Chrome’s “PDF Signatures” Aren’t Digital Signatures
Chrome can draw a signature in a PDF. It cannot produce a standards-based digital signature with cryptographic integrity and signer assurance. It will break existing Electronic Signatures in a PDF.
Heise reports that Chrome added “digital signatures” and annotations. Google’s own release wording (“annotate, highlight and draw a signature on a PDF”) conveys the same, but is only accurate for UX, not for standards semantics: this is proprietary scribbling, not digital signing. Worse, it breaks real digital signatures that are already in a document.
Under the hood
To someone familiar with PDF internals, Google‘s alleged „productivity feature“ is a disappointment: different than stated, it does not use Ink Annotation objects (/Subtype /Ink, /InkList), and it does not create PDF signature objects (/Sig, /ByteRange). The latter means no cryptographic signer binding, no tamper-evident document integrity, no non-repudiation, and no PAdES-/eIDAS-style trust semantics („Electronic Signatures“). As the PDF Association puts it:
[Instead,] Chrome “bakes” the drawn content into each PDF page’s content stream, using a marked-content sequence with the custom tag “
GOOG:INKIsInker” (as defined here). This method not only invalidates PDFs with genuine digital signatures (by modifying the signed document), but also makes removing user scribbles from Google Chrome PDFs much more difficult for most users.
Implementation
The source code implementation is part of the open-sourced Chromium project: ink is stored as vector path content tagged with „GOOG:INKIsInker“ (pdf/pdf_ink_constants.h, writer: pdf/pdfium/pdfium_ink_writer.cc, reader: pdf/pdfium/pdfium_ink_reader.cc. The pipeline also performs geometric simplification (including Ramer-Douglas-Peucker in simplify.c) - which at least means that it won‘t leak full handwriting biometrics.
Conclusion
Chrome currently offers a convenient visual markup/signature-drawing workflow. If your workflow requires legally or technically verifiable digital signatures, you still need standards-compliant signing tooling.