DocuWare now includes an additional check criterion for checking signatures.
This is because the German Federal Network Agency (BNA) has classified certain algorithms, which can be used for signatures, as insecure after a certain date. DocuWare can now check the validity and security of the certificate used for signatures based on the BNA’s enhanced security classification.
The following results are possible with this check criterion:
Signature is secure: The certificate used for the signature was secure at the time of use and still is at the time of checking. The signature is valid.
Signature is insecure: The certificate used for the signature was secure at the time of use, but is now classed as insecure at the time of checking. The signature is therefore valid, but may lose probative force. The signature is valid.
Signature is invalid: The certificate used for the signature was already classed as insecure at the time of use; or the signature is no longer valid.
As this new checking procedure would class many existing signatures as insecure (e.g. when using the Windows Certification Authority), it is not used by default. If you wish to benefit from the added security of this signature check, proceed as follows:
For use on Web Client:
In the Content Server file system, open the CryptoAlgorithms.xml file and enter true for
Until 6.7
For use on Windows Client:
In the DocuWare client file system on the client PC, open the CryptoAlgorithms.xml file and enter true for CheckSecureUses.
As this is a client-side setting, it must be adjusted to suit each client as necessary.
DocuWare now includes an additional check criterion for checking signatures.
This is because the German Federal Network Agency (BNA) has classed certain algorithms, which can be used for signatures, as insecure after a certain date. DocuWare can now check the validity and security of the certificate used for signatures based on the BNA’s enhanced security classification.
