1. Introduction
1.1 Overview
Signant operates as a Signature Creation Application Service Component (SCASC) within a Cloud Signature Consortium (CSC)-compatible architecture supporting Qualified Electronic Signatures (QES) using PAdES format. The service integrates with trusted Norwegian eID providers such as Buypass and BankID, relying on their Qualified Signature Creation Devices (QSCDs).
This Practice Statement describes how Signant ensures What You See Is What You Sign (WYSIWYS) for end-users during the signature creation process. It forms part of Signant’s overall Trust Service Practice Statement compliant with ETSI EN 319 401 V3.1.1 and ETSI TS 119 431-2 V1.2.1.
1.2 Purpose and Scope
The purpose of this statement is to document how Signant guarantees that:
•the content presented to the signer for approval is identical, at the bit level, to the data cryptographically signed;
•any transformation or rendering performed by Signant’s applications is deterministic and verifiable;
•users are clearly informed of the data being signed and explicitly consent before signature activation.
2. Trust Service Policy Reference
This practice statement supports the following trust service policies:
•ETSI EN 319 401 (General policy requirements for Trust Service Providers)
•ISO 32000-1 Portable document format
•ETSI EN 319 142 (PAdES baseline and advanced profiles)
•ETSI TS 102 778-4 (Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles; Part 4: PAdES Long Term - PAdES-LTV Profile)
•ETSI TS 119 431-2 (SCASC for AdES digital signature creation)
3. WYSIWYS Control Framework
3.1 Principles
In accordance with ETSI TS 119 431-2 §8.1 (ASI-8.1-03 to 08), Signant guarantees WYSIWYS by ensuring that:
•the Data To Be Signed Representation (DTBSR) displayed to the signer is identical to the data hashed for signature creation;
•the hash sent to the QSCD via the CSC API is computed only after the signer has viewed and explicitly approved the final document;
•any interpretation or rendering rules are fixed, documented, and disclosed in this practice statement.
3.2 Data Integrity and Presentation
1.Immutable rendering pipeline:
oNo client-side transformations or dynamic content (e.g. JavaScript, embedded media) are permitted.
2.Data-to-be-signed binding:
oThe DTBSR is created as a byte-for-byte digest (SHA-256 or stronger per ETSI TS 119 312).
oThe digest value is locked once the user confirms “Sign”.
oThis digest is transmitted to the remote QSCD (Buypass or BankID) over a secure mutually authenticated TLS channel.
3.Bit-level equivalence verification:
oA deterministic hash verification process ensures the displayed PDF stream equals the DTBSR.
4.User consent and interaction:
oSignant provides a clear, unambiguous workflow where the signer must:
1.review the entire document streamed from backend server;
2.actively press “Sign” to indicate consent;
3.authenticate through the eID provider (Buypass/BankID) to confirm intent.
oThe interface meets ETSI TS 119 101 UI-1 and UI-2 usability requirements.
4. Logging, Audit, and Evidence Collection
•Every signature creation session is logged with:
osigner identity (reference ID);
odocument identifier;
otimestamps (UTC synchronized);
osuccess/failure state;
owhether the document was previewed.
5. Security and Cryptography
•TLS 1.2 or higher with mutual authentication protects all communications between Signant SCASC and the QSCD.
•Cryptographic algorithms follow ETSI TS 119 312 (current European recommendations).
•All signing operations use key material held exclusively within the QSCD operated by Buypass or BankID.
•The SCASC ensures confidentiality and integrity of the DTBSR and signature value during transfer and insertion into the final PAdES container.
6. Compliance, Review, and Maintenance
This WYSIWYS Practice Statement is approved by Signant’s Trust Service Management Authority in accordance with ETSI EN 319 401 §6.1–6.3.
It is reviewed annually or upon major system change. All updates are version-controlled and published to relying parties through Signant’s public repository.
