SIST EN 319 102-1 V1.4.1:2024
(Main)Electronic Signatures and Trust Infrastructures (ESI) - Procedures for Creation and Validation of AdES Digital Signatures - Part 1: Creation and Validation
Electronic Signatures and Trust Infrastructures (ESI) - Procedures for Creation and Validation of AdES Digital Signatures - Part 1: Creation and Validation
The present document specifies procedures for:
• the creation of AdES digital signatures (specified in ETSI EN 319 122-1 [i.2], ETSI EN 319 132-1 [i.4], ETSI EN 319 142-1 [i.6] respectively);
• establishing whether an AdES digital signature is technically valid;
whenever the AdES digital signature is based on public key cryptography and supported by Public Key
Certificates (PKCs). To improve readability of the present document, AdES digital signatures are meant when the term signature is being used.
NOTE 1: Regulation (EU) No 910/2014 [i.15] defines the terms electronic signature, advanced electronic signature, electronic seals and advanced electronic seal. These signatures and seals are usually created using digital signature technology. The present document aims at supporting the Regulation (EU) No 910/2014 [i.15] for creation and validation of advanced electronic signatures and seals when they are implemented as AdES digital signatures.
The present document introduces general principles, objects and functions relevant when creating or validating signatures based on signature creation and validation constraints and defines general classes of signatures that allow for verifiability over long periods.
The following aspects are considered to be out of scope:
• generation and distribution of Signature Creation Data (keys, etc.), and the selection and use of cryptographic algorithms;
• format, syntax or encoding of data objects involved, specifically format or encoding for documents to be signed or signatures created; and
• the legal interpretation of any signature, especially the legal validity of a signature.
NOTE 2: The signature creation and validation procedures specified in the present document provide several options and possibilities. The selection of these options is driven by a signature creation policy, a signature augmentation policy or a signature validation policy respectively. Note that legal requirements can be provided through specific policies, e.g. in the context of qualified electronic signatures as defined in the Regulation (EU) 910/2014 [i.15].
Elektronski podpisi in infrastrukture zaupanja (ESI) - Postopki za oblikovanje in validacijo digitalnih podpisov AdES - 1. del: Oblikovanje in validacija
Ta dokument določa postopke za:
• oblikovanje digitalnih podpisov AdES (določenih v standardih ETSI EN 319 122-1 [i.2], ETSI EN 319 132-1 [i.4], ETSI EN 319 142-1 [i.6]);
• ugotavljanje, ali je digitalni podpis AdES tehnično veljaven;
kadar koli digitalni podpis AdES temelji na kriptografiji javnih ključev in je podprt z digitalnimi potrdili javnih
ključev (PKC). Za izboljšanje berljivosti tega dokumenta je namesto izraza digitalni podpisi AdES uporabljen izraz podpis.
OPOMBA 1: Uredba (EU) št. 910/2014 [i.15] opredeljuje izraze elektronski podpis, napredni elektronski podpis, elektronski žigi in napredni elektronski žig. Ti podpisi in žigi so običajno oblikovani s tehnologijo za digitalne podpise. Namen tega dokumenta je zagotavljanje podpore za Uredbo (EU) št. 910/2014 [i.15] za oblikovanje in validacijo naprednih elektronskih podpisov ter žigov, ko se uporabljajo kot digitalni podpisi AdES.
Ta dokument uvaja splošna načela, objekte in funkcije pri oblikovanju ali validaciji podpisov, ki temeljijo na omejitvah pri oblikovanju in validaciji podpisov, ter opredeljuje splošne razrede podpisov, ki omogočajo preverljivost v daljšem časovnem obdobju.
Področje uporabe ne zajema naslednjih vidikov:
• ustvarjanje in distribucija podatkov za ustvarjanje podpisa (ključi itd.) ter izbor in uporaba kriptografskih algoritmov;
• oblika, skladnja ali kodiranje vključenih podatkovnih objektov, še posebej oblika ali kodiranje za dokumente, ki jih je treba podpisati, ali za oblikovane podpise; in
• pravna razlaga podpisov, še posebej pravna veljavnost podpisa.
OPOMBA 2: Postopki za oblikovanje in validacijo podpisov, podani v tem dokumentu, zagotavljajo več možnosti. Razlog za številne možnosti je politika oblikovanja podpisov, politika razširitve podpisov ali politika validacije podpisov. Pravne zahteve so lahko podane v določenih politikah, npr. v kontekstu kvalificiranih elektronskih podpisov, kot je opredeljeno v Uredbi (EU) št. 910/2014 [i.15].
General Information
Standards Content (Sample)
Draft ETSI EN 319 102-1 V1.4.0 (2024-03)
EUROPEAN STANDARD
Electronic Signatures and Trust Infrastructures (ESI);
Procedures for Creation and Validation
of AdES Digital Signatures;
Part 1: Creation and Validation
2 Draft ETSI EN 319 102-1 V1.4.0 (2024-03)
Reference
REN/ESI-0019102-1V1.4.1
Keywords
electronic signature, security, trust services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.
Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2024.
All rights reserved.
ETSI
3 Draft ETSI EN 319 102-1 V1.4.0 (2024-03)
Contents
Intellectual Property Rights . 7
Foreword . 7
Modal verbs terminology . 7
Introduction . 8
1 Scope . 9
2 References . 9
2.1 Normative references . 9
2.2 Informative references . 10
3 Definition of terms, symbols and abbreviations . 11
3.1 Terms . 11
3.2 Symbols . 14
3.3 Abbreviations . 14
4 Signature creation . 15
4.1 Signature creation model . 15
4.2 Signature creation information model . 17
4.2.1 Introduction. 17
4.2.2 Signature Creation Constraints . 18
4.2.3 Signer's Document (SD) . 18
4.2.4 Signer's Document Representation (SDR) . 18
4.2.5 Signature attributes . 19
4.2.5.1 General requirements . 19
4.2.5.2 Signing certificate identifier . 19
4.2.5.3 Signature policy identifier . 19
4.2.5.4 Signature policy store . 19
4.2.5.5 Data content type . 20
4.2.5.6 Commitment type indication . 20
4.2.5.7 Counter signatures . 20
4.2.5.8 Claimed signing time . 20
4.2.5.9 Claimed signer location . 20
4.2.5.10 Signer's attributes . 21
4.2.6 Data To Be Signed (DTBS) . 21
4.2.7 Data To Be Signed (Formatted) (DTBSF) . 21
4.2.8 Data To Be Signed Representation (DTBSR) . 21
4.2.9 Signature . 21
4.2.10 Signed Data Object (SDO) . 22
4.2.11 Validation data . 22
4.3 Signature Classes and Creation Processes . 22
4.3.1 Introduction. 22
4.3.2 Creation of Basic Signatures . 23
4.3.2.1 Description . 23
4.3.2.2 Inputs . 24
4.3.2.3 Outputs . 24
4.3.2.4 Processing . 24
4.3.2.4.1 Selection of documents to sign . 24
4.3.2.4.2 Signature attribute and parameters selection . 25
4.3.2.4.3 Pre-signature presentation . 25
4.3.2.4.4 Signature invocation . 25
4.3.2.4.5 Signing. 26
4.3.2.4.6 Signer authentication . 26
4.3.2.4.7 SDO composition . 26
4.3.3 Creation of a Signature with Time . 26
4.3.3.1 Description . 26
4.3.3.2 Inputs . 27
4.3.3.3 Outputs . 27
ETSI
4 Draft ETSI EN 319 102-1 V1.4.0 (2024-03)
4.3.3.4 Process . 27
4.3.4 Creation of Signatures with Long-Term Validation Material . 28
4.3.4.1 Description . 28
4.3.4.2 Inputs . 28
4.3.4.3 Outputs . 28
4.3.4.4 Process . 28
4.3.5 Creation of Signatures providing Long Term Availability and Integrity of Validation Material . 29
4.3.5.1 Description . 29
4.3.5.2 Inputs . 29
4.3.5.3 Outputs . 30
4.3.5.4 Process . 30
5 Signature validation . 30
5.1 Signature validation model . 30
5.1.1 General requirements . 30
5.1.2 Selecting validation processes . 33
5.1.3 Status indication of the signature validation process and signature validation report. 34
5.1.4 Validation constraints . 42
5.1.4.1 General requirements .
...
EUROPEAN STANDARD
Electronic Signatures and Trust Infrastructures (ESI);
Procedures for Creation and Validation
of AdES Digital Signatures;
Part 1: Creation and Validation
2 ETSI EN 319 102-1 V1.4.1 (2024-06)
Reference
REN/ESI-0019102-1v1.4.1
Keywords
electronic signature, security, trust services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.
Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2024.
All rights reserved.
ETSI
3 ETSI EN 319 102-1 V1.4.1 (2024-06)
Contents
Intellectual Property Rights . 7
Foreword . 7
Modal verbs terminology . 7
Introduction . 8
1 Scope . 9
2 References . 9
2.1 Normative references . 9
2.2 Informative references . 10
3 Definition of terms, symbols and abbreviations . 11
3.1 Terms . 11
3.2 Symbols . 14
3.3 Abbreviations . 14
4 Signature creation . 15
4.1 Signature creation model . 15
4.2 Signature creation information model . 17
4.2.1 Introduction. 17
4.2.2 Signature Creation Constraints . 18
4.2.3 Signer's Document (SD) . 18
4.2.4 Signer's Document Representation (SDR) . 18
4.2.5 Signature attributes . 19
4.2.5.1 General requirements . 19
4.2.5.2 Signing certificate identifier . 19
4.2.5.3 Signature policy identifier . 19
4.2.5.4 Signature policy store . 19
4.2.5.5 Data content type . 20
4.2.5.6 Commitment type indication . 20
4.2.5.7 Counter signatures . 20
4.2.5.8 Claimed signing time . 20
4.2.5.9 Claimed signer location . 20
4.2.5.10 Signer's attributes . 21
4.2.6 Data To Be Signed (DTBS) . 21
4.2.7 Data To Be Signed (Formatted) (DTBSF) . 21
4.2.8 Data To Be Signed Representation (DTBSR) . 21
4.2.9 Signature . 21
4.2.10 Signed Data Object (SDO) . 22
4.2.11 Validation data . 22
4.3 Signature Classes and Creation Processes . 22
4.3.1 Introduction. 22
4.3.2 Creation of Basic Signatures . 23
4.3.2.1 Description . 23
4.3.2.2 Inputs . 24
4.3.2.3 Outputs . 24
4.3.2.4 Processing . 24
4.3.2.4.1 Selection of documents to sign . 24
4.3.2.4.2 Signature attribute and parameters selection . 25
4.3.2.4.3 Pre-signature presentation . 25
4.3.2.4.4 Signature invocation . 25
4.3.2.4.5 Signing. 26
4.3.2.4.6 Signer authentication . 26
4.3.2.4.7 SDO composition . 26
4.3.3 Creation of a Signature with Time . 26
4.3.3.1 Description . 26
4.3.3.2 Inputs . 27
4.3.3.3 Outputs . 27
ETSI
4 ETSI EN 319 102-1 V1.4.1 (2024-06)
4.3.3.4 Process . 27
4.3.4 Creation of Signatures with Long-Term Validation Material . 28
4.3.4.1 Description . 28
4.3.4.2 Inputs . 28
4.3.4.3 Outputs . 28
4.3.4.4 Process . 28
4.3.5 Creation of Signatures providing Long Term Availability and Integrity of Validation Material . 29
4.3.5.1 Description . 29
4.3.5.2 Inputs . 29
4.3.5.3 Outputs . 30
4.3.5.4 Process . 30
5 Signature validation . 30
5.1 Signature validation model . 30
5.1.1 General requirements . 30
5.1.2 Selecting validation processes . 33
5.1.3 Status indication of the signature validation process and signature validation report. 34
5.1.4 Validation constraints . 42
5.1.4.1 General requirements .
...
SLOVENSKI STANDARD
01-september-2024
Elektronski podpisi in infrastrukture zaupanja (ESI) - Postopki za oblikovanje in
validacijo digitalnih podpisov AdES - 1. del: Oblikovanje in validacija
Electronic Signatures and Trust Infrastructures (ESI) - Procedures for Creation and
Validation of AdES Digital Signatures - Part 1: Creation and Validation
Ta slovenski standard je istoveten z: ETSI EN 319 102-1 V1.4.1 (2024-06)
ICS:
35.040.01 Kodiranje informacij na Information coding in general
splošno
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
EUROPEAN STANDARD
Electronic Signatures and Trust Infrastructures (ESI);
Procedures for Creation and Validation
of AdES Digital Signatures;
Part 1: Creation and Validation
2 ETSI EN 319 102-1 V1.4.1 (2024-06)
Reference
REN/ESI-0019102-1v1.4.1
Keywords
electronic signature, security, trust services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.
Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2024.
All rights reserved.
ETSI
3 ETSI EN 319 102-1 V1.4.1 (2024-06)
Contents
Intellectual Property Rights . 7
Foreword . 7
Modal verbs terminology . 7
Introduction . 8
1 Scope . 9
2 References . 9
2.1 Normative references . 9
2.2 Informative references . 10
3 Definition of terms, symbols and abbreviations . 11
3.1 Terms . 11
3.2 Symbols . 14
3.3 Abbreviations . 14
4 Signature creation . 15
4.1 Signature creation model . 15
4.2 Signature creation information model . 17
4.2.1 Introduction. 17
4.2.2 Signature Creation Constraints . 18
4.2.3 Signer's Document (SD) . 18
4.2.4 Signer's Document Representation (SDR) . 18
4.2.5 Signature attributes . 19
4.2.5.1 General requirements . 19
4.2.5.2 Signing certificate identifier . 19
4.2.5.3 Signature policy identifier . 19
4.2.5.4 Signature policy store . 19
4.2.5.5 Data content type . 20
4.2.5.6 Commitment type indication . 20
4.2.5.7 Counter signatures . 20
4.2.5.8 Claimed signing time . 20
4.2.5.9 Claimed signer location . 20
4.2.5.10 Signer's attributes . 21
4.2.6 Data To Be Signed (DTBS) . 21
4.2.7 Data To Be Signed (Formatted) (DTBSF) . 21
4.2.8 Data To Be Signed Representation (DTBSR) . 21
4.2.9 Signature . 21
4.2.10 Signed Data Object (SDO) . 22
4.2.11 Validation data . 22
4.3 Signature Classes and Creation Processes . 22
4.3.1 Introduction. 22
4.3.2 Creation of Basic Signatures . 23
4.3.2.1 Description . 23
4.3.2.2 Inputs . 24
4.3.2.3 Outputs . 24
4.3.2.4 Processing . 24
4.3.2.4.1 Selection of documents to sign . 24
4.3.2.4.2 Signature attribute and parameters selection . 25
4.3.2.4.3 Pre-signature presentation . 25
4.3.2.4.4 Signature invocation . 25
4.3.2.4.5 Signing. 26
4.3.2.4.6 Signer authentication . 26
4.3.2.4.7 SDO composition . 26
4.3.3 Creation of a Signature with Time . 26
4.3.3.1 Description . 26
4.3.3.2 Inputs . 27
4.3.3.3 Outputs . 27
ETSI
4 ETSI EN 319 102-1 V1.4.1 (2024-06)
4.3.3.4 Process . 27
4.3.4 Creation of Signatures with Long-Term Validation Material . 28
4.3.4.1 Description . 28
4.3.4.2 Inputs . 28
4.3.4.3 Outputs . 28
4.3.4.4 Process . 28
4.3.5 Creation of Signatures providing Long Term Availability and Integrity of Validation Material . 29
4.3.5.1 Description . 29
4.3.5.2 Inputs . 29
4.3.5.3 Outputs . 30
4.3.5.4 Process . 30
5 Signature validation .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.