In Microsoft Office XP, it's easy to store and share documents electronically. For example, you can send a document attached to an e-mail message, you can store a document in a shared location, or you can distribute a document on a floppy disk. Being able to share information these ways can make your daily communication much simpler. However, with this increased ease in sharing information comes an increased risk of people tampering with your data or infecting it with a virus.

One way to reduce this risk is to use digital signatures. When you use a digital signature, it helps validate the relationship between you and what you've signed. Similarly, when you use a document or macro project that includes a signature, you have more information about its validity.

When should you use digital signatures

You can use digital signatures within your work organization when you distribute or publish documents. Your signature on a document implies to your co-workers that they are seeing the final, unmodified version of your document. Because multiple signatures can be attached to a single document, you can also use signatures to indicate that you and a co-worker agree on the final contents of a document — for example, you and your manager could both use digital signatures to sign your performance review.

The passage of the Electronic Signatures in Global and National Commerce Act means that documents signed with electronic signatures could be considered legal contracts. However, just as you need to be careful when you sign a document or when you review a document that someone else has signed, you need to be cautious when you use electronic signatures. For example, you need to decide whether or not you trust the signer, and you need to be aware of the significance of the document you're signing.

An electronic signature is only as good as the person or company who used it or the certification authority who issued it. Because an electronic signature could be forged, the usefulness of a signature will be influenced by the degree of trust you have for the person who signed the document and other factors, including when and where the document was signed, what type of signature was used, and where the signature originated.

How to tell if a file is signed

In Office programs that support digital signatures, you'll see two basic types of signed files: signed files such as documents, presentations, or worksheets, and signed macro projects. The way you sign each type of file and the benefits of having each type signed are slightly different. In general, you sign a document to validate its contents; you sign a macro project to provide some assurance that it does not contain a virus.

A document remains signed until it's modified. Therefore, if you're signing a document, attaching the signature should be the last thing that you do before you distribute it. Any changes you make after you sign the document will invalidate the signature.

Signed documents

There are two ways to tell if a document is signed. First, you can look in the status bar. A signed document will contain the signature stamp in the status bar.

You can also look at the title bar of the document window. A signed document will indicate (Signed) just after the title of the document.

To get information about the digital certificate used for the signature, click Options on the Tools menu, click Tools, and then click Digital Signatures.

Signed macros

Macro projects are signed from within the Microsoft Visual Basic Editor. Signed macros work together with the Macro Security setting. Depending on your security setting, Word (or PowerPoint or Excel) will warn you about signed and unsigned macros and suggest appropriate action for you to take in order to help protect your documents from potentially dangerous macros. For example, if the Macro Security setting (on the Tools menu, click Tools, and then click Macro Security) is set to High, unsigned macros will be disabled automatically.

Note  As a general rule, it's a good idea to leave your security setting on High at all times.

If your Macro Security setting is set to Medium or High, you will receive a warning before you open files that contain macros signed with suspicious certificates. The warning dialog box allows you to click Details to view the properties of the certificate. For more information about how the various security settings work with signed and unsigned macros, see the "Macro security levels" topic in Help.

Notes

• A macro project needs to be signed independently of the document. That is, you can't prevent the security warnings about your macros by signing the document, you must also sign the macros.
• Because signing a document should be the last thing you do before you distribute it, you should sign all macros before you sign the document. You should also be aware that there are different types of certificates for signing (some work for signing macros, some work for signing documents, and some work for both).