XML Superior Digital Signatures (XAdES) W3C Note twenty February 2003 This model: Newest model: Authors: Juan Carlos Cruellas, UPC<cruellas@ac.upc.es> Gregor Karlinger, IAIK<gregor.kerlinger@iaik.at> Denis Pinkas, Bull<Denis.Pinkas@bull.net> John Ross, Security and Standards<ross@secstan.com> Editors: Juan Carlos Cruellas,
Office 2007 Product Key, UPC<cruellas@ac.upc.es> Gregor Karlinger, IAIK<gregor.kerlinger@iaik.at> Krishna Sankar,
Microsoft Office Professional 2007, Cisco<ksankar@cisco.com> Contributor: Krishna Sankar,
Office 2007 Professional, Cisco<ksankar@cisco.com>
Copyright © 2003 ETSI , All
Rights Reserved.
Abstract
This be aware (XAdES) extends the IETF/W3CXML-Signature Syntax and Processing
specification [XMLDSIG] into the domain of
non-repudiation by defining XML formats for sophisticated digital signatures
that remain valid over long periods and are compliant with the European
"Directive 1999/93/EC of the European Parliament and of the Council of 13
December 1999 on a Community framework for electronic signatures" [EU-DIR-ESIG] (also denoted as "the Directive" or the
"European Directive" in the rest of the present document) and incorporate
additional useful information in common uses cases. This includes evidence as
to its validity even if the signer or verifying party later attempts to deny
(repudiates) the validity of the signature.
An innovative digital signature aligned with the present document can, in
consequence, be used for arbitration in case of a dispute between the signer
and verifier, which may occur at some later time,
Windows 7 Professional, even years later.
This notice adds six additional forms to [XMLDSIG]]:
XML Innovative Digital Signature (XAdES): Provides basic authentication and integrity protection and satisfies the legal requirements for innovative electronic signatures as defined in the European Directive [EU-DIR-ESIG]. But does not provide non-repudiation of its existence. This form adds the following elements to [XMLDSIG]:
QualifyingProperties
SignedProperties
SignedSignatureProperties
SigningTime
SigningCertificate
SignaturePolicyIdentifier
SignatureProductionPlace?
SignerRole?
SignedDataObjectProperties
DataObjectFormat*
CommitmentTypeIndication*
AllDataObjectsTimeStamp*
IndividualDataObjectsTimeStamp*
UnsignedProperties
UnsignedSignatureProperties
CounterSignature*
XML Advanced Electronic Signature with Time-Stamp (XAdES-T): Includes time-stamp to provide protection against repudiation. This form adds the following element to XAdES form within the indicated element:
Within UnsignedSignatureProperties element:
SignatureTimeStamp+
XML Advanced Digital Signature with complete validation data (XAdES-C): Includes references to the set of data supporting the validation of the digital signature (i.e. the references to the certification path and its associated revocation status information). This form is useful for those situations where such information is archived by an external source, like a trusted service provider. This form adds the following elements to XAdES-T form within the indicated element:
Within UnsignedSignatureProperties element:
CompleteCertificateRefs
CompleteRevocationRefs
XML Advanced Electronic Signature with eXtended validation data (XAdES-X): Includes time-stamp on the references to the validation data or on the ds:Signature element and the aforementioned validation data. This time-stamp counters the risk that any keys used in the certificate chain or in the revocation status information may be compromised. As it has been said, this form has two alternative implementations. The first one adds the following element to XAdES-C:
Within the UnsignedSignatureProperties element :
RefsOnlyTimeStamp*
The second one, adds the following element to XAdES-C:
Within the UnsignedSignatureProperties element:
SigAndRefsTimeStamp*
XML Sophisticated Digital Signature with eXtended validation data incorporated for the long term (XAdES-X-L): Includes the validation data for those situations where the validation data are not stored elsewhere for the long term. This form adds the following elements to XAdES-X:
Within the UnsignedSignatureProperties:
CertificatesValues
RevocationValues
XML Superior Electronic Signature with archiving validation data (XAdES-A): It includes additional time-stamps for archiving signatures in a way that they are protected if the cryptographic data become weak. This form adds the following elements to XAdES-X-L:
Within the UnsignedSignatureProperties:
ArchiveTimestamp+
This be aware also articulates the following roles and their responsibilities
with respect to signature validity:
Signer: the entity that creates the digital signature. When the signer digitally signs over data object(s) using the prescribed format, this represents a commitment on behalf of the signing entity to the data object(s) being signed.
Verifier: the entity that verifies the electronic signature. It may be a single entity or multiple entities
Trusted Service Providers: one or more entities that help to build trust relationships between the signer and verifier. The TSPs include Certification Authorities, Registration Authorities, Repository Authorities (e.g. a directory), Time-Stamping Authorities,
Office Professional 2010, Signature Policy Issuers and Attribute Authorities.
Arbitrator: An entity that arbitrates in disputes between a signer and a verifier.
Windows 7 Professional XML Advanced Electronic Sig
Linear Mode
