ImageVerifierCode 换一换
格式:PDF , 页数:24 ,大小:109.51KB ,
资源ID:739694      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-739694.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI TS 102 904-2007 Electronic Signatures and Infrastructures Profiles of XML Advanced Electronic Signatures based on TS 101 903 (XAdES) (V1 1 1)《电子签名和基础结构 基于TS 101 903(XAdES)的XML.pdf)为本站会员(appealoxygen216)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI TS 102 904-2007 Electronic Signatures and Infrastructures Profiles of XML Advanced Electronic Signatures based on TS 101 903 (XAdES) (V1 1 1)《电子签名和基础结构 基于TS 101 903(XAdES)的XML.pdf

1、 ETSI TS 102 904 V1.1.1 (2007-02)Technical Specification Electronic Signatures and Infrastructures;Profiles of XML Advanced Electronic Signatures basedon TS 101 903 (XAdES)ETSI ETSI TS 102 904 V1.1.1 (2007-02) 2 Reference DTS/ESI-000041 Keywords electronic signature, security ETSI 650 Route des Luci

2、oles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http

3、:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the pr

4、inting on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http

5、:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and

6、 the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2007. All rights reserved. DECTTM, PLUGTESTSTM and UMTSTM are Trade Marks of ETSI registered for the benefit of its Members. TIPHONTMand the TIPHON logo are Trade Marks currently being reg

7、istered by ETSI for the benefit of its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TS 102 904 V1.1.1 (2007-02) 3 Contents Intellectual Property Rights5 Foreword.5 Introduction 5 1 Scope 6 2 References 6 3 Defini

8、tions and abbreviations.7 3.1 Definitions7 3.2 Abbreviations .7 4 General requirements .8 4.1 Algorithm requirements .8 4.2 Compliance requirements.8 5 XAdES profile for e-Invoicing.9 5.1 Elements defined in XML SIG.10 5.1.1 Placement of the signature10 5.2 Profile of elements in Basic XAdES form (X

9、AdES-BES).10 5.2.1 ds:KeyInfo and xades:SigningCertificate .10 5.2.2 Signing Time 10 5.2.3 Countersignatures .11 5.3 Additional attributes defined in XAdES.11 5.3.1 Signature time-stamp / time-mark 11 5.4 Additional attributes defined in XAdES for long term signatures11 5.4.1 Certificate references

10、11 5.4.2 Revocation status references.12 5.4.3 Certificate values 12 5.4.4 Revocation status values.12 5.4.5 Archive time-stamp.13 5.5 Other standards.13 5.5.1 X.509 Certificates .13 5.5.2 Certificate key usage for e-Invoicing13 5.5.3 Naming .14 6 XAdES profile for e-Government 14 6.1 Elements defin

11、ed in XML SIG.15 6.1.1 Placement of the signature15 6.2 Profile of elements in Basic XAdES form (XAdES-BES).15 6.2.1 ds:KeyInfo and xades:SigningCertificate .15 6.2.2 Signing Time 15 6.2.3 Countersignatures .15 6.3 Additional attributes defined in XAdES.16 6.3.1 Signature time-stamp / time-mark 16 6

12、.4 Additional attributes defined in XAdES for long term signatures16 6.4.1 Certificate references 16 6.4.2 Revocation status references.16 6.4.3 Certificate values 17 6.4.4 Revocation status values.17 6.4.5 Archive time-stamp.18 6.5 Other standards.18 6.5.1 X.509 Certificates .18 7 XAdES baseline pr

13、ofile18 7.1 Elements defined in XML SIG.18 7.1.1 Placement of the signature18 7.2 Profile of elements in Basic XAdES form (XAdES-BES).19 ETSI ETSI TS 102 904 V1.1.1 (2007-02) 4 7.2.1 ds:KeyInfo and xades:SigningCertificate .19 7.2.2 Signing Time 19 7.2.3 Countersignatures .19 7.3 Additional attribut

14、es defined in XAdES.20 7.3.1 Signature time-stamp / time-mark 20 7.4 Additional attributes defined in XAdES for long term signatures20 7.4.1 Certificate references 20 7.4.2 Revocation status references.20 7.4.3 Certificate values 21 7.4.4 Revocation status values.21 7.4.5 Archive time-stamp.21 7.5 O

15、ther standards.22 7.5.1 X.509 Certificates .22 Annex A (informative): Bibliography.23 History 24 ETSI ETSI TS 102 904 V1.1.1 (2007-02) 5 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these es

16、sential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest upda

17、tes are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the

18、 ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). Introduction TS 101 903 1 (XAdES henceforth) specifies formats for Advan

19、ced Electronic Signatures built on XML SIG 2. That document defines a number of signed and unsigned optional signature attributes, resulting in support for a number of variations in the signature contents and powerful processing requirements. In order to maximise interoperability in communities appl

20、ying XAdES to particular environments it is necessary to identify a common set of options that are appropriate to that environment. Such a selection is commonly called a profile. The present document defines three profiles that minimise the differences between implementations and so maximise interop

21、erability. The two first profiles are suitable for specific business areas, namely e-Invoicing and e-Government, respectively. The third profile provides a baseline for other application areas. Profiles specified in clauses 5, 6 and 7 are based on the actual usage of the XML SIG 2 and XAdES 1 option

22、s, as emerged from a survey conducted by ETSI over a substantial number of prominent European actors in the electronic signature domain. Therefore the following provisions represent a general consensus of the use of these standards and hence provide a reliable basis for maximising interoperability.

23、Nevertheless, in particular business areas and niches there may be specific needs and/or regulations that may require variations to these profiles. ETSI ETSI TS 102 904 V1.1.1 (2007-02) 6 1 Scope The present document profiles the use of TS 101 903 (XAdES) 1 signatures, based on XML SIG 2 for its use

24、 within the following specific environments as follows: e-Invoicing area. e-government area. a baseline for other application areas. These profiles do not repeat the base requirements of the referenced standards, but their aim is to maximise interoperability of XML-based advanced electronic signatur

25、es in the e-Invoicing and e-Government business areas. In addition to that, the baseline profile is given as basis for interoperability profiles in other application areas. Optional elements defined in XAdES 1 but not specified in the current document are treated as optional for both generator and v

26、erifiers. 2 References The following documents contain provisions which, through reference in this text, constitute provisions of the present document. References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For a specific reference

27、, subsequent revisions do not apply. For a non-specific reference, the latest version applies. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid a

28、t the time of publication ETSI cannot guarantee their long term validity. 1 ETSI TS 101 903: “XML Advanced Electronic Signatures (XAdES)“. 2 W3C-IETF: “XML-Signature Syntax and Processing“, W3C Recommendation, February 2002. 3 ITU-T Recommendation X.509 / ISO/IEC 9594-8: “Information technology - Op

29、en Systems Interconnection - The Directory: Public-key and attribute certificate frameworks“. 4 IETF RFC 3280: “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile“. 5 CEN Workshop Agreement 15579 (2006): “E-invoices and digital signatures“. NOTE: As a

30、fault has been identified in the 2006 version CWA 15579, it will be updated soon after publication of the present document. Implementations should refer to this revised version. 6 IETF RFC 2560: “X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP“. 7 ETSI TS 102 176-1

31、 (V1.2.1): “Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash functions and asymmetric algorithms“. 8 CEN Workshop Agreement 14171 (2004): “General guidelines for electronic signature verification“. ETSI ETSI TS 102 904 V1.1.1 (

32、2007-02) 7 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: generator: any party which creates, or adds attributes to, a signature NOTE: This may be the signatory or any party which initially verifies or further main

33、tains the signature. long term signatures: signatures that are expected to be verified beyond the signers certificate expiration date and, possibly, even after the expiration date of the certificate of the signers certificate-issuing CA NOTE: Refer to CWA 14171 8, clause 5.1. protocol element: eleme

34、nt of the protocol which may be including data elements and / or elements of procedure service element: element of service that may be provided using one or more protocol elements NOTE: All alternative protocol elements provide an equivalent service to the users of the protocol. short term signature

35、s: signatures that are to be verified for a period of time that does not go beyond the signers certificate expiration date NOTE: Refer to CWA 14171 8, clause 5.1. verifier: entity that validates or verifies an electronic signature The present document makes use of certain key words to signify requir

36、ements. Below follows their definitions: may: Means that a course of action is permissible within the limits of the present document. shall: Means that the definition is an absolute requirement of the present document. It has to strictly be followed in order to conform to the present document. shoul

37、d: Means that among several possibilities one is recommended as particularly suitable, without mentioning or excluding others, or that a certain course of action is preferred but not necessarily required. Implementers may know valid reasons in particular circumstances to ignore this recommendation,

38、but the full implications must be understood and carefully weighed before choosing a different course. 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: CA Certification Authority CEN European Committee for standardization CRL Certificate Revocation List

39、CWA CEN Workshop Agreement OCSP Online Certificate Status Protocol TSP Trusted Service Providers TST Time-Stamp Token XAdES XML Advanced Electronic Signatures NOTE: As per TS 101 903 1. XML eXtensible Markup Language XML SIG eXtensible Markup Language digital SIGnature NOTE: As per W3C/IETF recommen

40、dation referenced in 2. ETSI ETSI TS 102 904 V1.1.1 (2007-02) 8 4 General requirements 4.1 Algorithm requirements Implementers are strongly recommended to take into account TS 102 176-1 7 when selecting algorithms and key lengths. 4.2 Compliance requirements Profiles in the present document define s

41、eparated requirements for both generator and verifier of XAdES signatures. Requirements are grouped in four different categories, each one having its corresponding identifier. Table 1 defines these categories and their identifiers. Table 1: Requirement categories Identifier Requirement on generator

42、Requirement on verifier M Generator shall include the element in the signature. Verifier shall process the element. R Generator should include the element in the signature. Verifier shall process the element if present. O Generator may include the element in the signature. Verifier may either proces

43、s or ignore this element and process the rest of the signature. Clauses 5 to 7 specify additional requirements on signature formats that must be taken into account along with those ones already present in TS 101 903 (XAdES) 1 and XML SIG 2. Systems claiming to support the XAdES profile for e-Invoici

44、ng shall be compliant with requirements in clauses 5.1, 5.2, 5.3 and 5.5. Systems claiming to support the XAdES profile for e-Invoicing with support for long term signatures shall also be compliant with requirements in clause 5.4. Systems claiming to support the XAdES profile for e-Government shall

45、be compliant with requirements in clauses 6.1, 6.2, 6.3 and 6.5. Systems claiming to support the XAdES profile for e-Government with support for long term signatures shall also be compliant with requirements in clause 6.4. Systems claiming to support the baseline XAdES profile shall be compliant wit

46、h requirements in clauses 7.1, 7.2, 7.3 and 7.5. Systems claiming to support the baseline XAdES profile with support for long term signatures shall also be compliant with requirements in clause 7.4. Optional elements defined in XAdES 1 but not specified in the current document are treated as “O“ as

47、above for both generator and verifiers. In certain cases, elements are included marked with an “O“ for both generator and verifier to bring the readers“ attention to the fact that it is optional. Certain service elements may be provided by different protocol elements at users choice. In these cases

48、the semantics of M, R and O defined in the table above depend on the requirement for the service element itself. Tables 2 to 4 (each one applies to a different requirement on the service element) define these semantics. Table 2: Requirements for mandatory service with choices Requirement Identifier

49、for the Service / Protocol element Requirement on generator Requirement on verifier Service = M Generator shall provide the service by including one protocol element chosen from the list of choices. Verifiers shall be able to process at least one of the protocol elements in the list of choices. Protocol Choice = R Generator should use this protocol element for providing the mandatory service element. Verifiers shall process this protocol element if present. Protocol Choice = O Generator may use this protocol element

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1