Web-based forms provide an efficient way of interacting with users. HTML anchor elements ("links") let users jump from one page to another by clicking on active text or figures, but many jumps may be required to reach the page of interest. On the other hand, by using a small form consisting of just one text field, a search tool can process strings entered by users and instantly find pages they want to see. However, standard HTML forms cannot verify user identity, so they must be considered equivalent to paper forms anonymously sent via mail, and not those signed and delivered in person.
In some cases it is possible to identify users by requesting a login and password. With Web services, for instance, users already registered to the system can log in and send information via forms, while the server recognizes the author. But the problem is how to subscribe for the first time or in general how to identify a person without using a login and password. Sometimes the subscription process may request an email address where the system sends a code that is required to continue the process. Such approach verifies the email account of the user, but not user identity.
Another problem is that on-line stores simply trust the data entered by users with the only basic check they make is the validity of the credit-card number. Nonetheless, many on-line stores only send merchandise to the mail address registered at the credit card, so given that the identity of the person placing the order cannot be verified; at least whatever is bought with a credit card will be sent to the owner of the card who may eventually return the goods. If the persona who places the order could be verified, there will be less risk associated to accepting an order, even if the products are not materials goods but on-line services, software licenses or electronic material. In addition, there are many situations in which a signature is required by law, such as government-related paperwork,insurance forms, legal agreements, and the like.
In common HTML forms, users fill in the requested data and hit the Submit button. Figure 1 is a sample form comprising all input object types. After the Submit button, data are sent through the Internet and processed at a server, which generates a typical congratulations page that's presented to users.
In the approach we propose here, users must have at least one personal certificate previously installed in the web browser. Now when the Submit button is pressed, a pop-up window appears before the information is actually sent. The window (Figure 2) shows the text to be signed, a pull-down menu to select which certificate will be used to sign the data, and a text field to grab the master password that protect all the certificates installed in the web browser. After signing the text, form data are sent to the server along with the digital signature generated.
The signing process is performed in a single JavaScript function (Listing One) that can be easily added to any existing form.
<SCRIPT type="text/JavaScript"> <!-- Begin function signForm(theForm, theWindow, validation, varnames) { //header text var texttbs = "I affirm the following information:\n"; //header text, spanish version //var texttbs = "Certifico que la siguiente informacion es cierta:\n"; var vars = ""; //to store variable names var signature = ""; //to store the digital signature of texttbs var elem; var formSize = theForm.elements.length; for(var i = 0; i < formSize; i++) { elem = theForm.elements[i]; switch (elem.type) { case "hidden": case "button": case "submit": case "reset": case "image": case "password": case "file": // Do not include previous elements in the text to be signed. break; case "select-one": var selectValue = elem.options[elem.selectedIndex].value; texttbs += elem.name + "=" + selectValue + "\n"; vars += elem.name + ","; break; case "select-multiple": for(var op = 0; op < elem.length; op++) { if(elem.options[op].selected) { texttbs += elem.name + "=" + elem.options[op].value + "\n"; vars += elem.name + ","; } } break; case "radio": if(elem.checked) { texttbs += elem.name + "=" + elem.value + "\n"; vars += elem.name + ","; } break; case "checkbox": if(elem.checked) { texttbs += elem.name + "=" + elem.value + "\n"; vars += elem.name + ","; } break; //In the case of unchecked radio buttons and checkboxes, variables //are not sent, hence they must not be signed. default: //input text texttbs += elem.name + "=" + elem.value + "\n"; vars += elem.name + ","; } } //Digital signature signature = theWindow.crypto.signText(texttbs, "ask"); if (signature.substr(0,5)=="error") { alert("Signature not created\n" + signature); return false; } //Store signature an vars in hidden inputs of the form theForm.signature.value = signature; theForm.varnames.value= vars; return true; } // End --> </script>
The digital signature attached to the form achieves two main goals:
- User authentication, because the name and email address are included in the certificate.
- Signature (or agreement) of the data, because digital signature in most developed countries has the same legal value as printing the form, manually sign the paper, and hand it in.
When the information is received at the server, it is necessary to verify the sender (by exploring the certificate) and to verify the signature, which involves checking that the data received corresponds to the data digitally signed. PHP functions are provided to perform the verification process in the server.
To complete the whole process, a timestamp signature could be provided by the server, which will be equivalent to getting a stamping copy of the paper delivered. This final step of the process is not part of the current paper.