Code: 	2022-10-106
Requestor: 	Vincent LAURENT
Email: 	contact@24eme.fr
Phone: 	
Organization: 	24eme
Country: 	France
Consent: 	You may keep my data on record
Call: 	Assure_Fund
Project: 	Signature PDF
Website: 	https://github.com/24eme/signaturepdf
Abstract: 	"SignaturePDF" is free software for signing PDFs online. It allows you to add a signature, initials, stamp, text or checkmarks. The signature can be drawn freehand or created from an image. It can be tested here: https://pdf.24eme.fr It is easily installable, all dependencies are packaged on Debian Linux OS. Developed in PHP, it is also easily deployable on standard web servers. It has already been deployed by several parties : town halls, associations, associative hosts (“CHATONS”). There are 2 modes: - Individual: The PDF file, as well as the signature elements, are sent on the server only to be processed by PHP and the pdftk tool and are not stored. - Collective: The PDF is stored on the server for a fixed period and people with a link can sign it simultaneously. We would like to improve and develop the following points: - Improve the confidentiality of data passing through the server - Sovereignty and control of personal data - Ease the integration in others free software - The addition of features allowing users of similar proprietary services to be less dependent on them - Internationalization
Experience: 	I, with my colleagues from the “24eme” cooperative, developed the existing software: https://github.com/24eme/signaturepdf/graphs/contributors The project was initially a challenge, a proof of concept, to see if it was possible to replace already existing proprietary services with free software in a very short time that is easily installable and deployable. The proof of concept was conclusive. It was deployed on one of our server. By the simple publication of the source code with a Free Software licence and without additional external communication, a city, an association specialized in hosting and an other company deployed it for their uses. Then, relayed by the "CHATONS" collective, it was deployed even more widely ( https://pdf.libreon.fr, https://pdf.hostux.net, https://sign.villededeshaies.fr/, https://pdf.nebulae.co/, https://pdf.deblan.org, https://sign.colabcis.fr, ...). The “Logilab” company contributed financially to the development of the shared signatures functionality. “24eme” is a cooperative company that develops only free software, all its employees are computer scientists / web developers. The company is co-managed by all of its developers.
Amount: 	16250
Use: 	The requested budget will be used to achieve the following features: **Improve the confidentiality of data passing through the server:** - Encrypt PDFs transmitted and stored on the servers **Sovereignty and control of personal data:** - Allow to request the deletion of a shared pdf at any time - Allow PDFs to be stored on an external storage (ie: Nextcloud instance) rather than the server where the software is installed **Easier integration of signatures in other free software:** - Integrate "SignaturePDF" in Nextcloud by developing an extension to be able to sign a PDF from the Nextcloud web interface - Build a Debian package **Building additionals features to free users of similar proprietary services to be less dependent on them:** - Files signed and verified with a cryptographic key - Fill in the standard editing areas of a PDF and Signature Field / Acroform - Allow to compress, optimize and reduce the size of the PDF file - Add a hierarchical signature mode with predefined people and specific areas for signatures and initials **Internationalization: ** - Interface internationalization The cost of these developments is made up solely of the labor of the employees of the “24eme”, the daily rate of the “24eme” cooperative is €650 excluding tax. We have estimated the development time for these features to be 25 working days.
Comparison: 	Currently, online PDF signing is mainly offered by paid services and with proprietary source code (DocuSign, SmallPDF, iLovePDF, etc.) The goal of "SignaturePDF" is to offer a free software alternative with the same functionalities as the proprietary software, as well as ease of use and ease of deployment on your own server. Currently, a user who wishes to sign a PDF online, has no control over what happens to their files or how the source PDF they are transmitting is handled, even though it often contains highly confidential data. PDF encryption on the servers is not offered by any proprietary software. The integration of such software into Nextcloud will also be unprecedented to my knowledge. Proprietary online software currently offers more features than "SignaturePDF", such as editing PDF areas, size reduction or the ability to predefine signature areas.
Challenges: 	End-to-end encryption of the PDF before transmission is a technical challenge. The degree of encryption will have to be arbitrated: if storing the document on the servers with a key unknown to the server administrator seems essential, a mechanism for temporarily opening the document on the server must be provided to allow processing that will not be possible on the user's computer. The other major technical challenge is to continue to ensure that the project is easily deployable using tools packaged in Debian and maintained over the long term. The success of this project is due to its low number of dependencies used, the ease of installation and the simplicity of the web interface and the signature workflow.
Ecosystem: 	The French association of hosting companies "Les CHATONS", which aims to offer free services, is already involved in promoting the project. The addition of these functionalities, which are even more respectful of users' privacy, should continue to encourage other collectives of this type to offer SignaturePDF. In addition, SignaturePDF has already been integrated into the YunoHost project (https://yunohost.org/) which makes it very easy to install the software, even for newcomers. The adoption of the versions integrating the developments planned in this part of the project will be a simple way to measure the interest of the community for these functionalities. The beginning of the internationalization will also allow an installation outside the French-speaking territories. If a translation into Turkish has already been proposed, the adoption of the project by non-French-speaking communities offers a lever for the worldwide distribution of the software. As up to now, we will opt for communication via Github, Twitter and Mastodon to present updates and introduce the software to new people, and will seek to make known the software in the non-French-speaking world by these social networks as by more traditional publications (blog, article in the specialized press, ...)