Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
Egor Petrov2014-09-23 08:44:31
Law in IT
Egor Petrov, 2014-09-23 08:44:31

Simple electronic signature, how to implement?

Good afternoon, stubbornly googled, but did not find plain information.
The essence is something like this: for example, the user on the site assumes any obligations, or there is some kind of agreement between users. So that later in court it can be proved that one user has some obligations to another, a file of a document is signed with a simple electronic signature, which is a digital analogue of a regular signature with a pen.
Wherever I found mention of this, a simple signature meant a pair of login and password. What kind of login and password can be meant? Should the authorization data on the site be written somewhere in the service area of ​​the file? Or login and hashed password, the same one that is stored in the site database?
Everywhere on the Internet there is only general information about this, but, unfortunately, there is no specifics. :(
Has anyone solved the problem of signing files, can you tell me how and in what format this is done?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Andrew, 2014-09-23
@OLS

A simple electronic signature does not use cryptography and, accordingly, cannot be used to confirm the integrity of any document / message / file (which, in principle, is explicitly stated in 63-FZ). It is used at their own peril and risk by the exchange participants by mutual agreement, mainly in cases where the risks associated with its use are small, and the information system itself has a lot of certificates and conclusions about the absence of NDV.
In principle, of course, it is enough to fulfill all the requirements of Article 9 of the 63-FZ and the EP will be considered to have legal significance. However, if the developer of the information system is you (and not a third-party legal entity with a license for TZKI), then do not forget that you will actually be in obviously unequal conditions against the user (have the technical ability to manipulate the data transferred to you) and in in court, the client may require an independent examination, the result of which may be unpredictable.

Similar questions
V
Veritas232018-07-07 14:42:49
What to do with the "Yarovaya law" when creating an informational blog? 3Reply
K
kolupaeva2013-10-17 07:06:50
What's to stop a non-stock freelancer from posting a commissioned mobile app as their own? 9Reply
I
IrkDesigner2013-11-01 06:15:37
Is it possible to lower the ISPD security class? 4Reply
C
CosmoV2020-07-08 08:42:48
How legitimate is writing an aggregator site? 2Reply
S
Sergey2018-07-22 23:26:53
Who in the Russian Federation is responsible for posts on the forum - users or the owner of the site? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question