If a 2 parties document begins as an envelope in DocuSign on one end, it gets signed by the first party alone. I download it and email the finished version of the document with its certificate to the other party; they upload this contract to their DocuSign account to proceed with the second signature. Is it valid? Can the second signature preserve the envelope hash from the first one? If yes, can I do it with certificates from other companies as well?
Hi b.geraldini!
No, this is not valid, especially because during the download and upload procedure, this document could suffer some changes and the “first recipient” would never know about it. Also, it’s important to remember that the Certificate of Completion will only show the information about the recipients that participate in that signature flow.
So, I strong recommend you to include all recipients in the same envelope (signature flow).
Hi, David, You're correct. Validity = Legality.
Sure, the best case scenario is clear to me. However, I need to get more details regarding the preservation of the Hash in a flow like that. If the Hash from the first envelope will be preserved meaning that the second envelope will have the same number or if it will change considering that the document has changed after it was done on the first signature.
Hi b.geraldini!
No, this is not valid, especially because during the download and upload procedure, this document could suffer some changes and the “first recipient” would never know about it. Also, it’s important to remember that the Certificate of Completion will only show the information about the recipients that participate in that signature flow.
So, I strong recommend you to include all recipients in the same envelope (signature flow).
Hi, Vinicius, Perfect, the flow is clear to me I'm just trying to understand in a more technical way this scenario if it happens someday.
My opinion is the same as you and the previous comment, by doing that the validity of the first signature is voided, but I need to understand it in a more technical way.
Hi b.geraldini!
No, this is not valid, especially because during the download and upload procedure, this document could suffer some changes and the “first recipient” would never know about it. Also, it’s important to remember that the Certificate of Completion will only show the information about the recipients that participate in that signature flow.
So, I strong recommend you to include all recipients in the same envelope (signature flow).
Hi, Vinicius, Perfect, the flow is clear to me I'm just trying to understand in a more technical way this scenario if it happens someday.
My opinion is the same as you and the previous comment, by doing that the validity of the first signature is voided, but I need to understand it in a more technical way.
Getting a little more technical, if you download any signed document directly from the DocuSign platform, you will see that there is an Entrust signing security seal added to the PDF, which guarantees the integrity of the document and which exactly mentions the envelope ID for that transaction.
Assuming you use this signed PDF file and create a new envelope with other people signing, a new envelopeID will be generated by DocuSign, also generating another certificate of completion.
If in the future you require a certificate of completion of "version 2" of the signed document, you will see that not everyone who signed was part of the flow, so, depending on the country's legislation, the document will not be accepted.
Hi b.geraldini!
No, this is not valid, especially because during the download and upload procedure, this document could suffer some changes and the “first recipient” would never know about it. Also, it’s important to remember that the Certificate of Completion will only show the information about the recipients that participate in that signature flow.
So, I strong recommend you to include all recipients in the same envelope (signature flow).
Hi, Vinicius, Perfect, the flow is clear to me I'm just trying to understand in a more technical way this scenario if it happens someday.
My opinion is the same as you and the previous comment, by doing that the validity of the first signature is voided, but I need to understand it in a more technical way.
Getting a little more technical, if you download any signed document directly from the DocuSign platform, you will see that there is an Entrust signing security seal added to the PDF, which guarantees the integrity of the document and which exactly mentions the envelope ID for that transaction.
Assuming you use this signed PDF file and create a new envelope with other people signing, a new envelopeID will be generated by DocuSign, also generating another certificate of completion.
If in the future you require a certificate of completion of "version 2" of the signed document, you will see that not everyone who signed was part of the flow, so, depending on the country's legislation, the document will not be accepted.
Thanks, Vinicius, that's exactly my point, so the Second envelope will “overwrite” the certificates of the first one preserving only the hash and the certificate of the the First one.
Thanks, Vinicius, that's exactly my point, so the Second envelope will “overwrite” the certificates of the first one preserving only the hash and the certificate of the the First one.
Exactly, the second signed PDF will only contain the signing security seal with the information of the second transaction, making no mention of the seal on the previous envelope.
Reply
Sign up
Already have an account? Login
You can login or register as either a Docusign customer or developer. If you don’t already have a Docusign customer or developer account, you can create one for free when registering.
Customer Login/Registration Developer Login/RegistrationDocusign Community
You can login or register as either a Docusign customer or developer. If you don’t already have a Docusign customer or developer account, you can create one for free when registering.
Customer Login/Registration Developer Login/RegistrationEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.