this post was submitted on 04 Jul 2023
4 points (100.0% liked)
Open Source
31135 readers
373 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
- !libre_culture@lemmy.ml
- !libre_software@lemmy.ml
- !libre_hardware@lemmy.ml
- !linux@lemmy.ml
- !technology@lemmy.ml
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Anything you use will need to generate secure certs for each user that signs which will need to be tied back to a root CA that is trusted by the clients device they are reading the signed documents on. Are you open to hosting all of the needed pieces to keep that working including buying the needed certs to chain trust?
WOW! lol...sounds complicated...will it be expensive?
Honestly I don’t really know. I don’t think it has to be but you’ll need to research what kind of certs you’ll need for your purposes and what options exists for a CA.
My overall point was more that this isn’t really a “just setup Apache” web service, it’s a fair bit more involved since your looking for (I’m assuming) legally valid digital signatures which means they need to be secure, unique, identifiable, and adhere to non-repudiation. Services like DocuSign do all of that work already so unless you truly want open source because of passion or principles, this isn’t really a great area to try and roll your own without some experience and expertise.
Thank you, it makes sense what you saying. Might not be the cost and effort worth in the end.