There are legal regulations defining what qualifies as a digital signature (electronic signature, or "eSignature"). In the USA, there is an act called "Uniform Electronic Transactions Act" (UETA), describing how a digital signature is defined and used in legal context.
Basically, the following components may be involved:
- An electronic document, representing the form with legal obligations when signature is applied.
- A digital signal (picture, sound, etc.) applied additionally to the above document, serving as a signature, i.e. legally accepted proof of approving the document. (The most straight-forward example is applying a transparent picture of a person's hand-written signature onto a PDF document.)
- A digital certificate key pair (with validation from approved Certificate Authorities) to "tamper seal" the document. Using the private key to "sign" the document, legal authorities can use the public key to verify the integrity of the document.
- A "vault" system to store the tamper-sealed document for later legal inquiries.
One may argue that not all of the steps are necessary; however, in certain industries, step 3 and 4 are required by legal regulations, as these are designated to prevent forgery or spoofing. As a result, step 3 is most likely perform by / with a Notary, and sometimes performed together with step 2.
For step 2 and 3, APIs and examples are available on the internet. Adobe PDF's API can deal with both steps, and some open-source components can deal with individual steps. One such example of using an open-source component, iTextSharp, is in CodeProject: E-signing PDF documents with iTextSharp. For more information about eSignature in general, please look at the Wikipedia page Electronic Signature.