Signature

This page is to analyze tools for end users to be able to draw a signature in Tiki. Another use case is Electronic Signature

There are two integrations (wiki-plugins) in Tiki now:

PluginSign - Indicate name and time stamp

When you write something in a wiki page and want to point out that it was you and when you wrote that.

This has been added to Tiki10: PluginSign

Please see:
http://www.wikimatrix.org/wiki/feature:Auto%20Signature

Most wiki engines have a 1-click signature/time stamp syntax. We don't have it Tiki because it never made it high enough on someone's todo.

Tiki has forums and threaded comments so there is less discussion/debate in wiki pages. Also, you can see: Contributions by Author

This being said, it is still a designed feature

• Signature and/or datestamp and/or approval-vote and/or comment plugin/syntax
• @user wiki syntax
• text annotations (select a snippet, and add a signed/dated text note)
• Support some of the MediaWiki syntax that doesn't conflict with TikiWiki syntax

PluginSignature - Hand-written (drawn) signature for agreements

As a first step, this has been added to Tiki23: PluginSignature
Additionally there are plans to store the signature in the file gallery offering a very good option to "protect" the signature.
"The signature is the most common way to indicate that you have read and agreed to a contract" (https://www.findlaw.com/smallbusiness/business-contracts-forms/what-are-the-rules-regarding-signatures-in-contracts.html)

Also the first part (first 6 minutes, then it is Odoo sign) of this video summarise explanations about signature including information about type of signature and legislation or official validity of signature: https://www.youtube.com/watch?v=bElib2Mrfhk

Test and demo

A show instance has been set at : http://bsfez-11581-7875.show2.tikiwiki.org/tiki-index.php
It demonstrates using trackers and plugin signature.

Use cases

Note: Example are a bit redundant but it is to give some context

• Document approval (single document, single user) - like a warranty, an agreement
• Document approval (single document, many users) - one document but several signatures are required
• Document approvals (single document, many users) - like terms of use
• Documents approval (many documents, single users) - like a contract, a NDA (structure)
• Item(s) validation - like data validation
• ...

Additional options

Options and parameters that can be part of the use case and need to be "attached: to a signature

• Locking the signature (when signed the signature can't be edited/deleted)
• Locking the document(s) (when signed the document can't be edited/deleted - override by "admin" ? - not the group Admins)
• Saving a Timestamp (when the signature was submitted)
• Saving the User identification (username or IP)
• Linking the to the document (to what document this signature is attached to)
• Saving the version of the document (a document can be edited after it has been signed)
  • Mechanism to "re-ask" for a signature (pending signature)
• An option to load a signature
• An option to reuse a previous saved signature

Possible workflows

Exemple of workflow (additional elements are not involved,

1.1.1.1. Single to single:

1. A user from a group Editor (role) can create/edit a document or Tiki can create automatically (dynamic wiki page, invoices, forms) a document that require signature.
2. This user add somewhere in the text area a block to allow a specific user to sign the document (edit only the signature)
3. The signing user can view the document and can edit only the signature. He submit his signature saved somewhere in Tiki (tiki files would make sense)

1.1.1.2. Single to many:

1. A user from a group Editor (role) can create/edit a document or Tiki can create automatically (dynamic wiki page, invoices, forms) a document that require signature.
2. This user add somewhere in the text area a block to allow a group of users to sign the document (edit only the signature)
3. The signing users can view the document and can edit only their signature. They submit their signatures and it is saved somewhere in Tiki (tiki files would make sense)

1.1.1.3. Many to single or many:

Look like a customised option that will be a different depending each cases, Let's assume that if a user has to sign and counter-sign several pages then it should be the same workflow than the others above. TBD

How to implement in Tiki

Plugin signature

A plugin can be added in any text area (anywhere a wikiplugins can be added) therefore some options and parameters should be good enough to allow several and different use cases. It also allow us to enhance this plugin step by step with a big investment from the start.

Caveheats and where glue is needed:

• Where do we store information that "accompany" the signature ?
  As we store as a file the signature (hopefully) we have already some critical information. Username and date will be saved automatically.
  We can have a locking mechanism from the file gallery (to allow a user to submit one time only and not be able to view/browse the gallery)
  From this username in the log we have the IP that was used.
• Where to store document and what version of the document this signature refers to ? (the file description or the filename)
• How do we flag (then lock a document) when a signature has been submitted ?
• Can we do this without adding table to store; user (username and IP)<=> documents (wiki page) <=>file (the signature) <=> Date
• Action after signature (well done, go to product or access document page, assign a user to a group after he sign an agreement, thanks and file download, etc)
• ...

Tracker for signature

Some of the issues that need to be solve if we use a plugin can be dealt with by using a tracker. However, it look like a configurator will set everything from a profile or from scratch.
This may lead to a lot of works used by a handful of people and hardly used as a marketing argument "Tiki does it".
...

How the others solved this ?

Odoo

Odoo use apps to add functionalities to their software, to solve this they have Easy Signature
It is a full documents and signature management with much more elaborate functions that what we are planning to do in Tiki.
Also their interface is more oriented SAP but with moderns tools like drag and drop fields.
However using a plugin signature, trackers and search index we could create almost every thing they offers.
They use "role" like we kind of use "groups"
Some interesting things:

• List of document a user signed
• List of document a user need to sign
• List documents signed (management role)
• Send a PDF of a document to be signed
• Additional fields to be filled during the signature like : date and name (while Tiki would naturally use the date of the time the document is saved and the user realName this may be good enhancement)
• SMS authentification (it is not enough to see the document to be able to sign it)

Additional links:

• https://www.youtube.com/watch?v=n9L3mqS4JFI
• https://drive.google.com/file/d/1nY7LD7b9DKhFuLSckFado8vEycFcqQYA/view

Wordpress

Wordpress use a more Tiki like approach with additional plugins (but made by third parties).

SwiftCloud signature

https://wordpress.org/plugins/electronic-signatures/
https://www.youtube.com/watch?v=G9eLFDv8sDg

Some interesting things:

• Reset the form to be sure that if someone come to the same terminal he won't see previous data (auto-complete)
• Owner (tiki admin) report (page or email?): Date, user, IP, document signed, etc...
• If document is saved on the server after signature it could be obfuscated

WP Forms Signature Contract Add-On

https://wordpress.org/plugins/wp-forms-signature-contract-add-on/
https://www.youtube.com/watch?v=ih0C9W4ql0I

More WP signature

https://colorlib.com/wp/electronic-signature-plugin/

Drupal

Drupal use a more Tiki like approach with additional module.
Hard to see something working... good as we are to explain what our software do 😂

• Signature: based on https://github.com/szimek/signature_pad
• E-sign: https://www.drupal.org/project/esign
• https://www.drupal.org/case-study/remote-digital-signature-capture-paperless
• https://www.drupal.org/project/hellosign

Links of interest

• https://gitlab.com/valterj/signature_pad / (MIT)
• http://keith-wood.name/signature.html
• http://www.sitepoint.com/4-jquery-digital-signature-plugins/
• Two projects called Signature Pad
  • https://github.com/thomasjbradley/signature-pad (demos return error 404 )
  • https://github.com/szimek/signature_pad
• http://willowsystems.github.io/jSignature/ (MIT)
• https://github.com/32teeth/canvas-signature (inactive)
• https://github.com/zetakey/signsend

Related: TOTP (Time based one time passwords) support which scans QR code with javascript: https://asset-packagist.org/package/npm-asset/zxing--library

See also: https://tiki.org/forumthread75050-Import-touchscreen-signature-from-raspberry-Pi-to-tracker

High-level blocks

Document -> widget to upload approval (could be of various formats) -> save composition to something, for future re-user (ex.: system tracker for electronic signatures)

Document creation

with permission management
document can evolve

User approval

with permission management
approval is for a snapshot in time

Reporting

with permission management

Other ideas

• Some ideas of Shared Secrets could be useful: A document needs more than one person to approve.

• Auto-signature