[LinuxBender]

Document signing is about verification of authenticity of origin of author. LetEncrypt does not do this, not even for websites. I can get LE certs for millions of end-points I do not own due to the way many cloud providers abuse DNS and sub-domains. Some people do this day and night as a way to make a buck on the side from bug bounties. One of them I will never forget as he adds pictures of cute puppies to corporate websites.

The only open source answer I know of is probably not what you want as it would require every party to participate and would require a little setup thus not making it widely adopted. Documents can be signed with GPG but this alone is useless. Every party involved would need a way to publish their public keys and prove that each party actually created said keys. This to me implies inclusion of a public notary in the process. None of this matches your requirement of widely trusted not to mention the added friction. The original method of getting EV certs proves that people will not do this. It used to require a notary Now I can just give a Dun & Bradstreet number and some money to get one.

To my knowledge there is no widely trusted document signing system nor do I expect that to become a thing unless a service that people already use started implementing what I described above. I could see one or more banks offering a service like this. Many already have public notary services.

There are services like Docusign and Docushare as others mentioned and they are used and abused by lawyers and realtors day and night. I honestly do not see any added value by these services beyond being lazy-friendly. If I log in using my email address and click a button that adds a cursive signature that I did not create, that is not really proof of anything. Anyone that could intercept my email could impersonate this. I expect these services to be legally challenged and dissolved in the future for lack of attestation, especially when a future high profile case involves powerful political and corporate persons having to prove they did not embezzle money. Covid made them super popular but I was very surprised to see the legal documents I could get away with clicking in signatures with no other evidence it was me that did this. I am not a lawyer but I am not sure that matters in this case.

In my opinion if you have important documents that you want to prove were signed by you then my suggestion would be to see if your bank offers free public notary services and have them notarized. The page containing the signatures and the notary/bank information can be scanned as part of the document set.

[Edit] I should add that some of the bigger banks will only offer free notary services if the account holder has one of their special accounts. They usually have the name Premier or Priority or some other glorified name.

[tqwhite]

I had a document notarized and was amazed that the person only did the signature page. I could have easily swapped out the entire contract. I do not understand this. At least a digital signature let's you know what document was signed by a person you have no idea about.

What we really need is a human notary that digitally signs a document that is scanned and printed with a QR sort of notarization on each page.

[quesera]

Signatures are also only on the signature page.

This has always struck me as a fatal flaw, and yet in practice it seems to never be a problem.

I don't know what to make of this. The easily-drawn conclusions (power of law, ambient human honesty) from these conflicting ideas feel inadequate.

[ghaff]

Basically anything is a compromise.

Notaries are essentially a (relatively) low-friction compromise between just trusting that the person who put some squiggles on a piece of paper is who you think they are and that person traveling to a lawyer's office (or a brokerage etc.) that may be in another state.

Same way you can hopefully get a locked computer account restored without traveling to a Google office in Mountain View between 1 and 2pm on a Thursday to make your case with multiple forms of ID.

The rigor depends on the transaction but usually it's chosen to be a reasonable compromise.

To the specific example of a contract etc., presumably the lawyer has a copy of the original document and that's probably considered canonical in the case of a dispute. There can be edge cases obviously but there are edge cases with everything.

[tqwhite]

I tried to get the guy to notarize all of the pages. He didn't want to and I gave up. So weird that this critical function is so obviously broken.

[LinuxBender]

the person only did the signature page

I have witnessed that as well. I made them scan the documents again. It doesn't even have to be a major change in a document to change the context entirely. Sometimes just changing and to or, or our to your can drastically change the agreement. That is easy for a busy lawyer to miss.

[ghaff]

All a notary is doing is validating that the person signing a document has a government-issued photo ID that matches the name under a signature line. Nothing more than that.

[LinuxBender]

Agreed, though there are copies of the documents made and given to all parties. If a document is changed after being notarized it can be proven in court what the original documents contained. A real notary will be tracking the number of pages, making copies of all of them and signing off what they witnessed. Everyone gets the signed copies and everyone provides their ID in person. A full chain of custody is simply not possible using internet based services with current technology.

[ghaff]

I'm pretty sure when I've gone to a notary in Massachusetts, they've just checked ID, witnessed a signature, stamped the document, and made a notation in a log book. I'm pretty sure they've never made a copy of anything. There is something called a Medallion Signature though which perhaps involves more.