Section 6.1 "Per FDA part 11 compliance..."
I am not aware of any export formats required by 21 CFR 11. Suggest striking this phrase.
Section 6.2 "However, the signing party cannot be easily verified"
This is too subjective a statement and should be removed, or added to to qualify under what conditions an electronic signature's signing party cannot be easily verified. If this is true, why does FDA accept them per 21 CFR 11?
Section 6.2 "RSA or Elliptic Curve"
Are these terms defined or given a reference anywhere in the specification? If not they should be.
Section 6.3 "...Source, Digital Signature, and Date"
Digital signature only? Or should this be Electronic Signature? If digital only, why does the BPM metadata not support electronic signatures?
--