No free service I know of will let you generate a certificate on the fly with your name on it, which will be considered trusted by most out of the box sw
You can get free digital certificates to sign PDFs with your email address, from basically any company.
But that is hardly a way to verify your identity. Anyone can create any email address they want, and use any name in the address.
The eIDAS directory lists some companies that are pretty cheap. But you will still have to verify your identity, so you can't get a certificate as easily as with Let's Encrypt for websites.
Edit : Docusign and similar services have a free plan, but you can only sign a few documents before you or the submitter have to pay. So it's not free per se, it just has a trial.
And they don't really check your id, most of the time. So anyone can create an account with your name too.
I saw I was downvoted, with no reply to learn more about where I was wrong.
(I don't get this site, where ppl know you're wrong but are unable to post a better idea. Is this about discussing topics to learn more, or shooting ppl down ?)
Did I miss something ? Can someone give me some clue ?
I also agree with you for what it's worth. Even it is somewhat possible, it should be WAY more open and free. Like SSL it's not a luxury competitve edge, but basic modern day infrastructure
there are some initiatives for that, like CACert, a non-profit certificate authority.
and ofc, there was GPG
But they're not convenient for businesses : either they buy certificates for their employees, or they have them signed by the IT department, that provisions their key into any piece of corporate equipment.
Few companies are into the community initiatives, especially when it comes to security.
Also, CACert is not widely recognized. The root certificate is only included in a handful of Linux distros (like Arch or Mandriva, but not Debian)
Indeed it's pretty easy to digitally sign electronic documents in my country. I do wonder though if it's also possible to digitally sign my own generated documents (pdf, docx, stuff like that).
https://www.dokobit.com/ integrates with identity systems in a few European countries, and produces digitally signed documents that are legally binding.
- understand the levels of digital signatures
There are some security levels about signatures, on whether a timestamp is necessary, on whether the CA should be official your country, about the HW that create the signature... That allow different properties for different usages.
A 'Trust service provider' offers the highest level of certificate. It will typically be rock solid in court.
But it's ultimately still up to a judge to decide if signatures are valid when you go to courts.
If you don't get a signature from the TSP in your country, it doesn't mean it will necessarily be invalid. It's just not pre-aproved, and you will have to establish it yourself.
(Is there some law person on HN to back me up here ? Do you know of any case where this had been a point ?)
- find a company that provides you a digital certificate.
Some IDs in Europe already come with one (especially in Estonia)
You can get free digital certificates to sign PDFs with your email address, from basically any company. But that is hardly a way to verify your identity. Anyone can create any email address they want, and use any name in the address.
The eIDAS directory lists some companies that are pretty cheap. But you will still have to verify your identity, so you can't get a certificate as easily as with Let's Encrypt for websites.
Edit : Docusign and similar services have a free plan, but you can only sign a few documents before you or the submitter have to pay. So it's not free per se, it just has a trial. And they don't really check your id, most of the time. So anyone can create an account with your name too.