This week marks the beginning of my 30-day iThome Iron Man challenge. We laid the groundwork for understanding electronic signatures and explored the key technologies behind them.
Now, let’s do a quick recap of Week 1.

Key Takeaway 1 : Understanding the Core Terms

First, we clarified the difference between electronic signatures and digital signatures using the “pyramid of trust”.
At the bottom is the electronic signature (the act of signing), in the middle is the electronic signature (the legal concept in Taiwan),and at the top is the digital signature (the secure technology).
In short, the digital signature is a type of the electronic signature, and it offers the highest level of legal assurance.

Key Takeaway 2 : Taiwan's Electronic Signature Act

Next, we explore the key points of Taiwan’s Electronic Signature Act.
In Taiwan, electronic signatures are legally recognized and have the same legal effect as handwritten signatures and paper documents.
Among all types of electronic signatures, digital signatures offer the highest level assurance.
Simply put, electronic signatures are both legal and trusted in Taiwan.
This legal recognition makes it easier for businesses in Taiwan to adopt paperless processes.

Key Takeaway 3 : The Technology Behind the Trust

Finally, we explored the core technology behind digital signatures : Public Key Infrastructure (PKI).
Through real-life examples and simple analogies, we learned about how public key, private key, and hash functions work behind the scenes.
We also discovered that a digital certificate issued by Certificate Authority (CA) works just like a digital ID card, proving the identity of the signer and establishing the trust.

Next week, we will dive into practical side of things from a Project Manager's perspective, including API integration, the user's signing journey, and other technical details. Stay tuned!

不知不覺，鐵人賽第一週就這樣完成了。

過去六天，我們從零開始認識了電子簽名這門學問，今天，就讓我們一起來回顧這週我們學了些什麼吧。

第一週總整理

Day 1 & Day 2：建立 & 釐清觀念

我們用信任金字塔來區分了最廣泛概念的「電子簽名」、法律概念的「電子簽章」，以及使用技術建立安全性的「數位簽章」。
Takeaway : 電子簽章跟數位簽章都是電子簽名的一種，其中數位簽章效力最強。

Day 3：以法律來看，它真的有效嗎？

我們解讀了臺灣現行的《電子簽章法》，掌握了「等同紙本效力」、「數位簽章的效力」以及「相對人的同意」等關鍵條文。
Takeaway : 電子簽章是具有效力，且明確由法律背書的。

Day 4 & Day 5：技術核心

我們用果汁店老闆的保證書和神奇果汁機的故事，解釋了公私鑰、雜湊等技術，並了解由 CA 發行的數位憑證，就如同我們的數位身份証一樣。
Takeaway : PKI 是建立網路通訊安全性的基礎架構。

Day 6：實戰演練，走完一場完整的簽署旅程

我們扮演準備發送 MOU 給客戶的業務，看著一份 PDF，如何透過先前提到的法律與技術，變成一份具備法律效力的數位文件。
Takeaway : 將所有技術及法律，帶到實際流程中，幫助理解。

從明天開始，我們準備從理論轉向實戰，深入探討「How」。帶著大家從 PM 的視角，去拆解 API 文件、手把手體驗簽署流程，並探討時間戳以及稽核軌跡等更進階的技術應用。