Electronic Signatures and Infrastructures (ESI) - Procedures for Creation and Validation of AdES Digital Signatures - Part 1: Creation and Validation

REN/ESI-0019102-1v121

Elektronski podpisi in infrastruktura (ESI) - Postopki za oblikovanje in validacijo digitalnih podpisov AdES - 1. del: Oblikovanje in validacija

General Information

Status
Published
Public Enquiry End Date
31-Oct-2021
Publication Date
15-Nov-2021
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
08-Nov-2021
Due Date
13-Jan-2022
Completion Date
16-Nov-2021
Mandate

Buy Standard

Standard
SIST EN 319 102-1 V1.3.1:2022
English language
83 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Standard
ETSI EN 319 102-1 V1.3.1 (2021-11) - Electronic Signatures and Infrastructures (ESI); Procedures for Creation and Validation of AdES Digital Signatures; Part 1: Creation and Validation
English language
83 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ETSI EN 319 102-1 V1.2.3 (2021-08) - Electronic Signatures and Infrastructures (ESI); Procedures for Creation and Validation of AdES Digital Signatures; Part 1: Creation and Validation
English language
83 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
oSIST prEN 319 102-1 V1.2.3:2021
English language
83 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (sample)

SLOVENSKI STANDARD
SIST EN 319 102-1 V1.3.1:2022
01-oktober-2021

Elektronski podpisi in infrastruktura (ESI) - Postopki za oblikovanje in validacijo

digitalnih podpisov AdES - 1. del: Oblikovanje in validacija

Electronic Signatures and Infrastructures (ESI) - Procedures for Creation and Validation

of AdES Digital Signatures - Part 1: Creation and Validation
Ta slovenski standard je istoveten z: ETSI EN 319 102-1 V1.3.1 (2021-11)
ICS:
35.040.01 Kodiranje informacij na Information coding in general
splošno
SIST EN 319 102-1 V1.3.1:2022 en

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN 319 102-1 V1.3.1:2022
---------------------- Page: 2 ----------------------
SIST EN 319 102-1 V1.3.1:2022
ETSI EN 319 102-1 V1.3.1 (2021-11)
EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Procedures for Creation and Validation
of AdES Digital Signatures;
Part 1: Creation and Validation
---------------------- Page: 3 ----------------------
SIST EN 319 102-1 V1.3.1:2022
2 ETSI EN 319 102-1 V1.3.1 (2021-11)
Reference
REN/ESI-0019102-1v121
Keywords
electronic signature, security, trust services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search

The present document may be made available in electronic versions and/or in print. The content of any electronic and/or

print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any

existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI

deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.

Users of the present document should be aware that the document may be subject to revision or change of status.

Information on the current status of this and other ETSI documents is available at

https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx

If you find errors in the present document, please send your comment to one of the following services:

https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Notice of disclaimer & limitation of liability

The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of

experience to understand and interpret its content in accordance with generally accepted engineering or

other professional standard and applicable regulations.

No recommendation as to products and services or vendors is made or should be implied.

In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not

limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property

rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages

for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use

of or inability to use the software.
Copyright Notification

No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and

microfilm except as authorized by written permission of ETSI.

The content of the PDF version shall not be modified without the written authorization of ETSI.

The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2021.
All rights reserved.
ETSI
---------------------- Page: 4 ----------------------
SIST EN 319 102-1 V1.3.1:2022
3 ETSI EN 319 102-1 V1.3.1 (2021-11)
Contents

Intellectual Property Rights ................................................................................................................................ 7

Foreword ............................................................................................................................................................. 7

Modal verbs terminology .................................................................................................................................... 8

Introduction ........................................................................................................................................................ 8

1 Scope ........................................................................................................................................................ 9

2 References ................................................................................................................................................ 9

2.1 Normative references ......................................................................................................................................... 9

2.2 Informative references ...................................................................................................................................... 10

3 Definition of terms, symbols and abbreviations ..................................................................................... 11

3.1 Terms ................................................................................................................................................................ 11

3.2 Symbols ............................................................................................................................................................ 14

3.3 Abbreviations ................................................................................................................................................... 14

4 Signature creation ................................................................................................................................... 15

4.1 Signature creation model .................................................................................................................................. 15

4.2 Signature creation information model .............................................................................................................. 16

4.2.1 Introduction................................................................................................................................................. 16

4.2.2 Signature Creation Constraints ................................................................................................................... 17

4.2.3 Signer's Document (SD) ............................................................................................................................. 17

4.2.4 Signer's Document Representation (SDR) .................................................................................................. 18

4.2.5 Signature attributes ..................................................................................................................................... 18

4.2.5.1 General requirements ............................................................................................................................ 18

4.2.5.2 Signing certificate identifier .................................................................................................................. 19

4.2.5.3 Signature policy identifier ..................................................................................................................... 19

4.2.5.4 Signature policy store ............................................................................................................................ 19

4.2.5.5 Data content type .................................................................................................................................. 19

4.2.5.6 Commitment type indication ................................................................................................................. 20

4.2.5.7 Counter signatures ................................................................................................................................. 20

4.2.5.8 Claimed signing time ............................................................................................................................ 20

4.2.5.9 Claimed signer location ......................................................................................................................... 20

4.2.5.10 Signer's attributes .................................................................................................................................. 20

4.2.6 Data To Be Signed (DTBS) ........................................................................................................................ 21

4.2.7 Data To Be Signed (Formatted) (DTBSF) .................................................................................................. 21

4.2.8 Data To Be Signed Representation (DTBSR) ............................................................................................. 21

4.2.9 Signature ..................................................................................................................................................... 21

4.2.10 Signed Data Object (SDO) ......................................................................................................................... 21

4.2.11 Validation data ............................................................................................................................................ 21

4.3 Signature Classes and Creation Processes ........................................................................................................ 22

4.3.1 Introduction................................................................................................................................................. 22

4.3.2 Creation of Basic Signatures ....................................................................................................................... 23

4.3.2.1 Description ............................................................................................................................................ 23

4.3.2.2 Inputs ..................................................................................................................................................... 23

4.3.2.3 Outputs .................................................................................................................................................. 23

4.3.2.4 Processing ............................................................................................................................................. 24

4.3.2.4.1 Selection of documents to sign ........................................................................................................ 24

4.3.2.4.2 Signature attribute and parameters selection ................................................................................... 24

4.3.2.4.3 Pre-signature presentation ............................................................................................................... 24

4.3.2.4.4 Signature invocation ........................................................................................................................ 25

4.3.2.4.5 Signing............................................................................................................................................. 25

4.3.2.4.6 Signer authentication ....................................................................................................................... 25

4.3.2.4.7 SDO composition ............................................................................................................................ 25

4.3.3 Creation of a Signature with Time .............................................................................................................. 26

4.3.3.1 Description ............................................................................................................................................ 26

4.3.3.2 Inputs ..................................................................................................................................................... 26

4.3.3.3 Outputs .................................................................................................................................................. 26

ETSI
---------------------- Page: 5 ----------------------
SIST EN 319 102-1 V1.3.1:2022
4 ETSI EN 319 102-1 V1.3.1 (2021-11)

4.3.3.4 Process .................................................................................................................................................. 27

4.3.4 Creation of Signatures with Long-Term Validation Material ..................................................................... 27

4.3.4.1 Description ............................................................................................................................................ 27

4.3.4.2 Inputs ..................................................................................................................................................... 27

4.3.4.3 Outputs .................................................................................................................................................. 28

4.3.4.4 Process .................................................................................................................................................. 28

4.3.5 Creation of Signatures providing Long Term Availability and Integrity of Validation Material ............... 28

4.3.5.1 Description ............................................................................................................................................ 28

4.3.5.2 Inputs ..................................................................................................................................................... 29

4.3.5.3 Outputs .................................................................................................................................................. 29

4.3.5.4 Process .................................................................................................................................................. 29

5 Signature validation ................................................................................................................................ 30

5.1 Signature validation model ............................................................................................................................... 30

5.1.1 General requirements .................................................................................................................................. 30

5.1.2 Selecting validation processes .................................................................................................................... 32

5.1.3 Status indication of the signature validation process and signature validation report................................. 33

5.1.4 Validation constraints ................................................................................................................................. 41

5.1.4.1 General requirements ............................................................................................................................ 41

5.1.4.2 X.509 Validation Constraints ................................................................................................................ 42

5.1.4.3 Cryptographic Constraints .................................................................................................................... 42

5.1.4.4 Signature Elements Constraints ............................................................................................................ 42

5.2 Basic building blocks ....................................................................................................................................... 42

5.2.1 Description .................................................................................................................................................. 42

5.2.2 Format Checking ........................................................................................................................................ 43

5.2.2.1 Description ............................................................................................................................................ 43

5.2.2.2 Inputs ..................................................................................................................................................... 43

5.2.2.3 Outputs .................................................................................................................................................. 43

5.2.3 Identification of the signing certificate ....................................................................................................... 44

5.2.3.1 Description ............................................................................................................................................ 44

5.2.3.2 Inputs ..................................................................................................................................................... 44

5.2.3.3 Outputs .................................................................................................................................................. 44

5.2.3.4 Processing ............................................................................................................................................. 44

5.2.4 Validation context initialization .................................................................................................................. 45

5.2.4.1 Description ............................................................................................................................................ 45

5.2.4.2 Inputs ..................................................................................................................................................... 45

5.2.4.3 Outputs .................................................................................................................................................. 45

5.2.4.4 Processing ............................................................................................................................................. 45

5.2.5 Revocation freshness checker ..................................................................................................................... 46

5.2.5.1 Description ............................................................................................................................................ 46

5.2.5.2 Inputs ..................................................................................................................................................... 46

5.2.5.3 Output ................................................................................................................................................... 46

5.2.5.4 Processing ............................................................................................................................................. 46

5.2.6 X.509 certificate validation ......................................................................................................................... 47

5.2.6.1 Description ............................................................................................................................................ 47

5.2.6.2 Inputs ..................................................................................................................................................... 47

5.2.6.3 Outputs .................................................................................................................................................. 47

5.2.6.4 Processing ............................................................................................................................................. 48

5.2.7 Cryptographic verification .......................................................................................................................... 50

5.2.7.1 Description ............................................................................................................................................ 50

5.2.7.2 Inputs ..................................................................................................................................................... 50

5.2.7.3 Outputs .................................................................................................................................................. 50

5.2.7.4 Processing ............................................................................................................................................. 51

5.2.8 Signature Acceptance Validation (SAV) .................................................................................................... 51

5.2.8.1 Description ............................................................................................................................................ 51

5.2.8.2 Inputs ..................................................................................................................................................... 51

5.2.8.3 Outputs .................................................................................................................................................. 52

5.2.8.4 Processing ............................................................................................................................................. 52

5.2.8.4.1 General requirements ....................................................................................................................... 52

5.2.8.4.2 Processing AdES attributes ............................................................................................................. 53

5.2.9 Signature validation presentation building block ........................................................................................ 54

5.3 Validation process for Basic Signatures ........................................................................................................... 55

ETSI
---------------------- Page: 6 ----------------------
SIST EN 319 102-1 V1.3.1:2022
5 ETSI EN 319 102-1 V1.3.1 (2021-11)

5.3.1 Description .................................................................................................................................................. 55

5.3.2 Inputs .......................................................................................................................................................... 55

5.3.3 Outputs ........................................................................................................................................................ 55

5.3.4 Processing ................................................................................................................................................... 55

5.4 Time-stamp validation building block .............................................................................................................. 57

5.4.1 Description .................................................................................................................................................. 57

5.4.2 Inputs .......................................................................................................................................................... 58

5.4.3 Outputs ........................................................................................................................................................ 58

5.4.4 Processing ................................................................................................................................................... 58

5.5 Validation process for Signatures with Time and Signatures with Long-Term Validation Material ............... 58

5.5.1 Description .................................................................................................................................................. 58

5.5.2 Inputs .......................................................................................................................................................... 59

5.5.3 Outputs ........................................................................................................................................................ 59

5.5.4 Processing ................................................................................................................................................... 59

5.6 Validation process for Signatures providing Long Term Availability and Integrity of Validation

Material ............................................................................................................................................................ 62

5.6.1 Introduction................................................................................................................................................. 62

5.6.2 Additional building blocks .......................................................................................................................... 62

5.6.2.1 Past certificate validation ...................................................................................................................... 62

5.6.2.1.1 Description ...................................................................................................................................... 62

5.6.2.1.2 Input ................................................................................................................................................ 63

5.6.2.1.3 Output .............................................................................................................................................. 63

5.6.2.1.4 Processing ........................................................................................................................................ 63

5.6.2.2 Validation time sliding process ............................................................................................................. 64

5.6.2.2.1 Description ...................................................................................................................................... 64

5.6.2.2.2 Input ................................................................................................................................................ 64

5.6.2.2.3 Output .............................................................................................................................................. 64

5.6.2.2.4 Processing ........................................................................................................................................ 64

5.6.2.3 POE extraction ...................................................................................................................................... 65

5.6.2.3.1 Description ...................................................................................................................................... 65

5.6.2.3.2 Input ................................................................................................................................................ 66

5.6.2.3.3 Output .............................................................................................................................................. 66

5.6.2.3.4 Processing ........................................................................................................................................ 66

5.6.2.4 Past signature validation building block ............................................................................................... 66

5.6.2.4.1 Description ...................................................................................................................................... 66

5.6.2.4.2 Input ................................................................................................................................................ 67

5.6.2.4.3 Output .............................................................................................................................................. 67

5.6.2.4.4 Processing ........................................................................................................................................ 67

5.6.3 Validation Process for Signatures providing Long Term Availability and Integrity of Validation

Material ....................................................................................................................................................... 68

5.6.3.1 Description ............................................................................................................................................ 68

5.6.3.2 Input ...................................................................................................................................................... 68

5.6.3.3 Output ................................................................................................................................................... 68

5.6.3.4 Processing ...............................................................................................................................

...

ETSI EN 319 102-1 V1.3.1 (2021-11)
EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Procedures for Creation and Validation
of AdES Digital Signatures;
Part 1: Creation and Validation
---------------------- Page: 1 ----------------------
2 ETSI EN 319 102-1 V1.3.1 (2021-11)
Reference
REN/ESI-0019102-1v121
Keywords
electronic signature, security, trust services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search

The present document may be made available in electronic versions and/or in print. The content of any electronic and/or

print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any

existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI

deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.

Users of the present document should be aware that the document may be subject to revision or change of status.

Information on the current status of this and other ETSI documents is available at

https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx

If you find errors in the present document, please send your comment to one of the following services:

https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Notice of disclaimer & limitation of liability

The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of

experience to understand and interpret its content in accordance with generally accepted engineering or

other professional standard and applicable regulations.

No recommendation as to products and services or vendors is made or should be implied.

In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not

limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property

rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages

for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use

of or inability to use the software.
Copyright Notification

No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and

microfilm except as authorized by written permission of ETSI.

The content of the PDF version shall not be modified without the written authorization of ETSI.

The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2021.
All rights reserved.
ETSI
---------------------- Page: 2 ----------------------
3 ETSI EN 319 102-1 V1.3.1 (2021-11)
Contents

Intellectual Property Rights ................................................................................................................................ 7

Foreword ............................................................................................................................................................. 7

Modal verbs terminology .................................................................................................................................... 8

Introduction ........................................................................................................................................................ 8

1 Scope ........................................................................................................................................................ 9

2 References ................................................................................................................................................ 9

2.1 Normative references ......................................................................................................................................... 9

2.2 Informative references ...................................................................................................................................... 10

3 Definition of terms, symbols and abbreviations ..................................................................................... 11

3.1 Terms ................................................................................................................................................................ 11

3.2 Symbols ............................................................................................................................................................ 14

3.3 Abbreviations ................................................................................................................................................... 14

4 Signature creation ................................................................................................................................... 15

4.1 Signature creation model .................................................................................................................................. 15

4.2 Signature creation information model .............................................................................................................. 16

4.2.1 Introduction................................................................................................................................................. 16

4.2.2 Signature Creation Constraints ................................................................................................................... 17

4.2.3 Signer's Document (SD) ............................................................................................................................. 17

4.2.4 Signer's Document Representation (SDR) .................................................................................................. 18

4.2.5 Signature attributes ..................................................................................................................................... 18

4.2.5.1 General requirements ............................................................................................................................ 18

4.2.5.2 Signing certificate identifier .................................................................................................................. 19

4.2.5.3 Signature policy identifier ..................................................................................................................... 19

4.2.5.4 Signature policy store ............................................................................................................................ 19

4.2.5.5 Data content type .................................................................................................................................. 19

4.2.5.6 Commitment type indication ................................................................................................................. 20

4.2.5.7 Counter signatures ................................................................................................................................. 20

4.2.5.8 Claimed signing time ............................................................................................................................ 20

4.2.5.9 Claimed signer location ......................................................................................................................... 20

4.2.5.10 Signer's attributes .................................................................................................................................. 20

4.2.6 Data To Be Signed (DTBS) ........................................................................................................................ 21

4.2.7 Data To Be Signed (Formatted) (DTBSF) .................................................................................................. 21

4.2.8 Data To Be Signed Representation (DTBSR) ............................................................................................. 21

4.2.9 Signature ..................................................................................................................................................... 21

4.2.10 Signed Data Object (SDO) ......................................................................................................................... 21

4.2.11 Validation data ............................................................................................................................................ 21

4.3 Signature Classes and Creation Processes ........................................................................................................ 22

4.3.1 Introduction................................................................................................................................................. 22

4.3.2 Creation of Basic Signatures ....................................................................................................................... 23

4.3.2.1 Description ............................................................................................................................................ 23

4.3.2.2 Inputs ..................................................................................................................................................... 23

4.3.2.3 Outputs .................................................................................................................................................. 23

4.3.2.4 Processing ............................................................................................................................................. 24

4.3.2.4.1 Selection of documents to sign ........................................................................................................ 24

4.3.2.4.2 Signature attribute and parameters selection ................................................................................... 24

4.3.2.4.3 Pre-signature presentation ............................................................................................................... 24

4.3.2.4.4 Signature invocation ........................................................................................................................ 25

4.3.2.4.5 Signing............................................................................................................................................. 25

4.3.2.4.6 Signer authentication ....................................................................................................................... 25

4.3.2.4.7 SDO composition ............................................................................................................................ 25

4.3.3 Creation of a Signature with Time .............................................................................................................. 26

4.3.3.1 Description ............................................................................................................................................ 26

4.3.3.2 Inputs ..................................................................................................................................................... 26

4.3.3.3 Outputs .................................................................................................................................................. 26

ETSI
---------------------- Page: 3 ----------------------
4 ETSI EN 319 102-1 V1.3.1 (2021-11)

4.3.3.4 Process .................................................................................................................................................. 27

4.3.4 Creation of Signatures with Long-Term Validation Material ..................................................................... 27

4.3.4.1 Description ............................................................................................................................................ 27

4.3.4.2 Inputs ..................................................................................................................................................... 27

4.3.4.3 Outputs .................................................................................................................................................. 28

4.3.4.4 Process .................................................................................................................................................. 28

4.3.5 Creation of Signatures providing Long Term Availability and Integrity of Validation Material ............... 28

4.3.5.1 Description ............................................................................................................................................ 28

4.3.5.2 Inputs ..................................................................................................................................................... 29

4.3.5.3 Outputs .................................................................................................................................................. 29

4.3.5.4 Process .................................................................................................................................................. 29

5 Signature validation ................................................................................................................................ 30

5.1 Signature validation model ............................................................................................................................... 30

5.1.1 General requirements .................................................................................................................................. 30

5.1.2 Selecting validation processes .................................................................................................................... 32

5.1.3 Status indication of the signature validation process and signature validation report................................. 33

5.1.4 Validation constraints ................................................................................................................................. 41

5.1.4.1 General requirements ............................................................................................................................ 41

5.1.4.2 X.509 Validation Constraints ................................................................................................................ 42

5.1.4.3 Cryptographic Constraints .................................................................................................................... 42

5.1.4.4 Signature Elements Constraints ............................................................................................................ 42

5.2 Basic building blocks ....................................................................................................................................... 42

5.2.1 Description .................................................................................................................................................. 42

5.2.2 Format Checking ........................................................................................................................................ 43

5.2.2.1 Description ............................................................................................................................................ 43

5.2.2.2 Inputs ..................................................................................................................................................... 43

5.2.2.3 Outputs .................................................................................................................................................. 43

5.2.3 Identification of the signing certificate ....................................................................................................... 44

5.2.3.1 Description ............................................................................................................................................ 44

5.2.3.2 Inputs ..................................................................................................................................................... 44

5.2.3.3 Outputs .................................................................................................................................................. 44

5.2.3.4 Processing ............................................................................................................................................. 44

5.2.4 Validation context initialization .................................................................................................................. 45

5.2.4.1 Description ............................................................................................................................................ 45

5.2.4.2 Inputs ..................................................................................................................................................... 45

5.2.4.3 Outputs .................................................................................................................................................. 45

5.2.4.4 Processing ............................................................................................................................................. 45

5.2.5 Revocation freshness checker ..................................................................................................................... 46

5.2.5.1 Description ............................................................................................................................................ 46

5.2.5.2 Inputs ..................................................................................................................................................... 46

5.2.5.3 Output ................................................................................................................................................... 46

5.2.5.4 Processing ............................................................................................................................................. 46

5.2.6 X.509 certificate validation ......................................................................................................................... 47

5.2.6.1 Description ............................................................................................................................................ 47

5.2.6.2 Inputs ..................................................................................................................................................... 47

5.2.6.3 Outputs .................................................................................................................................................. 47

5.2.6.4 Processing ............................................................................................................................................. 48

5.2.7 Cryptographic verification .......................................................................................................................... 50

5.2.7.1 Description ............................................................................................................................................ 50

5.2.7.2 Inputs ..................................................................................................................................................... 50

5.2.7.3 Outputs .................................................................................................................................................. 50

5.2.7.4 Processing ............................................................................................................................................. 51

5.2.8 Signature Acceptance Validation (SAV) .................................................................................................... 51

5.2.8.1 Description ............................................................................................................................................ 51

5.2.8.2 Inputs ..................................................................................................................................................... 51

5.2.8.3 Outputs .................................................................................................................................................. 52

5.2.8.4 Processing ............................................................................................................................................. 52

5.2.8.4.1 General requirements ....................................................................................................................... 52

5.2.8.4.2 Processing AdES attributes ............................................................................................................. 53

5.2.9 Signature validation presentation building block ........................................................................................ 54

5.3 Validation process for Basic Signatures ........................................................................................................... 55

ETSI
---------------------- Page: 4 ----------------------
5 ETSI EN 319 102-1 V1.3.1 (2021-11)

5.3.1 Description .................................................................................................................................................. 55

5.3.2 Inputs .......................................................................................................................................................... 55

5.3.3 Outputs ........................................................................................................................................................ 55

5.3.4 Processing ................................................................................................................................................... 55

5.4 Time-stamp validation building block .............................................................................................................. 57

5.4.1 Description .................................................................................................................................................. 57

5.4.2 Inputs .......................................................................................................................................................... 58

5.4.3 Outputs ........................................................................................................................................................ 58

5.4.4 Processing ................................................................................................................................................... 58

5.5 Validation process for Signatures with Time and Signatures with Long-Term Validation Material ............... 58

5.5.1 Description .................................................................................................................................................. 58

5.5.2 Inputs .......................................................................................................................................................... 59

5.5.3 Outputs ........................................................................................................................................................ 59

5.5.4 Processing ................................................................................................................................................... 59

5.6 Validation process for Signatures providing Long Term Availability and Integrity of Validation

Material ............................................................................................................................................................ 62

5.6.1 Introduction................................................................................................................................................. 62

5.6.2 Additional building blocks .......................................................................................................................... 62

5.6.2.1 Past certificate validation ...................................................................................................................... 62

5.6.2.1.1 Description ...................................................................................................................................... 62

5.6.2.1.2 Input ................................................................................................................................................ 63

5.6.2.1.3 Output .............................................................................................................................................. 63

5.6.2.1.4 Processing ........................................................................................................................................ 63

5.6.2.2 Validation time sliding process ............................................................................................................. 64

5.6.2.2.1 Description ...................................................................................................................................... 64

5.6.2.2.2 Input ................................................................................................................................................ 64

5.6.2.2.3 Output .............................................................................................................................................. 64

5.6.2.2.4 Processing ........................................................................................................................................ 64

5.6.2.3 POE extraction ...................................................................................................................................... 65

5.6.2.3.1 Description ...................................................................................................................................... 65

5.6.2.3.2 Input ................................................................................................................................................ 66

5.6.2.3.3 Output .............................................................................................................................................. 66

5.6.2.3.4 Processing ........................................................................................................................................ 66

5.6.2.4 Past signature validation building block ............................................................................................... 66

5.6.2.4.1 Description ...................................................................................................................................... 66

5.6.2.4.2 Input ................................................................................................................................................ 67

5.6.2.4.3 Output .............................................................................................................................................. 67

5.6.2.4.4 Processing ........................................................................................................................................ 67

5.6.3 Validation Process for Signatures providing Long Term Availability and Integrity of Validation

Material ....................................................................................................................................................... 68

5.6.3.1 Description ............................................................................................................................................ 68

5.6.3.2 Input ...................................................................................................................................................... 68

5.6.3.3 Output ................................................................................................................................................... 68

5.6.3.4 Processing ............................................................................................................................................. 69

Annex A (informative): Validation examples ....................................................................................... 72

A.1 General remarks and assumptions .......................................................................................................... 72

A.2 Symbols .................................................................................................................................................. 72

A.3 Example 1: Revoked certificate ............................................................................................................. 73

A.3.1 Introduction ...................................................................................................................................................... 73

A.3.2 Basic signature validation ................................................................................................................................ 73

A.3.3 Val
...

Draft ETSI EN 319 102-1 V1.2.3 (2021-07)
EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Procedures for Creation and Validation
of AdES Digital Signatures;
Part 1: Creation and Validation
---------------------- Page: 1 ----------------------
2 Draft ETSI EN 319 102-1 V1.2.3 (2021-07)
Reference
REN/ESI-0019102-1v121
Keywords
electronic signature, security, trust services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search

The present document may be made available in electronic versions and/or in print. The content of any electronic and/or

print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any

existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI

deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.

Users of the present document should be aware that the document may be subject to revision or change of status.

Information on the current status of this and other ETSI documents is available at

https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx

If you find errors in the present document, please send your comment to one of the following services:

https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Notice of disclaimer & limitation of liability

The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of

experience to understand and interpret its content in accordance with generally accepted engineering or

other professional standard and applicable regulations.

No recommendation as to products and services or vendors is made or should be implied.

In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not

limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property

rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages

for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use

of or inability to use the software.
Copyright Notification

No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and

microfilm except as authorized by written permission of ETSI.

The content of the PDF version shall not be modified without the written authorization of ETSI.

The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2021.
All rights reserved.
ETSI
---------------------- Page: 2 ----------------------
3 Draft ETSI EN 319 102-1 V1.2.3 (2021-07)
Contents

Intellectual Property Rights ................................................................................................................................ 7

Foreword ............................................................................................................................................................. 7

Modal verbs terminology .................................................................................................................................... 7

Introduction ........................................................................................................................................................ 8

1 Scope ........................................................................................................................................................ 9

2 References ................................................................................................................................................ 9

2.1 Normative references ......................................................................................................................................... 9

2.2 Informative references ...................................................................................................................................... 10

3 Definition of terms, symbols and abbreviations ..................................................................................... 11

3.1 Terms ................................................................................................................................................................ 11

3.2 Symbols ............................................................................................................................................................ 14

3.3 Abbreviations ................................................................................................................................................... 14

4 Signature creation ................................................................................................................................... 15

4.1 Signature creation model .................................................................................................................................. 15

4.2 Signature creation information model .............................................................................................................. 16

4.2.1 Introduction................................................................................................................................................. 16

4.2.2 Signature Creation Constraints ................................................................................................................... 17

4.2.3 Signer's Document (SD) ............................................................................................................................. 17

4.2.4 Signer's Document Representation (SDR) .................................................................................................. 18

4.2.5 Signature attributes ..................................................................................................................................... 18

4.2.5.1 General requirements ............................................................................................................................ 18

4.2.5.2 Signing certificate identifier .................................................................................................................. 19

4.2.5.3 Signature policy identifier ..................................................................................................................... 19

4.2.5.4 Signature policy store ............................................................................................................................ 19

4.2.5.5 Data content type .................................................................................................................................. 19

4.2.5.6 Commitment type indication ................................................................................................................. 19

4.2.5.7 Counter signatures ................................................................................................................................. 20

4.2.5.8 Claimed signing time ............................................................................................................................ 20

4.2.5.9 Claimed signer location ......................................................................................................................... 20

4.2.5.10 Signer's attributes .................................................................................................................................. 20

4.2.6 Data To Be Signed (DTBS) ........................................................................................................................ 21

4.2.7 Data To Be Signed (Formatted) (DTBSF) .................................................................................................. 21

4.2.8 Data To Be Signed Representation (DTBSR) ............................................................................................. 21

4.2.9 Signature ..................................................................................................................................................... 21

4.2.10 Signed Data Object (SDO) ......................................................................................................................... 21

4.2.11 Validation data ............................................................................................................................................ 21

4.3 Signature Classes and Creation Processes ........................................................................................................ 22

4.3.1 Introduction................................................................................................................................................. 22

4.3.2 Creation of Basic Signatures ....................................................................................................................... 23

4.3.2.1 Description ............................................................................................................................................ 23

4.3.2.2 Inputs ..................................................................................................................................................... 23

4.3.2.3 Outputs .................................................................................................................................................. 23

4.3.2.4 Processing ............................................................................................................................................. 24

4.3.2.4.1 Selection of documents to sign ........................................................................................................ 24

4.3.2.4.2 Signature attribute and parameters selection ................................................................................... 24

4.3.2.4.3 Pre-signature presentation ............................................................................................................... 24

4.3.2.4.4 Signature invocation ........................................................................................................................ 25

4.3.2.4.5 Signing............................................................................................................................................. 25

4.3.2.4.6 Signer authentication ....................................................................................................................... 25

4.3.2.4.7 SDO composition ............................................................................................................................ 25

4.3.3 Creation of a Signature with Time .............................................................................................................. 26

4.3.3.1 Description ............................................................................................................................................ 26

4.3.3.2 Inputs ..................................................................................................................................................... 26

4.3.3.3 Outputs .................................................................................................................................................. 26

ETSI
---------------------- Page: 3 ----------------------
4 Draft ETSI EN 319 102-1 V1.2.3 (2021-07)

4.3.3.4 Process .................................................................................................................................................. 27

4.3.4 Creation of Signatures with Long-Term Validation Material ..................................................................... 27

4.3.4.1 Description ............................................................................................................................................ 27

4.3.4.2 Inputs ..................................................................................................................................................... 27

4.3.4.3 Outputs .................................................................................................................................................. 28

4.3.4.4 Process .................................................................................................................................................. 28

4.3.5 Creation of Signatures providing Long Term Availability and Integrity of Validation Material ............... 28

4.3.5.1 Description ............................................................................................................................................ 28

4.3.5.2 Inputs ..................................................................................................................................................... 29

4.3.5.3 Outputs .................................................................................................................................................. 29

4.3.5.4 Process .................................................................................................................................................. 29

5 Signature validation ................................................................................................................................ 30

5.1 Signature validation model ............................................................................................................................... 30

5.1.1 General requirements .................................................................................................................................. 30

5.1.2 Selecting validation processes .................................................................................................................... 32

5.1.3 Status indication of the signature validation process and signature validation report................................. 33

5.1.4 Validation constraints ................................................................................................................................. 41

5.1.4.1 General requirements ............................................................................................................................ 41

5.1.4.2 X.509 Validation Constraints ................................................................................................................ 42

5.1.4.3 Cryptographic Constraints .................................................................................................................... 42

5.1.4.4 Signature Elements Constraints ............................................................................................................ 42

5.2 Basic building blocks ....................................................................................................................................... 42

5.2.1 Description .................................................................................................................................................. 42

5.2.2 Format Checking ........................................................................................................................................ 43

5.2.2.1 Description ............................................................................................................................................ 43

5.2.2.2 Inputs ..................................................................................................................................................... 43

5.2.2.3 Outputs .................................................................................................................................................. 43

5.2.3 Identification of the signing certificate ....................................................................................................... 44

5.2.3.1 Description ............................................................................................................................................ 44

5.2.3.2 Inputs ..................................................................................................................................................... 44

5.2.3.3 Outputs .................................................................................................................................................. 44

5.2.3.4 Processing ............................................................................................................................................. 44

5.2.4 Validation context initialization .................................................................................................................. 45

5.2.4.1 Description ............................................................................................................................................ 45

5.2.4.2 Inputs ..................................................................................................................................................... 45

5.2.4.3 Outputs .................................................................................................................................................. 45

5.2.4.4 Processing ............................................................................................................................................. 45

5.2.5 Revocation freshness checker ..................................................................................................................... 46

5.2.5.1 Description ............................................................................................................................................ 46

5.2.5.2 Inputs ..................................................................................................................................................... 46

5.2.5.3 Output ................................................................................................................................................... 46

5.2.5.4 Processing ............................................................................................................................................. 46

5.2.6 X.509 certificate validation ......................................................................................................................... 47

5.2.6.1 Description ............................................................................................................................................ 47

5.2.6.2 Inputs ..................................................................................................................................................... 47

5.2.6.3 Outputs .................................................................................................................................................. 47

5.2.6.4 Processing ............................................................................................................................................. 48

5.2.7 Cryptographic verification .......................................................................................................................... 50

5.2.7.1 Description ............................................................................................................................................ 50

5.2.7.2 Inputs ..................................................................................................................................................... 50

5.2.7.3 Outputs .................................................................................................................................................. 50

5.2.7.4 Processing ............................................................................................................................................. 51

5.2.8 Signature Acceptance Validation (SAV) .................................................................................................... 51

5.2.8.1 Description ............................................................................................................................................ 51

5.2.8.2 Inputs ..................................................................................................................................................... 51

5.2.8.3 Outputs .................................................................................................................................................. 52

5.2.8.4 Processing ............................................................................................................................................. 52

5.2.8.4.1 General requirements ....................................................................................................................... 52

5.2.8.4.2 Processing AdES attributes ............................................................................................................. 53

5.2.9 Signature validation presentation building block ........................................................................................ 54

5.3 Validation process for Basic Signatures ........................................................................................................... 55

ETSI
---------------------- Page: 4 ----------------------
5 Draft ETSI EN 319 102-1 V1.2.3 (2021-07)

5.3.1 Description .................................................................................................................................................. 55

5.3.2 Inputs .......................................................................................................................................................... 55

5.3.3 Outputs ........................................................................................................................................................ 55

5.3.4 Processing ................................................................................................................................................... 55

5.4 Time-stamp validation building block .............................................................................................................. 57

5.4.1 Description .................................................................................................................................................. 57

5.4.2 Inputs .......................................................................................................................................................... 58

5.4.3 Outputs ........................................................................................................................................................ 58

5.4.4 Processing ................................................................................................................................................... 58

5.5 Validation process for Signatures with Time and Signatures with Long-Term Validation Material ............... 58

5.5.1 Description .................................................................................................................................................. 58

5.5.2 Inputs .......................................................................................................................................................... 59

5.5.3 Outputs ........................................................................................................................................................ 59

5.5.4 Processing ................................................................................................................................................... 59

5.6 Validation process for Signatures providing Long Term Availability and Integrity of Validation

Material ............................................................................................................................................................ 62

5.6.1 Introduction................................................................................................................................................. 62

5.6.2 Additional building blocks .......................................................................................................................... 62

5.6.2.1 Past certificate validation ...................................................................................................................... 62

5.6.2.1.1 Description ...................................................................................................................................... 62

5.6.2.1.2 Input ................................................................................................................................................ 63

5.6.2.1.3 Output .............................................................................................................................................. 63

5.6.2.1.4 Processing ........................................................................................................................................ 63

5.6.2.2 Validation time sliding process ............................................................................................................. 64

5.6.2.2.1 Description ...................................................................................................................................... 64

5.6.2.2.2 Input ................................................................................................................................................ 64

5.6.2.2.3 Output .............................................................................................................................................. 64

5.6.2.2.4 Processing ........................................................................................................................................ 64

5.6.2.3 POE extraction ...................................................................................................................................... 65

5.6.2.3.1 Description ...................................................................................................................................... 65

5.6.2.3.2 Input ................................................................................................................................................ 66

5.6.2.3.3 Output .............................................................................................................................................. 66

5.6.2.3.4 Processing ........................................................................................................................................ 66

5.6.2.4 Past signature validation building block ............................................................................................... 66

5.6.2.4.1 Description ...................................................................................................................................... 66

5.6.2.4.2 Input ................................................................................................................................................ 67

5.6.2.4.3 Output .............................................................................................................................................. 67

5.6.2.4.4 Processing ........................................................................................................................................ 67

5.6.3 Validation Process for Signatures providing Long Term Availability and Integrity of Validation

Material ....................................................................................................................................................... 68

5.6.3.1 Description ............................................................................................................................................ 68

5.6.3.2 Input ...................................................................................................................................................... 68

5.6.3.3 Output ................................................................................................................................................... 68

5.6.3.4 Processing ............................................................................................................................................. 69

Annex A (informative): Validation examples ....................................................................................... 72

A.1 General remarks and assumptions .......................................................................................................... 72

A.2 Symbols .................................................................................................................................................. 72

A.3 Example 1: Revoked certificate ............................................................................................................. 73

A.3.1 Introduction ...................................................................................................................................................... 73

A.3.2 Basic signature validation ...................................................................................................................

...

SLOVENSKI STANDARD
oSIST prEN 319 102-1 V1.2.3:2021
01-oktober-2021

Elektronski podpisi in infrastruktura (ESI) - Postopki za oblikovanje in validacijo

digitalnih podpisov AdES - 1. del: Oblikovanje in validacija

Electronic Signatures and Infrastructures (ESI) - Procedures for Creation and Validation

of AdES Digital Signatures - Part 1: Creation and Validation
Ta slovenski standard je istoveten z: ETSI EN 319 102-1 V1.2.3 (2021-07)
ICS:
35.040.01 Kodiranje informacij na Information coding in general
splošno
oSIST prEN 319 102-1 V1.2.3:2021 en

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN 319 102-1 V1.2.3:2021
---------------------- Page: 2 ----------------------
oSIST prEN 319 102-1 V1.2.3:2021
Draft ETSI EN 319 102-1 V1.2.3 (2021-07)
EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Procedures for Creation and Validation
of AdES Digital Signatures;
Part 1: Creation and Validation
---------------------- Page: 3 ----------------------
oSIST prEN 319 102-1 V1.2.3:2021
2 Draft ETSI EN 319 102-1 V1.2.3 (2021-07)
Reference
REN/ESI-0019102-1v121
Keywords
electronic signature, security, trust services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search

The present document may be made available in electronic versions and/or in print. The content of any electronic and/or

print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any

existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI

deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.

Users of the present document should be aware that the document may be subject to revision or change of status.

Information on the current status of this and other ETSI documents is available at

https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx

If you find errors in the present document, please send your comment to one of the following services:

https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Notice of disclaimer & limitation of liability

The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of

experience to understand and interpret its content in accordance with generally accepted engineering or

other professional standard and applicable regulations.

No recommendation as to products and services or vendors is made or should be implied.

In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not

limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property

rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages

for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use

of or inability to use the software.
Copyright Notification

No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and

microfilm except as authorized by written permission of ETSI.

The content of the PDF version shall not be modified without the written authorization of ETSI.

The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2021.
All rights reserved.
ETSI
---------------------- Page: 4 ----------------------
oSIST prEN 319 102-1 V1.2.3:2021
3 Draft ETSI EN 319 102-1 V1.2.3 (2021-07)
Contents

Intellectual Property Rights ................................................................................................................................ 7

Foreword ............................................................................................................................................................. 7

Modal verbs terminology .................................................................................................................................... 7

Introduction ........................................................................................................................................................ 8

1 Scope ........................................................................................................................................................ 9

2 References ................................................................................................................................................ 9

2.1 Normative references ......................................................................................................................................... 9

2.2 Informative references ...................................................................................................................................... 10

3 Definition of terms, symbols and abbreviations ..................................................................................... 11

3.1 Terms ................................................................................................................................................................ 11

3.2 Symbols ............................................................................................................................................................ 14

3.3 Abbreviations ................................................................................................................................................... 14

4 Signature creation ................................................................................................................................... 15

4.1 Signature creation model .................................................................................................................................. 15

4.2 Signature creation information model .............................................................................................................. 16

4.2.1 Introduction................................................................................................................................................. 16

4.2.2 Signature Creation Constraints ................................................................................................................... 17

4.2.3 Signer's Document (SD) ............................................................................................................................. 17

4.2.4 Signer's Document Representation (SDR) .................................................................................................. 18

4.2.5 Signature attributes ..................................................................................................................................... 18

4.2.5.1 General requirements ............................................................................................................................ 18

4.2.5.2 Signing certificate identifier .................................................................................................................. 19

4.2.5.3 Signature policy identifier ..................................................................................................................... 19

4.2.5.4 Signature policy store ............................................................................................................................ 19

4.2.5.5 Data content type .................................................................................................................................. 19

4.2.5.6 Commitment type indication ................................................................................................................. 19

4.2.5.7 Counter signatures ................................................................................................................................. 20

4.2.5.8 Claimed signing time ............................................................................................................................ 20

4.2.5.9 Claimed signer location ......................................................................................................................... 20

4.2.5.10 Signer's attributes .................................................................................................................................. 20

4.2.6 Data To Be Signed (DTBS) ........................................................................................................................ 21

4.2.7 Data To Be Signed (Formatted) (DTBSF) .................................................................................................. 21

4.2.8 Data To Be Signed Representation (DTBSR) ............................................................................................. 21

4.2.9 Signature ..................................................................................................................................................... 21

4.2.10 Signed Data Object (SDO) ......................................................................................................................... 21

4.2.11 Validation data ............................................................................................................................................ 21

4.3 Signature Classes and Creation Processes ........................................................................................................ 22

4.3.1 Introduction................................................................................................................................................. 22

4.3.2 Creation of Basic Signatures ....................................................................................................................... 23

4.3.2.1 Description ............................................................................................................................................ 23

4.3.2.2 Inputs ..................................................................................................................................................... 23

4.3.2.3 Outputs .................................................................................................................................................. 23

4.3.2.4 Processing ............................................................................................................................................. 24

4.3.2.4.1 Selection of documents to sign ........................................................................................................ 24

4.3.2.4.2 Signature attribute and parameters selection ................................................................................... 24

4.3.2.4.3 Pre-signature presentation ............................................................................................................... 24

4.3.2.4.4 Signature invocation ........................................................................................................................ 25

4.3.2.4.5 Signing............................................................................................................................................. 25

4.3.2.4.6 Signer authentication ....................................................................................................................... 25

4.3.2.4.7 SDO composition ............................................................................................................................ 25

4.3.3 Creation of a Signature with Time .............................................................................................................. 26

4.3.3.1 Description ............................................................................................................................................ 26

4.3.3.2 Inputs ..................................................................................................................................................... 26

4.3.3.3 Outputs .................................................................................................................................................. 26

ETSI
---------------------- Page: 5 ----------------------
oSIST prEN 319 102-1 V1.2.3:2021
4 Draft ETSI EN 319 102-1 V1.2.3 (2021-07)

4.3.3.4 Process .................................................................................................................................................. 27

4.3.4 Creation of Signatures with Long-Term Validation Material ..................................................................... 27

4.3.4.1 Description ............................................................................................................................................ 27

4.3.4.2 Inputs ..................................................................................................................................................... 27

4.3.4.3 Outputs .................................................................................................................................................. 28

4.3.4.4 Process .................................................................................................................................................. 28

4.3.5 Creation of Signatures providing Long Term Availability and Integrity of Validation Material ............... 28

4.3.5.1 Description ............................................................................................................................................ 28

4.3.5.2 Inputs ..................................................................................................................................................... 29

4.3.5.3 Outputs .................................................................................................................................................. 29

4.3.5.4 Process .................................................................................................................................................. 29

5 Signature validation ................................................................................................................................ 30

5.1 Signature validation model ............................................................................................................................... 30

5.1.1 General requirements .................................................................................................................................. 30

5.1.2 Selecting validation processes .................................................................................................................... 32

5.1.3 Status indication of the signature validation process and signature validation report................................. 33

5.1.4 Validation constraints ................................................................................................................................. 41

5.1.4.1 General requirements ............................................................................................................................ 41

5.1.4.2 X.509 Validation Constraints ................................................................................................................ 42

5.1.4.3 Cryptographic Constraints .................................................................................................................... 42

5.1.4.4 Signature Elements Constraints ............................................................................................................ 42

5.2 Basic building blocks ....................................................................................................................................... 42

5.2.1 Description .................................................................................................................................................. 42

5.2.2 Format Checking ........................................................................................................................................ 43

5.2.2.1 Description ............................................................................................................................................ 43

5.2.2.2 Inputs ..................................................................................................................................................... 43

5.2.2.3 Outputs .................................................................................................................................................. 43

5.2.3 Identification of the signing certificate ....................................................................................................... 44

5.2.3.1 Description ............................................................................................................................................ 44

5.2.3.2 Inputs ..................................................................................................................................................... 44

5.2.3.3 Outputs .................................................................................................................................................. 44

5.2.3.4 Processing ............................................................................................................................................. 44

5.2.4 Validation context initialization .................................................................................................................. 45

5.2.4.1 Description ............................................................................................................................................ 45

5.2.4.2 Inputs ..................................................................................................................................................... 45

5.2.4.3 Outputs .................................................................................................................................................. 45

5.2.4.4 Processing ............................................................................................................................................. 45

5.2.5 Revocation freshness checker ..................................................................................................................... 46

5.2.5.1 Description ............................................................................................................................................ 46

5.2.5.2 Inputs ..................................................................................................................................................... 46

5.2.5.3 Output ................................................................................................................................................... 46

5.2.5.4 Processing ............................................................................................................................................. 46

5.2.6 X.509 certificate validation ......................................................................................................................... 47

5.2.6.1 Description ............................................................................................................................................ 47

5.2.6.2 Inputs ..................................................................................................................................................... 47

5.2.6.3 Outputs .................................................................................................................................................. 47

5.2.6.4 Processing ............................................................................................................................................. 48

5.2.7 Cryptographic verification .......................................................................................................................... 50

5.2.7.1 Description ............................................................................................................................................ 50

5.2.7.2 Inputs ..................................................................................................................................................... 50

5.2.7.3 Outputs .................................................................................................................................................. 50

5.2.7.4 Processing ............................................................................................................................................. 51

5.2.8 Signature Acceptance Validation (SAV) .................................................................................................... 51

5.2.8.1 Description ............................................................................................................................................ 51

5.2.8.2 Inputs ..................................................................................................................................................... 51

5.2.8.3 Outputs .................................................................................................................................................. 52

5.2.8.4 Processing ............................................................................................................................................. 52

5.2.8.4.1 General requirements ....................................................................................................................... 52

5.2.8.4.2 Processing AdES attributes ............................................................................................................. 53

5.2.9 Signature validation presentation building block ........................................................................................ 54

5.3 Validation process for Basic Signatures ........................................................................................................... 55

ETSI
---------------------- Page: 6 ----------------------
oSIST prEN 319 102-1 V1.2.3:2021
5 Draft ETSI EN 319 102-1 V1.2.3 (2021-07)

5.3.1 Description .................................................................................................................................................. 55

5.3.2 Inputs .......................................................................................................................................................... 55

5.3.3 Outputs ........................................................................................................................................................ 55

5.3.4 Processing ................................................................................................................................................... 55

5.4 Time-stamp validation building block .............................................................................................................. 57

5.4.1 Description .................................................................................................................................................. 57

5.4.2 Inputs .......................................................................................................................................................... 58

5.4.3 Outputs ........................................................................................................................................................ 58

5.4.4 Processing ................................................................................................................................................... 58

5.5 Validation process for Signatures with Time and Signatures with Long-Term Validation Material ............... 58

5.5.1 Description .................................................................................................................................................. 58

5.5.2 Inputs .......................................................................................................................................................... 59

5.5.3 Outputs ........................................................................................................................................................ 59

5.5.4 Processing ................................................................................................................................................... 59

5.6 Validation process for Signatures providing Long Term Availability and Integrity of Validation

Material ............................................................................................................................................................ 62

5.6.1 Introduction................................................................................................................................................. 62

5.6.2 Additional building blocks .......................................................................................................................... 62

5.6.2.1 Past certificate validation ...................................................................................................................... 62

5.6.2.1.1 Description ...................................................................................................................................... 62

5.6.2.1.2 Input ................................................................................................................................................ 63

5.6.2.1.3 Output .............................................................................................................................................. 63

5.6.2.1.4 Processing ........................................................................................................................................ 63

5.6.2.2 Validation time sliding process ............................................................................................................. 64

5.6.2.2.1 Description ...................................................................................................................................... 64

5.6.2.2.2 Input ................................................................................................................................................ 64

5.6.2.2.3 Output .............................................................................................................................................. 64

5.6.2.2.4 Processing ........................................................................................................................................ 64

5.6.2.3 POE extraction ...................................................................................................................................... 65

5.6.2.3.1 Description ...................................................................................................................................... 65

5.6.2.3.2 Input ................................................................................................................................................ 66

5.6.2.3.3 Output .............................................................................................................................................. 66

5.6.2.3.4 Processing ........................................................................................................................................ 66

5.6.2.4 Past signature validation building block ............................................................................................... 66

5.6.2.4.1 Description ...................................................................................................................................... 66

5.6.2.4.2 Input ................................................................................................................................................ 67

5.6.2.4.3 Output .............................................................................................................................................. 67

5.6.2.4.4 Processing ........................................................................................................................................ 67

5.6.3 Validation Process for Signatures providing Long Term Availability and Integrity of Validation

Material ....................................................................................................................................................... 68

5.6.3.1 Description ............................................................................................................................................ 68

5.6.3.2 Input ...................................................................................................................................................... 68

5.6.3.3 Output ................................................................................................................................................... 68

5.6.3.4 Processing .................................................................................

...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.