I have some basic questions regarding eIDAS and 'Advanced Electronic Signatures'. Say, if I create a product under my company Acme Inc that offers a simple electronic signature where I sign every completed document digitally with a digital certificate that attests to the identity of Acme Inc (while providing an additional certificate of completion where I attest to the identity of the signers).
Provided, my product can: 1. Uniquely generate signing links to the signatory with unique references to them in the database (be it guest or registered signers), 2. And if the link can be accessed for signing by the signatory by authenticating themselves (e.g: one-time 2FA code to their mobile, confirming their email, etc), and my product can uniquely identify them in our database along with their first name, last name, email, and the mode of identity verification in an authentic certificate of completion. 3. And if and only if the signatory could have had access to the signing URL and the 2FA code, which is under their sole control. 4. And finally, my product can digitally sign the completed document (with the certificate for Acme Inc) in a way that any subsequent change in the data is detectable.
Questions: 1. Would the electronic signature in the above case be considered as an Advanced Electronic Signature? 2. What sort of identity verification method is a) bare minimum and b) more than enough for AES? 3. Should I necessarily be generating individual digital certificates for all signers to be eIDAS compliant AES? Or is a digital certificate for my company (Acmne inc) with an audit certificate of completion good enough?
I've perused the eIDAS document but I am not able to find the answers. Could someone help simplify this for me?
Note: I have also [posted it on law.stackexchange.com](https://law.stackexchange.com/questions/96226/does-a-signature-service-provider-level-digital-certificate-for-electronic-signa).