See https://support.esign-app.com for eSign Documentation and Support

eIDAS Electronic Signature Assessment

Owned by Chris C🔹Digital Rose
Last updated: Apr 23, 2023
2 min read

This page highlights the primary requirements of eIDAS (electronic IDentification, Authentication and trust Services) advanced electronic signatures and how they are addressed by eSign Document Management for Atlassian Confluence.

At a high level eSign Document Management (combined with the Atlassian Cloud Platform) meets the requirements for Advanced Electronic Signatures as defined by eIDAS. (See https://ec.europa.eu/digital-building-blocks/wikis/display/DIGITAL/What+is+eSignature )

At the current time eSign Document Management does not support the eIDAS Qualified Electronic Signatures.

From Regulation (EU) No 910/2014

Article 26 Requirements for advanced electronic signatures

An advanced electronic signature shall meet the following requirements:

eSign Document Management
Assessment Information

Article 26 Requirements for advanced electronic signatures

An advanced electronic signature shall meet the following requirements:

eSign Document Management
Assessment Information

(a) it is uniquely linked to the signatory;

The eSign signature is linked to the Signatory through Atlassian’s unique internal account Id in addition to the Signee name and email address.

(b) it is capable of identifying the signatory;

The Signee name is displayed with every rendering of the Signature.

(c) it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and

Signatures are executed within the Atlassian cloud environment only after two authentication steps have been completed:

  1. The signatory has authenticated to their Atlassian account with credentials (e.g. username/password)

  2. The signatory must enter their personal eSign Pin for every Signature execution.

The Atlassian account credentials (password) and the eSign pin are under the user’s sole control.

(d) it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.

Each executed signature within the eSign Document Record references the unique Confluence page ID, version and modified date at the time of signing.

Any change to the page or attachments during the eSign review and approval process will by detected and displayed for the user to re-review the document revision.

The eSign Document Records are digitally signed with PKI (public key infrastructure) to prevent and detect unauthorized modification of the record.