Digital Signature Architecture
When choosing an architecture for implementing digital signatures on PDF documents, there are three major configurations to consider. These configurations vary depending on where the application runs and how digital signatures are applied.
Client-Side Architecture
In a client-side architecture, the signing application runs entirely on the client’s computer. This is suitable for offline standalone desktop or mobile applications that allow users to sign PDF documents. The digital signature can be created either on a hardware device like a USB token or a smart card (based on the PKCS#11 standard), which offers higher security, or by using a software certificate, which is less secure, as software certificates can be more easily compromised. In addition, there are some security limitations — like the same-origin policy — that can complicate the implementation of some digital signature features such as timestamping, or certificate revocation checks.
Our digital signatures web sample project is the best example on how to implement this particular architecture with PSPDFKit.
Refer to this blog post for an example of a client-side architecture that relies on a hardware device, a YubiKey, to sign a document using PSPDFKit for iOS.
Server-Side Architecture
Server-side architecture is employed when building a signature server, which is ideal for signing documents on behalf of companies rather than individual users. This architecture is commonly used for contracts, official government documents, and more. Signature servers should be secured with IP restrictions and credentials to access them, and documents are typically archived on the server for record keeping.
Refer to our signing service as an example of a server-side architecture implemented with PSPDFKit for Web and Node.js.
Client-Server Architecture with Signatures on the Server
This architecture is useful in intranet scenarios, such as when an organization has a secured server with a hardware security module (HSM) that signs messages. The application on the client side sends messages to the server for signing. One benefit of this kind of architecture is that the server doesn’t receive the entire document, but rather only a hash of it, which is good for privacy. The downside is that the server won’t be able to archive the full document that was signed.
Refer to this how-to guide, which shows how to integrate PSPDFKit with AWS CloudHSM to sign documents.
It’s crucial to select the appropriate architecture for your digital signature solution with great care, considering the security, user experience, and use case requirements.