At this time, it is recommended to digitally sign all documents with the free Adobe Acrobat Reader DC or Adobe Acrobat DC to avoid invalidating digital signatures.
Click on the buttons to open the collapsible content.
Bluebeam has its own validation process for digital signatures where subsequent signatures are considered a change to the document, which invalidates the signatures.
Bluebeam does not support field locking, which is utilized on many of the Department’s Construction forms.
The Department is working diligently with Bluebeam to resolve these issues. Bluebeam is suitable for digitally signing Final As-Built Plans. Please contact your DFEM if you have questions.
It is recommended to only digitally sign documents with the free Adobe Acrobat Reader DC or Adobe Acrobat DC to avoid invalidating digital signatures.
The Department chose to go with a signature authority that provides a National Institute of Standards and Technology (NIST) assurance level of three (3) or higher. This affords a greater level of assurance for the Department, that documents being digitally signed, are in fact by the intended person. The signee must go through a notarized application process, in which two forms of State issued identification must be presented to a notary. The end result of an approved application, is a Digital Signature that is rooted on your device and secured by a password the signee chooses, much like a debit card. In order for the signature to then be applied to a document, the signee inputs their confidential password and through a PKI infrastructure, the signature can be validated by the recipient of the document. Adobe signatures do not provide this level of security or assurance for the Department.
Follow the steps here to direct Adobe Reader to use the Windows Certificate Store to validate signatures in addition to the Adobe Reader or Acrobat Certificate Store. If you continue to have issues, you may need to import the root certificate for the issuing signature authority (contact the SCO System Section for more information)
No. It is better to allow the root certificates to check for the signature certificate’s validity and revocation. By adding an individual’s certificate to your Trusted Certificate (even if you know the individual personally), you are by-passing this process and forcing your computer to accept a signature regardless of its status. If a certificate is showing up as UNKNOWN, follow instructions in the answer above. If that does not work, contact the SCO System Section to ensure your computer has the appropriate root certificates installed on your computer. (Additional Information)
Bluebeam performs the verification of a digital signature based on the current time; even though, the digital signature was valid at the time the document was signed. Both are correct based on when the validation was made, but it is more important to know if a digital signature is valid at the time of signing.
It is recommended to verify documents using Adobe with the setting as shown below (Select Edit, Preferences, Verification More…).
The logic of how a digital signature is applied dictates this. A physical copy of an digitally signed document cannot be validated as required per Florida Statute Section 668; therefore a wet ink signature cannot be added to a document after it has been digitally signed. Also, the reason for DCE Memo 06-17 is to avoid mixing types of signatures, since some Surety companies do not have digital signatures and we do not have any authority over their compliance. We encourage Sureties to use digital signatures if they have them or are willing to acquire them.
The Florida Board of Professional Engineers used this logic in their January 2016 Update for signing and sealing, but the logic applies to signatures without seals too:
If the contract in question has the Spec 4-1 language for digital signatures, it states “All documents requiring a signature must be executed electronically by both parties…,” which also means don’t mix signature types.
No. DocuSign does provide a digital certificate for each document signed, but it does not issue a user specific certificate for each document. The Department requires a NIST Assurance Level 3 certificate for authentication and recognition of each signer’s identity: http://www.fdot.gov/it/ApprovedDigitalCertificateAuthorities.shtm.
As you can see in the screenshots below, DocuSign documents are signed by “DocuSign, Inc.” This is not acceptable to comply with the Department digital signature requirements.