Spec (stub) — ESIGN digital signature (Koder Signer US profile)

Version: 0.0.1 — Stub Status: Placeholder (2026-05-23, signer#013 wave C)

This spec is a placeholder. The slot exists so the multi-jurisdiction registry, request validators, and CLAUDE.md trigger table can reference a stable path. Normative content lands when wave F of signing-RFC-001-multi-jurisdiction.kmd begins.

Until then, POST /v1/sign/<format>?jurisdiction=us returns 501 KSIGNER-JURIS-6001 jurisdiction_not_implemented (see icp-brasil.kmd R7).

To be detailed at wave-F start

Per RFC §"Jurisdiction profiles" → US:

• R1 — Signature levels: level=simple|aatl request parameter; simple = any cert + intent metadata; aatl = cert must chain to Adobe Approved Trust List
• R2 — Intent metadata: per ESIGN Act 2000 + UETA, signatures MUST carry a metadata block demonstrating signer's intent to sign (request param intent_statement, written to PDF /Reason field for PAdES; CMS signed attribute for CAdES)
• R3 — Trust source: Adobe AATL snapshot, distributed as CSV; refreshed quarterly (Adobe's cadence); local cache; failure to refresh logs warning but does not stop simple-level signing
• R4 — NIST 800-63 declaration: optional request fields ial=1|2|3 + aal=1|2|3 per NIST SP 800-63-3; written as signed attributes for federal-interaction compliance audit
• R5 — UETA per-state caveats: a few states (NY, WA, IL) have UETA variants that touch signature timestamps differently — captured as conformance notes, not blocking checks
• R6 — Error map: KSIGNER-ESIGN-NNNN series (AATL refresh, intent missing, IAL/AAL mismatch, etc.)
• R7 — Multi-tenancy: inherits policies/multi-tenant-by-default.kmd

Out (separate specs)

• DocuSign / Adobe Sign API compatibility — different problem space (mostly workflow/identity verification, not crypto); separate product roadmap
• ESIGN consumer-disclosure record-retention requirements (UETA §103) — operator's compliance team handles; not signer code