptcp with the verify method. Does it verify the signature of only those digital signatures that are issued by the CryptoPro certification center or by all certification centers in Russia? How will it be possible to understand that the signature was created by a certificate issued by the CA, and not generated independently?
I hope the question is clear.
Thanks in advance.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

O

other_letter, 2017-12-05
@other_letter

In general, there are special services that do this. Price - roughly - a few rubles per document. And in general, this is usually more profitable than giving birth to your own service.
And so - Artem wrote correctly. Set up trust in the organizations that issued the certificate.