Digital signing of documents
To sign a document digitally, you need a personal key, the certificate. A personal key is stored on your computer as a combination of a private key, which must be kept secret, and a public key, which you add to your documents when you sign them. You can get a certificate from a certification authority, which may be a private company or a governmental institution.
When you apply a digital signature to a document, a kind of checksum is computed from the documentâ€™s content plus your personal key. The checksum and your public key are stored together with the document.
When someone later opens the document on any computer with a recent version of OpenOffice.org, the program will compute the checksum again and compare it with the stored checksum. If both are the same, the program will signal that you see the original, unchanged document. In addition, the program can show you the public key information from the certificate. You can compare the public key with the public key that is published on the web site of the certificate authority.
Whenever someone changes something in the document, this change breaks the digital signature.
On Windows operating systems, the Windows features of validating a signature are used. On Solaris and Linux systems, files that are supplied by Thunderbird, Mozilla or Firefox are used. For a more detailed description of how to get and manage a certificate, and signature validation, see â€œUsing Digital Signaturesâ€ in the OOo Help.
To sign a document:
Choose File > Digital Signatures.
If you have not saved the document since the last change, a message box appears. Click Yes to save the file.
After saving, you see the Digital Signatures dialog box. Click Add to add a public key to the document.
In the Select Certificate dialog box, select your certificate and click OK.
You see again the Digital Signatures dialog box, where you can add more certificates if you want. Click OK to add the public key to the saved file.
A signed document shows an icon in the status bar. You can double-click the icon to view the certificate.