ETSI TS 119 524-1 V1.1.1 (2019-02)

ETSI TS 119 524-1 V1.1.1 (2019-02)






TECHNICAL SPECIFICATION
Electronic Signatures and Infrastructures (ESI);
Testing Conformance and Interoperability of
Electronic Registered Delivery Services;
Part 1: Testing conformance

---------------------- Page: 1 ----------------------
2 ETSI TS 119 524-1 V1.1.1 (2019-02)



Reference
DTS/ESI-0019524-1
Keywords
conformance, electronic registered delivery,
testing
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2019.
All rights reserved.

TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are trademarks of ETSI registered for the benefit of its Members.
TM TM
3GPP and LTE are trademarks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
oneM2M™ logo is a trademark of ETSI registered for the benefit of its Members and
of the oneM2M Partners.
®
GSM and the GSM logo are trademarks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 ETSI TS 119 524-1 V1.1.1 (2019-02)
Contents
Intellectual Property Rights . 6
Foreword . 6
Modal verbs terminology . 6
1 Scope . 7
2 References . 7
2.1 Normative references . 7
2.2 Informative references . 8
3 Definition of terms, symbols and abbreviations . 8
3.1 Terms . 8
3.2 Symbols . 9
3.3 Abbreviations . 9
4 Overview . 9
5 Test assertions for components that are used in metadata and in ERDS evidence. 10
5.1 Introduction . 10
5.2 Test assertions for instances auxiliary types . 11
5.2.1 Introduction. 11
5.2.2 Test assertions for instances of NonEmptyURIType type . 12
5.2.3 Test assertions for instances of NonEmptyAttributedURIType type . 12
5.2.4 Test assertions for instances of NonEmptyMultiLangURIType type . 13
5.2.5 Test assertions for instances of NonEmptyMultiLangURIListType type . 14
5.2.6 Test assertions for instances of NonEmptyStringType type. 14
5.2.7 Test assertions for instances of AttributedNonEmptyStringType type . 15
5.2.8 Test assertions for instances of xs:boolean type . 15
5.3 Test assertions for instances of EntityIdentifierType type . 16
5.4 Test assertions for instances of AssuranceLevelDetailsType type . 16
5.5 Test assertions for instances of xs:dateTime type . 18
5.6 Test assertions for instances of ERDSPolicyIDType type . 19
6 Common test assertions for ERDS evidence . 20
6.1 Introduction . 20
6.2 Test assertions for Evidence element . 20
6.2.1 XML children of Evidence per type of Evidence . 20
6.3 Test assertions for EvidenceIdentifier element . 23
6.4 Test assertions for ERDSEventId element . 23
6.5 Test assertions for EventReasons element . 24
6.6 Test assertions for EventTime element . 25
6.7 Test assertions for EvidenceIssuerPolidyID element . 26
6.8 Test assertions for EvidenceIssuerDetails element . 26
6.9 Test assertions for SenderDetails element . 26
6.10 Test assertions for SenderDelegateDetails element . 26
6.11 Test assertions for RecipientDetails element . 26
6.12 Test assertions for RecipientsDelegateDetails element. 26
6.13 Test assertions for SubmissionTime element . 26
6.14 Test assertions for EvidenceRefersToRecipient element. 26
6.15 Test assertions for MessageIdentifier element . 27
6.16 Test assertions for UserContentInfo element . 27
6.17 Test assertions for ExtenalERDSDetails element . 30
6.18 Test assertions for ExtenalSystem element . 30
6.19 Test assertions for TransactionLogInformation element. 31
6.20 Test assertions for ds:Signature element . 31
6.21 Test assertions for XML types . 31
6.21.1 Test assertions for instances of EntityDetailsType type . 31
ETSI

---------------------- Page: 3 ----------------------
4 ETSI TS 119 524-1 V1.1.1 (2019-02)
6.21.1.1 Introduction . 31
6.21.1.2 Test assertions for Identity child element of instances of EntityDetailsType type . 32
6.21.1.3 Test assertions for CertificateDetails in instances of EntityDetailsType type . 33
6.21.1.3.1 Test assertions for CertificateDetails child element . 33
6.21.1.3.2 Test assertions for X509Certificate child element of CertificateDetails . 33
6.21.1.3.3 Test assertions for CertID child element of CertificateDetails . 34
6.21.2 Test assertions for instances of UserDetailsType type . 36
6.21.2.1 Introduction . 36
6.21.2.2 Test assertions for Identity child element . 37
6.21.2.3 Test assertions for Identifier child element . 37
6.21.2.4 Test assertions for AssuranceLevelsDetails child element . 37
6.21.3 Test assertions for instances of RecipientsDelegateDetailsType type . 37
6.21.4 Test assertions for instances of AssuranceLevelsDetailsType type . 38
6.21.4.1 Introduction . 38
6.21.4.2 Test assertions for GlobalAssuranceLevel child element . 39
6.21.4.3 Test assertions for AuthenticationDetails child element . 39
6.21.4.4 Test assertions for AuthenticationDetsAndAssuranceLevel child element . 40
6.21.4.5 Test assertions for IdentityProofAssuranceLevel child element . 40
6.21.4.6 Test assertions for FederationAssuranceLevel child element . 42
7 Test assertions for ERDS metadata structure and contents . 42
7.1 Introduction . 42
7.2 Test assertions for RelayMetadata element . 42
7.3 Test assertions for MessageIdentifier element . 42
7.4 Test assertions for ERDMessageType element . 43
7.5 Test assertions for InReplyTo element . 43
7.6 Test assertions for RelayTime element . 43
7.7 Test assertions for ExpirationTime element . 43
7.8 Test assertions for ScheduledDeliveryTime element . 43
7.9 Test assertions for SenderId element . 44
7.10 Test assertions for ReplyTo element . 44
7.11 Test assertions for RecipientId element . 44
7.12 Test assertions for UserContentInfo element . 44
7.13 Test assertions for RequiredAssuranceLevel element . 44
7.14 Test assertions for ApplicablePolicy element . 44
7.15 Test assertions for RequestedConsignmentMode element . 44
7.16 Test assertions for Extensions element . 45
7.17 Test assertions for ds:Signature element . 45
8 Test assertions for ERDS AS4-profile messages . 46
8.1 Test assertions for generic requirements . 46
8.2 Test assertions for signing and encryption of the AS4 message . 50
8.3 Test assertions for binding of ERD Dispatch . 51
8.4 Test assertions for binding of ERDS Receipt . 52
8.5 Test assertions for binding of ERD ServiceInfo . 53
8.6 Test assertions for binding of ERD Payload . 53
9 Test assertions for signatures . 55
10 Test assertions for Common Services Interface . 57
10.1 Test assertions of BDXL binding for capability metadata location . 57
10.2 Test assertions of SMP binding for metadata publishing . 59
10.2.1 Test assertions for ERDS capabilities metadata format . 59
10.2.1.1 Test assertions for ERDSMetadata element . 59
10.2.1.2 Test assertions for ERDSId element. 59
10.2.1.3 Test assertions for ERDSDomain element . 59
10.2.1.4 Test assertions for ERDSGoverningBody element . 59
10.2.1.5 Test assertions for ERDSProfileSupported element . 59
10.2.1.6 Test assertions for ERDSMetadataRepository element . 60
10.2.1.7 Test assertions for ERDSEUQualifiedIndicator element . 60
ETSI

---------------------- Page: 4 ----------------------
5 ETSI TS 119 524-1 V1.1.1 (2019-02)
10.2.1.8 Test assertions for ERDSTLSLocation element . 60
10.2.1.9 Test assertions for ERDSRootCACertLocation element . 60
10.2.1.10 Test assertions for ERDSExpiryDateAndTimeSupport element . 60
10.2.1.11 Test assertions for ERDSScheduledDeliverySupport element . 60
10.2.1.12 Test assertions for ERDSAssuranceLevelsSupported element . 60
10.2.1.13 Test assertions for ERDSPolicySupport element . 60
10.2.1.14 Test assertions for ERDSSupportedConsignmentModes element . 60
10.2.2 Test assertions for metadata publishing . 61
10.3 Test assertions for trust information binding . 62
11 Test assertions for provision of the service . 64
11.1 Introduction . 64
11.2 Test assertions on generation of ERDS evidence in response to events . 64
11.3 Test assertions on ERDS interfaces . 69
11.3.1 Introduction. 69
11.3.2 Security measures on ERDS interfaces . 69
History . 72


ETSI

---------------------- Page: 5 ----------------------
6 ETSI TS 119 524-1 V1.1.1 (2019-02)
Intellectual Property Rights
Essential patents
IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Trademarks
The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners.
ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no
right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does
not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks.
Foreword
This Technical Specification (TS) has been produced by ETSI Technical Committee Electronic Signatures and
Infrastructures (ESI).
The present document is part 1 of a multi-part deliverable covering Testing Conformance and Interoperability of
Electronic Registered Delivery Services, as identified below:
Part 1: "Testing conformance";
Part 2: "Test suites for interoperability testing of Electronic Registered Delivery Service Providers".
Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.

ETSI

---------------------- Page: 6 ----------------------
7 ETSI TS 119 524-1 V1.1.1 (2019-02)
1 Scope
The present document defines the set of checks to be performed for testing conformance in the provision of Electronic
Registered Delivery Services against the specific technical requirements defined in ETSI EN 319 522-3 [3], ETSI
EN 319 522-4-1 [4] and ETSI EN 319 522-4-2 [5].
More specifically, the present document defines test assertions for testing conformance regarding:
1) The structure and contents of ERDS evidence as defined in ETSI EN 319 522-3 [3] (clause 6).
2) The structure and contents of new metadata defined in ETSI EN 319 522-3 [3] (clause 7).
3) The construction of AS4 ERDS messages (clause 8).
4) The generation of digital signatures in ERDS messages and ERDS evidence (clause 9).
5) Some aspects of the Common Service Interface (clause 10).
6) Relevant aspects of the provision of the service, namely: the generation of ERDS evidence following certain
events and the security measures in the relevant interfaces defined in ETSI EN 319 522-1 [1] (clause 11).
The present document does not define test assertions for testing conformance in the provision of Electronic Registered
Delivery Services against technical requirements defined outside of any of the parts of ETSI EN 319 522 [1] to [6],
namely, requirements for: AS4 [15], Business Document Metadata Service Location Version 1.0 (BDXL) [17], Service
Metadata Publishing (SMP) Version 1.0 (SMP) [18] and digital signatures that are defined in their respective
specifications.
2 References
2.1 Normative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
https://docbox.etsi.org/Reference/.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are necessary for the application of the present document.
[1] ETSI EN 319 522-1: "Electronic Signatures and Infrastructures (ESI); Electronic Registered
Delivery Services; Part 1: Framework and Architecture".
[2] ETSI EN 319 522-2: "Electronic Signatures and Infrastructures (ESI); Electronic Registered
Delivery Services; Part 2: Semantic contents".
[3] ETSI EN 319 522-3: "Electronic Signatures and Infrastructures (ESI); Electronic Registered
Delivery Services; Part 3: Formats".
[4] ETSI EN 319 522-4-1: "Electronic Signatures and Infrastructures (ESI); Electronic Registered
Delivery Services; Part 4: Bindings; Sub-part 1: Message delivery bindings".
[5] ETSI EN 319 522-4-2: "Electronic Signatures and Infrastructures (ESI); Electronic Registered
Delivery Services; Part 4: Bindings; Sub-part 2: Evidence and identification bindings".
[6] ETSI EN 319 522-4-3: "Electronic Signatures and Infrastructures (ESI); Electronic Registered
Delivery Services; Part 4: Bindings; Sub-part 3: Capability/requirements bindings".
[7] OASIS Standard: "Test Assertions Model Version 1.0".
ETSI

---------------------- Page: 7 ----------------------
8 ETSI TS 119 524-1 V1.1.1 (2019-02)
[8] CEF eIDAS Technical Sub-group (Version 1.1.2 - October 2016): "eIDAS SAML Attribute
profile".
[9] ETSI TS 119 134-4: "Electronic Signatures and Infrastructures (ESI); XAdES digital signatures -
Testing Conformance and Interoperability; Part 4: Testing Conformance of XAdES baseline
signatures".
[10] ETSI EN 319 132-1: "Electronic Signatures and Infrastructures (ESI); XAdES digital signatures;
Part 1: Building blocks and XAdES baseline signatures".
[11] W3C Recommendation 11 April 2013: "XML Signature Syntax and Processing Version 1.1".
[12] IETF RFC 5035: "Enhanced Security Services (ESS) Update: Adding CertID Algorithm Agility".
[13] W3C Recommendation 28 October 2004: "XML Schema Part 2: Datatypes Second Edition".
[14] ETSI TS 119 134-5: "Electronic Signatures and Infrastructures (ESI); XAdES digital signatures -
Testing Conformance and Interoperability; Part 5: Testing Conformance of extended XAdES
signatures".
[15] OASIS Standard (January 2013): "AS4 Profile of ebMS 3.0 Version 1.0".
[16] ETSI TS 119 312: "Electronic Signatures and Infrastructures (ESI); Cryptographic Suites".
[17] OASIS Standard (August 2017): "Business Document Metadata Service Location Version 1.0".
[18] OASIS Standard (August 2017): "Service Metadata Publishing (SMP) Version 1.0".
[19] IETF RFC 3061 (February 2001): "A URN Namespace of Object Identifiers".
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
[i.1] OASIS Standard: "Web Services Security X.509 Certificate Token Profile 1.1. OASIS Standard
incorporating Approved Errata", 1 November 2006.
[i.2] ETSI EN 319 122-1: "Electronic Signatures and Infrastructures (ESI); CAdES digital signatures;
Part 1: Building blocks and CAdES baseline signatures".
[i.3] ETSI EN 319 142-1: "Electronic Signatures and Infrastructures (ESI); PAdES digital signatures;
Part 1: Building blocks and PAdES baseline signatures".
[i.4] Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on
electronic identification and trust services for electronic transactions in the internal market and
repealing Directive 1999/93/EC.
[i.5] ETSI TS 119 612: "Electronic Signatures and Infrastructures (ESI); Trusted Lists".
3 Definition of terms, symbols and abbreviations
3.1 Terms
For the purposes of the present document, the terms given in ETSI EN 319 522-3 [3] apply.
ETSI

---------------------- Page: 8 ----------------------
9 ETSI TS 119 524-1 V1.1.1 (2019-02)
3.2 Symbols
Void.
3.3 Abbreviations
For the purposes of the present document, the following abbreviations apply:
AS4 Applicability Statement 4
BDXL Business Document Metadata Service Location
CA Certification Authority
CSI Common Service Interface
DNS Domain Name Service
ERD Electronic Registered Delivery
ERDS Electronic Registered Delivery Service
ERDSP Electronic Registered Delivery Service Provider
EU European Union
HTTP Hypertext Transfer Protocol
IETF Internet Engineering Task Force
MEPI Message and Evidence Push Interface
MERI Message and Evidence Retrieval Interface
MSI Message Submission Interface
NID Namespace Identifier
NSS Namespace Specific String
OASIS Organization for the Advancement of Structured Information Standards
QERDS Qualified Electronic Registered Delivery Service
RFC Request for Comments
RI Relay
...