How to Specify a Workflow Digital Signature Policy

Digital signatures provide a mechanism for the nonrepudiation of digitally-signed human tasks. This ability to mandate that a participant acting on a task signs the details and their action before the task is updated ensures that they cannot repudiate it later.

Note:

If digital signatures are enabled for a task, actionable emails are not sent during runtime. This is the case even if actionable emails are enabled during design time.

To specify a workflow digital signature policy:

  1. Click the Access tab.
  2. From the Signature Policy list, select Configure Policy, as shown in Figure 29-59.

    Figure 29-59 Digital Signatures

    Description of Figure 29-59 follows
    Description of "Figure 29-59 Digital Signatures"
  3. Specify the signature policy for task participants to use:
    • No signature required

      Participants can send and act upon tasks without providing a signature. This is the default policy.

    • Password required

      Participants specify a signature before sending tasks to the next participant. Participants must reenter their password while acting on a task. The password is used to generate the digital signature. A digital signature authenticates the identity of the message sender or document signer. This ensures that the original content of the sent message is unchanged.

    • Digital certificate required

      Participants must possess a digital certificate for the nonrepudiation of digitally-signed human tasks. A digital certificate establishes the participant's credentials. It is issued by a certification authority (CA). It contains the name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), digital signature of the certificate-issuing authority so that message authenticity can be established

      The CA names and CA CRL and URLs of the issuing authorities must be configured separately.

  4. Click OK.