Difference between revisions of "E-Signature"

From MediaWiki
Jump to navigation Jump to search
 
(63 intermediate revisions by 5 users not shown)
Line 1: Line 1:
 
+
<div style="text-align: center;">[mailto:Change?body=http://mdotwiki.state.mi.us/construction/index.php/E-Signature Email this Page]</div>
 
 
<center><span STYLE="font: 40pt arial;">'''Division 1 Supplemental Information'''</span></center>
 
<center><span STYLE="font: 30pt arial;">'''e-Signature'''</span></center>
 
 
 
  
 
====[[#General Information|General Information]]====
 
====[[#General Information|General Information]]====
  
According to the Code of Federal Regulation, electronic signatures are defined as a computer data compilation of any symbol or series of symbols executed, adopted, or authorized by an individual to be the legally binding equivalent of the individual's handwritten signature.   A specific type of electronic signature is digital signatures.  Digital signatures are defined as an electronic signature based upon cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified.  
+
In 2004 FHWA issued direction that according to the Code of Federal Regulation,[https://www.ecfr.gov/cgi-bin/text-idx?SID=c961274a08c1423164e297c9d95b4e02&node=pt29.1.5&rgn=div5 29 CFR 3.3 Part 5 Federal Contract Law Provisions] electronic signatures are defined as a computer data compilation of any symbol or series of symbols executed, adopted, or authorized by an individual to be the legally binding equivalent of the individual's handwritten signature. [https://www.fhwa.dot.gov/construction/cqit/111204dol.cfm Read FHWA Direction on Electronic Signatures] A specific type of electronic signature is digital signatures.  Digital signatures are defined as an electronic signature based upon cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified.  
  
 
An entity such as a computer user can be assigned a unique digital identification.  This digital identification is composed of a public key, a private key, and a digital certificate.  As their names suggest, the public key should be shared amongst users who wish to carry out transactions amongst themselves, while the private key should be only known by its user.  The digital certificate is used within a public-key infrastructure to allow a third-party certificate authority to verify that the digital certificate is correctly associated with that particular public key.
 
An entity such as a computer user can be assigned a unique digital identification.  This digital identification is composed of a public key, a private key, and a digital certificate.  As their names suggest, the public key should be shared amongst users who wish to carry out transactions amongst themselves, while the private key should be only known by its user.  The digital certificate is used within a public-key infrastructure to allow a third-party certificate authority to verify that the digital certificate is correctly associated with that particular public key.
Line 16: Line 12:
  
 
====[[#Adoption at MDOT and Acceptable Uses|Adoption at MDOT and Acceptable Uses]]====
 
====[[#Adoption at MDOT and Acceptable Uses|Adoption at MDOT and Acceptable Uses]]====
The Michigan Attorney General’s office, in concurrence of the Federal Highway Administration, has issued a decision authorizing the Michigan Department of Transportation (MDOT) to use and accept digital signatures (see [http://www.michigan.gov/documents/mdot/MDOT_IM12-02_378056_7.pdf BOH IM 2012-02]).
+
The Michigan Attorney General’s office, in concurrence of the Federal Highway Administration, issued a decision in 2011 authorizing the Michigan Department of Transportation (MDOT) to use and accept digital signatures.
 
    
 
    
There are many standards available for digital signatures, but MDOT currently authorizes the use of PKCS#12 files for digital identification.  This cryptographic standard requires the signer to enter their unique password each time they digitally sign a document. To digitally sign a document, you must first have a digital identification (ID).  This ID can be obtained from various certification authorities, but MDOT will primarily use Adobe as a certification authority.  [http://www.michigan.gov/documents/mdot/Setting_Up_an_Electronic_Signature_422066_7.pdf This PDF file] and [http://www.youtube.com/watch?v=pUIWvJgkw8E this YouTube video, produced by Adobe Acrobat,] shows how to create a digital ID on Adobe Reader.
+
The Department approved process is to use the OneSpan Sign ID Verification & Acceptance Electronic signature Solution (OneSpan), and OneSpan Sign Mobile Applications for document signing processes. More information regarding OneSpan digital signature can be found here: [https://www.michigan.gov/mdot/Business/digital-signature MDOT Digital Signature Program].
 +
{{top}}
 +
 
 +
====[[#Guidance for Non-MDOT Users|Guidance for Non-MDOT Users]]====
 +
 
 +
External user guidance can be found in the MDOT special provision for [https://mdotjboss.state.mi.us/SpecProv/getDocumentById.htm?docGuid=c5cf0ff9-f732-4145-97c6-f5f4eef29768&fileName=%2220SP-104C-02.pdf%22 Construction Document Management 20SP-104C-02] and on the MDOT digital signature website: [https://www.michigan.gov/mdot/Business/digital-signature MDOT Digital Signature Program].
 +
 
 +
<div style="text-align: right;">[mailto:Change?body=http://mdotwiki.state.mi.us/construction/index.php/E-Signature Email this Page]</div>
 +
{{top}}
 +
 
 +
====[[#Transition to OneSpan|Transition to OneSpan]]====
 +
Construction Field Services owns over 250 forms, many of which were affected by migrating from DocuSign to OneSpan. Documents signed in OneSpan cannot have text revisions after the first signature is placed unless a created Template or Layout exists to allow for that process. The signature process may not be intuitive for some users and many forms may look different than they have previously. Signature fields have been removed from many MDOT forms as we refocus on areas where signatures are necessary. Signatures are still being placed on multiple party agreements, contract documents and amendments to contracts, and other forms as indicated on the form itself.  Forms will specify what the expectation is for the authorization required.  Forms may specify one of the following:
 +
 
 +
:* '''Signature'''  If a signature is being requested, that signature must take place in OneSpan.
  
Digital signatures created with Adobe Software need to conform to the following style guidelines:  
+
:* '''Stamp'''  If an approval stamp/dynamic stamp/pdf review stamp is requested, this stamp is built into in all pdf creator applications, and all stamps from all pdf creators are acceptable.  Stamps must include the individual’s name, and the date & time must be embedded within the stamp.  The individual may use pdf stamps, non-OneSpan pdf signatures or even OneSpan signatures as long the minimum components of Name, Date and Time are included in the applied stamp.
*Graphic options shall be:
 
**“Name” Or “Imported Graphic” (as outlined below)
 
  
*Configure text shall be configured as:
+
:* '''Name'''  In some cases, a typed name is acceptable. A signature or stamp may also be applied, as they meet the minimum requirement of supplying a name in the required field.
**Uncheck the adobe “logo”
 
**Required to include: (“Name”, “Date”, “Location” and “Reason”)
 
**Optional “Distinguished Name” (includes job title)
 
**Optional for “labels”
 
**“left to right”
 
You may have multiple digital signature files configured for different purposes. It is even possible to configure a digital signature with an “Imported Graphic” (refer to this [http://www.michigan.gov/documents/mdot/Applying_an_Image_To_Digital_Signature_422061_7.pdf PDF]) containing an image of your scanned written signature or a scan of a professional license stamp. These are acceptable, but written signature images are not required and non-business related graphics are not acceptable.
 
  
Similar to how handwritten signatures must be verified, it is the responsibility of the recipient of a electronically signed document to confirm the identity of the signer/sender before the electronic signature may be considered valid.  The recipient should consider whether or not that the document was sent from a recognized e-mail account and that the expected signer has been previously validated.  If you are unsure, then you can verify by contacting their place of business.  Adobe Acrobat software has an integrated validation feature that stores validated signatures, meaning that the user does not need to validate those signatures again.  This [http://www.michigan.gov/documents/mdot/Trusting_and_Validating_a_Digital_Signature_422068_7.pdf PDF] shows how to validate a signature.
+
It is prudent that all users are directing themselves to the MDOT forms repository to ensure they are using the most current form in all scenarios.
  
MDOT is working on integration of electronic signatures on mobile devices.  There are several mobile applications that allow PDF files to be digitally signed using mobile devices, but as of now none have been authorized for employee use.  Employees are encouraged to submit mobile applications to the E-Sign team of the Construction Field Services Division and to the Department of Technology, Management and Budget.  This  [http://www.michigan.gov/documents/mdot/How_To_Add_A_Digital_Signature_Via_iPhone_422065_7.pdf PDF] shows how to digitally sign a PDF file on an iPhone.
+
====[[#Tranistion to OneSpan – Frequently Asked Signature Questions|Tranistion to OneSpan – Frequently Asked Signature Questions]]====
  
It is important to note that for records retention and archiving purposes whenever digital signatures are used on documents, the electronic file (usually PDF) is considered the original legal document. Printouts of the document containing digital signatures are considered copies, so the signed electronic file must be retained and follow the relevant approved records retention proceduresMDOT will address the records storage issue through the requirement that all electronically signed documents must be placed in the project directory in the ProjectWise document management program. The E-construction [http://mdotwiki.state.mi.us/construction/index.php/E-Construction wiki page] contains more information regarding ProjectWise.
+
Please see below for instructions on some of MDOT’s forms:
{{top}}
+
 
 +
* '''Inspectors Daily Report - IDR'''
 +
:Please note guidance listed in Construction Manual Inspector’s Daily Report.  Note that the text stating (Signature) is legacy text associated with FieldManager and will not/can not be removed. A pdf review stamp is the mandatory approval action for this document. Transition to AASHTOWare Project will negate the need for this instruction as the Department moves away from FieldManager.
 +
 
 +
* '''Form 1302 FED - Subcontract form'''
 +
:Contractor signatures may be of any legal signature type. Complete and return a copy of the cover page and pay item page(s) to the Engineer prior to any subcontract work beginning.
 +
 
 +
* '''Form 0501 – Materials Source List'''
 +
:All signature fields have been removed from this form. Document does not require signature in OneSpan and instead simply requires typed name of Engineering and Contractor staff reviewing and providing information for this form. 
 +
 
 +
* '''Pay Estimates
 +
:Previous guidance required electronic signatures on all pay estimatesDynamic PDF stamps noting the approver’s name, date and time are now acceptable to be used to document pay estimate approval.  See revised guidance in the Construction Manual for Construction Pay Estimate Approvals.  Transition to AASHTOWare Project will negate the need for this instruction as the Department moves away from FieldManager.
 +
 
 +
* '''Form 1100A – Extension of Contract Time – Request Number'''
 +
:All signature fields have been removed from this form. Document does not require signature in OneSpan and instead simply requires typed name of Engineering staff reviewing and approving the Extension of Time request. Note that Site Supervisor/Foreman/Contractor provided designee must be copied on this final document to ensure mutual understanding of items that will be paid or unpaid as a part of any perspective time extension.
  
====[[#Guidance for Non-MDOT Users|Guidance for Non-MDOT Users]]====
+
* '''Form 1165 – Notice of Non-Compliance with Contract Requirements'''
 +
:Form 1165 must be signed as two distinct processes: The Non-Compliance portion, and the Resume Work Portion. Two layouts are necessary in OneSpan to achieve one completed form. The steps necessary for completion of this form can be found here: [https://mdotwiki.state.mi.us/images_construction/c/cc/1165_Signature_Process.pdf 1165 Signature Process]
  
An individual’s digital signature must be validated before MDOT can accept the signature.  [http://mdotcf.state.mi.us/public/webforms/public/5600.pdf Form 5600] for contractors and [http://mdotcf.state.mi.us/public/webforms/public/5600A.pdf Form 5600A] for consultants allows an individual to submit their digital signature to MDOT.  When you select the signature box when filling out these forms, you can use an existing digital ID or you can create a new IDThere are many ways an individual can obtain a digital ID, but the preferred way is to use Adobe software.  These forms will be on file with MDOT until the individual’s digital signature certificate expires or until such time as the individual needs to create a new digital signature.
+
* '''Form 0582B - Moisture and Density Determination'''
 +
:The signature field has been replaced with an “Approval Stamp”.   
  
====[[#Resources|Resources]]====
 
  
{| class="wikitable"
+
<div style="text-align: right;">[mailto:Change?body=http://mdotwiki.state.mi.us/construction/index.php/E-Signature Email this Page]</div>
|-
+
{{top}}
! File Name !! Description
 
|-
 
| [//{{SERVERNAME}}/images_construction/f/fa/Setting_Up_an_Electronic_Signature.pdf Setting Up an Electronic Signature] || Creating a Digital Identity with Adobe Acrobat||
 
|-
 
| [//{{SERVERNAME}}/images_construction/5/5d/How_To_Add_A_Digital_Signature_Via_iPhone_422065_7.pdf How To Add A Digital Signature Via iPhone] || Creating a Digital Signature on any iOS smart device
 
|-
 
| [//{{SERVERNAME}}/images_construction/a/a6/E-sign_brochure.pdf E-sign brochure] || A brief outline concering various facets of E-signatures
 
|-
 
|[http://www.youtube.com/watch?v=pUIWvJgkw8E How to Digitally Sign a document with Adobe Reader]||A YouTube video published by Adobe about how to digitally sign a PDF file with the free Adobe Reader
 
|-
 
|[http://www.michigan.gov/documents/mdot/Applying_an_Image_To_Digital_Signature_422061_7.pdf Applying an Image To Digital Signature]|| How to import and insert an image to a digital signature
 
|-
 
|[http://www.michigan.gov/documents/mdot/Trusting_and_Validating_a_Digital_Signature_422068_7.pdf Trusting and Validating a Digital Siganture]|| How to trust and validate a signature in Adobe Acrobat
 
|-
 
|}
 
  
  
  
 
[[Category: Construction Manual]]
 
[[Category: Construction Manual]]
 +
[[Category: Division 1]]
 +
[[Category: Division 1 Supplemental]]

Latest revision as of 15:30, 20 September 2023

Email this Page

General Information

In 2004 FHWA issued direction that according to the Code of Federal Regulation,29 CFR 3.3 Part 5 Federal Contract Law Provisions electronic signatures are defined as a computer data compilation of any symbol or series of symbols executed, adopted, or authorized by an individual to be the legally binding equivalent of the individual's handwritten signature. Read FHWA Direction on Electronic Signatures A specific type of electronic signature is digital signatures. Digital signatures are defined as an electronic signature based upon cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified.

An entity such as a computer user can be assigned a unique digital identification. This digital identification is composed of a public key, a private key, and a digital certificate. As their names suggest, the public key should be shared amongst users who wish to carry out transactions amongst themselves, while the private key should be only known by its user. The digital certificate is used within a public-key infrastructure to allow a third-party certificate authority to verify that the digital certificate is correctly associated with that particular public key.

As public keys are shared amongst a group of users, someone’s public key can be used to encrypt a document and their respective private key can be used to decrypt that document. Confidentiality and data integrity of the sent document can be practically guaranteed assuming if the recipient is the only one who knows their private key. Similarly, someone’s private key can be ‘embedded’ into a document to constitute an electronic signature, and the identity of the electronic signature may be verified by using that user’s public key.

[top of page]

Adoption at MDOT and Acceptable Uses

The Michigan Attorney General’s office, in concurrence of the Federal Highway Administration, issued a decision in 2011 authorizing the Michigan Department of Transportation (MDOT) to use and accept digital signatures.

The Department approved process is to use the OneSpan Sign ID Verification & Acceptance Electronic signature Solution (OneSpan), and OneSpan Sign Mobile Applications for document signing processes. More information regarding OneSpan digital signature can be found here: MDOT Digital Signature Program.

[top of page]

Guidance for Non-MDOT Users

External user guidance can be found in the MDOT special provision for Construction Document Management 20SP-104C-02 and on the MDOT digital signature website: MDOT Digital Signature Program.

Email this Page

[top of page]

Transition to OneSpan

Construction Field Services owns over 250 forms, many of which were affected by migrating from DocuSign to OneSpan. Documents signed in OneSpan cannot have text revisions after the first signature is placed unless a created Template or Layout exists to allow for that process. The signature process may not be intuitive for some users and many forms may look different than they have previously. Signature fields have been removed from many MDOT forms as we refocus on areas where signatures are necessary. Signatures are still being placed on multiple party agreements, contract documents and amendments to contracts, and other forms as indicated on the form itself. Forms will specify what the expectation is for the authorization required. Forms may specify one of the following:

  • Signature If a signature is being requested, that signature must take place in OneSpan.
  • Stamp If an approval stamp/dynamic stamp/pdf review stamp is requested, this stamp is built into in all pdf creator applications, and all stamps from all pdf creators are acceptable. Stamps must include the individual’s name, and the date & time must be embedded within the stamp. The individual may use pdf stamps, non-OneSpan pdf signatures or even OneSpan signatures as long the minimum components of Name, Date and Time are included in the applied stamp.
  • Name In some cases, a typed name is acceptable. A signature or stamp may also be applied, as they meet the minimum requirement of supplying a name in the required field.

It is prudent that all users are directing themselves to the MDOT forms repository to ensure they are using the most current form in all scenarios.

Tranistion to OneSpan – Frequently Asked Signature Questions

Please see below for instructions on some of MDOT’s forms:

  • Inspectors Daily Report - IDR
Please note guidance listed in Construction Manual Inspector’s Daily Report. Note that the text stating (Signature) is legacy text associated with FieldManager and will not/can not be removed. A pdf review stamp is the mandatory approval action for this document. Transition to AASHTOWare Project will negate the need for this instruction as the Department moves away from FieldManager.
  • Form 1302 FED - Subcontract form
Contractor signatures may be of any legal signature type. Complete and return a copy of the cover page and pay item page(s) to the Engineer prior to any subcontract work beginning.
  • Form 0501 – Materials Source List
All signature fields have been removed from this form. Document does not require signature in OneSpan and instead simply requires typed name of Engineering and Contractor staff reviewing and providing information for this form.
  • Pay Estimates
Previous guidance required electronic signatures on all pay estimates. Dynamic PDF stamps noting the approver’s name, date and time are now acceptable to be used to document pay estimate approval. See revised guidance in the Construction Manual for Construction Pay Estimate Approvals. Transition to AASHTOWare Project will negate the need for this instruction as the Department moves away from FieldManager.
  • Form 1100A – Extension of Contract Time – Request Number
All signature fields have been removed from this form. Document does not require signature in OneSpan and instead simply requires typed name of Engineering staff reviewing and approving the Extension of Time request. Note that Site Supervisor/Foreman/Contractor provided designee must be copied on this final document to ensure mutual understanding of items that will be paid or unpaid as a part of any perspective time extension.
  • Form 1165 – Notice of Non-Compliance with Contract Requirements
Form 1165 must be signed as two distinct processes: The Non-Compliance portion, and the Resume Work Portion. Two layouts are necessary in OneSpan to achieve one completed form. The steps necessary for completion of this form can be found here: 1165 Signature Process
  • Form 0582B - Moisture and Density Determination
The signature field has been replaced with an “Approval Stamp”.


Email this Page

[top of page]

Retrieved from "https://mdotwiki.state.mi.us/construction/index.php?title=E-Signature&oldid=7629"