ImageVerifierCode 换一换
格式:PDF , 页数:10 ,大小:75.51KB ,
资源ID:734987      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-734987.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI SR 003 232-2011 Electronic Signatures and Infrastructures (ESI) PDF Advanced Electronic Signature Profiles (PAdES) Printable Representations of Electronic Signatures (V1 1 1)《_1.pdf)为本站会员(inwarn120)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI SR 003 232-2011 Electronic Signatures and Infrastructures (ESI) PDF Advanced Electronic Signature Profiles (PAdES) Printable Representations of Electronic Signatures (V1 1 1)《_1.pdf

1、 ETSI SR 003 232 V1.1.1 (2011-02)Special Report Electronic Signatures and Infrastructures (ESI);PDF Advanced Electronic Signature Profiles (PAdES);Printable Representations of Electronic SignaturesETSI ETSI SR 003 232 V1.1.1 (2011-02) 2Reference DSR/ESI-000113 Keywords electronic signatures, PAdES E

2、TSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be

3、 downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the ref

4、erence shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI document

5、s is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permiss

6、ion. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2011. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.

7、 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. LTE is a Trade Mark of ETSI currently being registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned

8、by the GSM Association. ETSI ETSI SR 003 232 V1.1.1 (2011-02) 3Contents Intellectual Property Rights 4g3Foreword . 4g3Introduction 4g31 Scope 5g32 References 5g32.1 Normative references . 5g32.2 Informative references 5g33 Definitions and abbreviations . 6g33.1 Definitions 6g33.2 Abbreviations . 6g3

9、4 The printable representation of an AdES signature value 7g34.1 Methods of Display 7g34.1.1 Alphanumeric Strings . 7g34.1.2 Barcodes . 8g34.2 Scope of Printable Signature 8g34.3 Where does the actual certificate live? . 8g34.4 Use of incremental updates 9g34.5 Use of Document Timestamps . 9g3Histor

10、y 10g3ETSI ETSI SR 003 232 V1.1.1 (2011-02) 4Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be fou

11、nd in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to t

12、he ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Fo

13、reword This Special Report (SR) has been produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). Introduction Electronic documents are a major part of a modern companies business. Trust in this way of doing business is essential for the success and continued development

14、 of electronic business. It is, therefore, important that companies using electronic documents have suitable security controls and mechanisms in place to protect their documents and to ensure trust and confidence with their business practices. In this respect the electronic signature is an important

15、 security component that can be used to protect information and provide trust in electronic business. The European Directive 1999/93/EC i.5 on a community framework for Electronic Signatures defines an electronic signature as: “Data in electronic form which is attached to or logically associated wit

16、h other electronic data and which serves as a method of authentication“. TS 102 778 i.8 specifies the use of the advanced electronic signature, as defined in this Directive for documents represented in an electronic format called Portable Document Format (PDF). This includes Part 6 which covers visu

17、al representation of electronic signatures. In producing TS 102 778-6 i.4 a number of points were identified relating to the representation of electronics signatures applied when the signed PDF document has been converted to printed form (termed printable signatures). It was not possible to fully ad

18、dress these points in TS 102 778-6 i.4. The present document looks more specifically at these points, discussing the issues and identifying some potential solutions for the handling of printable signatures. ETSI ETSI SR 003 232 V1.1.1 (2011-02) 51 Scope The present document discusses the techniques

19、that may be used for printable representations of advanced electronic signatures (AdES) in PDFs. Specifically, focusing on the printable representation of the AdES signature value, for example as a alphanumeric string or bar code. A separate document (TS 102 778-6 i.4) covers the issues of visually

20、displaying other information contained in the signature. The printable representation of the advanced electronic signature value is aimed at electronic signatures created on electronic documents which are then printed. It can be used to verify that a printed signature value stored on an authoritativ

21、e printed document equals to that one derived from the electronic version of the document. It does not necessarily enable the authenticity of the printed document to be verified using electronic techniques without reference back to the electronic document from which the printed document was derived.

22、 As such, electronic/digital documents need to be validated using the included electronic signature and the standard methods for verification PDF Advanced Electronic Signature Profiles; Part 1: PadES Overview - a framework document for PadES“. i.3 ETSI TS 102 778-4: “Electronic Signatures and Infras

23、tructures (ESI); PDF Advanced Electronic Signature Profiles; Part 4: PAdES Long Term - PAdES LTV Profile“. i.4 ETSI TS 102 778-6 “Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles; Part 6: Visual Representations of Electronic Signatures“. i.5 Directive 1999/

24、93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. i.6 IETF RFC 3852 (2004): “Cryptographic Message Syntax (CMS)“. ETSI ETSI SR 003 232 V1.1.1 (2011-02) 6i.7 ISO 19005-1:2005: “Document management - Electronic document file for

25、mat for long-term preservation - Part 1: Use of PDF 1.4 (PDF/A-1)“. i.8 ETSI TS 102 778 (all parts): “Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the terms and

26、definitions given in i.1, i.2 and i.4 and the following apply: PDF Signature: binary data object based on the CMS (RFC 3852 i.6) or related syntax containing a digital signature placed within a PDF document structure as specified in ISO 32000-1 i.1 clause 12.8 with other information about the signat

27、ure applied when it was first created printable signature value: printable representation of, or derived from, the AdES signature value, for example as a alphanumeric string or bar code signature appearance: visual representation of the human act of signing placed within a PDF document at signing ti

28、me and linked to an advanced electronic signature signature dictionary: PDF data structure, of type dictionary, as described in ISO 32000-1 i.1, clause 12.8.1, Table 252 that contains all the of information about the Digital Signature signature verification representation: visual representation of t

29、he verification of an advanced electronic signature signer: entity that creates an electronic signature verifier: entity that validates an electronic signature 3.2 Abbreviations For the purposes of the present document, the abbreviations given below apply: AdES Advanced Electronic Signature NOTE: As

30、 specified in Directive 1999/93 i.5. CMS Cryptographic Message Syntax NOTE: As specified in RFC 3852 i.6. PAdES PDF Advanced Electronic Signature PDF Portable Document Format ETSI ETSI SR 003 232 V1.1.1 (2011-02) 74 The printable representation of an AdES signature value The AdES signature value is

31、sequence of bytes that is a result of cryptographic algorithms and can be used to mathematically prove the integrity of some data and authenticate the signer who applied the AdES. In the case of a PDF signature, the AdES signature value applies to the complete document at the time of signing. This p

32、roof is done with the aid of computers and therefore is best kept in electronic form as part as the PDF signature. Nevertheless there are use-cases where the inclusion of the signature value in a printable form may be required to provide a reliable proof of equivalence between an electronic document

33、 and the document in printed form. In addition to the signature value, further information could be printed along with the printable signature value. Such information could point to guidelines describing the verification of documents or give further details about the signer. For example, the printab

34、le signature value may serve the purpose of demonstrating that an electronic document version is equivalent to a trusted printed document by comparing a AdES signature value of the electronic document to the printed signature value from a printed document. Alternatively, a printed document (such as

35、an e-ticket) which includes the printable signature value can be presented as proof that the document held is equivalent to an electronic original. The common practice is to include the AdES signature value or a digest of the signature value somewhere in the printable content of the document, usuall

36、y in an area explicitly designated for such a value. This information could be displayed as alphanumeric encoded text or a 2D barcode in order to make a machine-aided reconstruction of the signature value from the printed document possible. By using a digest, the amount of numeric data that needs to

37、 be printed in the document is reduced which is also a benefit. How the signing applications adds the printable signature value to the documents content bears some challenges since the AdES signature value, by definition, is created as the last step of creating a signed document. Since the signature

38、 covers all visible content (“what you see is what you sign“), any change to the document content would invalidate the signature. To address this cyclic dependency between the printable signature value and visible content, a variety of methodologies exist, each with their pros & cons. In the followi

39、ng clauses, we will present some of these and discuss their usability in various workflows. The most important thing when choosing which method to use is that there be a common understanding between creator and processor of the printable signature value on how these values are created and processed

40、to ensure interoperability. This understanding includes: Whether a digest is applied to the signature value and, if one is applied what digest algorithm is used. The mechanism used to encode the signature value (e.g. Alphanumeric text, barcode). If a barcode is used, the identity of the standard bar

41、code “symbology“ which was used. Where the actual certificate used to sign, and any associated revocation information, is to be stored. 4.1 Methods of Display 4.1.1 Alphanumeric Strings The most common visible representation is to convert the digest/hash of the document (or the signature) into a alp

42、hanumeric string using an algorithm such as Base64 or ASCII85 and then add it to the displayed page content. Usually this string is part of a larger block of explanatory or information text that incorporates useful metadata for a human to identify the present document and where it may have come from

43、 and how to validate it. An alphanumeric string is simple to compute and does not take up a large amount of space on the page, mostly determined by the length of the hash and the font and font size chosen for display. It can be read, and if required for verification purposes, typed in by humans and

44、(with some aid to knowing where on the page to look) by machine. ETSI ETSI SR 003 232 V1.1.1 (2011-02) 84.1.2 Barcodes A barcode is an optical machine-readable representation of data where the details of the representation are described through the specification of a symbology. The specification of

45、a symbology includes the encoding of the single digits/characters of the message as well as the start and stop markers into bars and space, the size of the quiet zone required to be before and after the barcode as well as the computation of a checksum. There are numerous symbologies available, both

46、in 1D (linear) or 2D. The choice should be based on what data is chosen to be encoded. A single implementation may choose to, as in the case of alphanumeric strings, encode the digest/hash of the document (or the signature) into a simple 1D barcode. Figure 1 Another option would be to take some (or

47、all) of the pages content, perhaps only the textual data, or a set of variable field values, and encode those into a 2D barcode. One of the problems with such barcodes is that the larger the data being encoded, the larger the barcode - so that it would be possible to have a barcode that takes up mor

48、e physical space on the page than the actual content being encoded! Figure 2 One advantage of PDF when working with barcodes is that it is possible to have them computed dynamically at the time of display by a conforming reader, rather than at signing time, through the use of a barcode field. These

49、are a standard type of form field available in both the XFA and AcroForm form technologies of PDF. NOTE: Since they were introduced in PDF 1.5, they are not compatible with PDF/A-1 (ISO 19005-1 i.7) but would be with PDF/A-2. 4.2 Scope of Printable Signature Currently, standard advanced electronic signatures for PDF, such as specified in ISO 32000-1 i.1 and profiled in TS 102 778 i.8 (PadES), apply to the whole PDF document as its stands when the signature is created. This includes any graphics and layout in the signature. PD

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1