1、 ETSI TS 102 778-2 V1.2.1 (2009-07)Technical Specification Electronic Signatures and Infrastructures (ESI);PDF Advanced Electronic Signature Profiles;Part 2: PAdES Basic - Profile based on ISO 32000-1ETSI ETSI TS 102 778-2 V1.2.1 (2009-07)2Reference DTS/ESI-000072-2 Keywords e-commerce, electronic s
2、ignature, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the pre
3、sent document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case
4、 of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and
5、 other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorize
6、d by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2009. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered for the ben
7、efit of its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. LTE is a Trade Mark of ETSI currently being registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks r
8、egistered and owned by the GSM Association. ETSI ETSI TS 102 778-2 V1.2.1 (2009-07)3Contents Intellectual Property Rights 4g3Foreword . 4g3Introduction 4g31 Scope 6g32 References 6g32.1 Normative references . 6g32.2 Informative References 7g33 Definitions and Abbreviations 7g33.1 Definitions 7g33.2
9、Abbreviations . 8g34 Description of Profile for CMS Signatures in PDF 8g34.1 Introduction 8g34.2 Features 8g34.3 Time Stamping . 8g34.4 Revocation Checking . 9g34.5 Seed Values and Signature Policies . 9g35 Requirements of Profile for CMS Signatures in PDF 9g35.1 Requirements on PDF Signatures . 9g3
10、5.2 Requirements on PDF Conforming signature handlers 10g35.3 Requirements on Signature Validation . 10g35.4 Requirements on Time Stamping . 10g35.5 Requirements on Revocation Checking . 11g35.6 Requirements on Seed Values 11g3History 12g3ETSI ETSI TS 102 778-2 V1.2.1 (2009-07)4Intellectual Property
11、 Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essen
12、tial, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has
13、been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI
14、 Technical Committee Electronic Signatures and Infrastructures (ESI). The present document is part 2 of a multi-part deliverable covering PDF Advanced Electronic Signature Profiles. Full details of the entire series can be found in part 1 3. Introduction Electronic documents are a major part of a mo
15、dern companies business. Trust in this way of doing business is essential for the success and continued development of electronic business. It is, therefore, important that companies using electronic documents have suitable security controls and mechanisms in place to protect their documents and to
16、ensure trust and confidence with their business practices. In this respect the electronic signature is an important security component that can be used to protect information and provide trust in electronic business. The present document is intended to cover electronic signatures for electronic docu
17、ments. This includes evidence as to its validity even if the signer or verifying party later attempts to deny (i.e. repudiates; see ISO/IEC 10181-4 i.1) the validity of the signature. Thus, the present document can be used for any document encoded in a portable document format (PDF) produced by an i
18、ndividual and a company, and exchanged between companies, between an individual and a governmental body, etc. The present document is independent of any environment; it can be applied to any environment, e.g. smart cards, GSM SIM cards, special programs for electronic signatures, etc. The European D
19、irective on a community framework for Electronic Signatures defines an electronic signature as: “Data in electronic form which is attached to or logically associated with other electronic data and which serves as a method of authentication“. The formats defined in the present document, are able to s
20、upport advanced electronic signatures as defined in the Directive. ISO 32000-1 1 specifies a digital form for representing documents called the Portable Document Format (PDF) that enables users to exchange and view electronic documents easily and reliably, independent of the environment in which the
21、y were created or the environment in which they are viewed or printed. ISO 32000-1 identifies the ways in which an electronic signature may be used to authenticate the identity of a user and the accuracy of the documents content (see 1, clause 12.8). These signatures are based on the same structure
22、as CMS 4. Clause 12.8 of ISO 32000-1 identifies the ways in which a digital signature may be used to authenticate the identity of a user and the accuracy of the documents content. These digital signatures are based on the same CMS i.3 technology and techniques as TS 101 733 i.2 (CAdES), without the
23、extensions defined in CAdES for the purposes of long term validation but with the capability to carry revocation information (e.g. OCSP) as a signed attribute of the signature. ETSI ETSI TS 102 778-2 V1.2.1 (2009-07)5Therefore the following provisions represent a general consensus of the use of thes
24、e standards and hence provide a reliable basis for maximizing interoperability. Nevertheless, in particular business areas and niches there may be specific needs and/or regulations that may require variations to these profiles. ETSI ETSI TS 102 778-2 V1.2.1 (2009-07)61 Scope The present document pro
25、files the use of PDF signatures, as described in ISO 32000-1 and based on CMS i.3, for its use in any application areas where PDF is the appropriate technology for exchange of digital documents including interactive forms. This profile does not repeat the base requirements of the referenced standard
26、s, but instead aims to maximize interoperability of CMS-based electronic signatures in various business areas. Clause 4 provides a general informative description of the profile, while clause 5 specifies the normative conformance requirements of this profile. 2 References References are either speci
27、fic (identified by date of publication and/or edition number or version number) or non-specific. For a specific reference, subsequent revisions do not apply. Non-specific reference may be made only to a complete document or a part thereof and only in the following cases: - if it is accepted that it
28、will be possible to use all future changes of the referenced document for the purposes of the referring document; - for informative references. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While an
29、y hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. 2.1 Normative references The following referenced documents are indispensable for the application of the present document. For dated references, only the edition cited applies.
30、For non-specific references, the latest edition of the referenced document (including any amendments) applies. 1 ISO 32000-1 (2008): “Document management - Portable document format - Part 1: PDF 1.7“. NOTE: Available at http:/ 2 IETF RFC 2315: “PKCS #7: Cryptographic Message Syntax Version 1.5“. 3 I
31、TU-T Recommendation X.509 / ISO/IEC 9594-8: “Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks“. 4 IETF RFC 3280: “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile“. 5 IETF RFC 2560
32、: “X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP“. 6 IETF RFC 3161: “Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)“. 7 ETSI TS 102 176-1: “Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signat
33、ures; Part 1: Hash functions and asymmetric algorithms“. 8 ISO 19005-1:2005, Document management - Electronic document file format for long-term preservation - Part 1: Use of PDF 1.4 (PDF/A-1). ETSI ETSI TS 102 778-2 V1.2.1 (2009-07)72.2 Informative References The following referenced documents are
34、not essential to the use of the present document but they assist the user with regard to a particular subject area. For non-specific references, the latest version of the referenced document (including any amendments) applies. i.1 ISO/IEC 10181-4: “Information technology - Open Systems Interconnecti
35、on - Security frameworks for open systems: Non-repudiation framework“. i.2 ETSI TS 101 733 (V1.7.4): “Electronic Signatures and Infrastructures (ESI); CMS Advanced Electronic Signatures (CAdES)“. i.3 IETF RFC 3852: “Cryptographic Message Syntax (CMS)“. i.4 IETF RFC 3281: “An Internet Attribute Certi
36、ficate Profile for Authorization“. 3 Definitions and Abbreviations 3.1 Definitions For the purposes of the present document, the terms and definitions given in ISO 32000-1 1 and the following apply: certification signature: signature that is used in conjunction with Modification Detection Permission
37、s (MDP) as defined by ISO 32000-1 1, clause 12.8.2.2 conforming signature handler: software application, or part of a software application, that knows how to perform digital signature operations (e.g. signing and/or verifying) in conformance with ISO 32000-1 1 and the requirements of the appropriate
38、 profile PDF serial signature: specific signature workflow where the second (and subsequent) signers of a PDF not only sign the document but also the signature of the previous signer and any modification that may also have taken place (e.g. form fill-in) PDF signature: DER-encoded PKCS#7 binary data
39、 object containing a digital signature and other information necessary to verify the digital signature such as the signers certificate along with any supplied revocation information seed value dictionary: PDF data structure, of type dictionary, as described in ISO 32000-1 1, clause 12.7.4.5, table 2
40、34, that contains information that constrains the properties of a signature that is applied to a specific Signature field signature dictionary: PDF data structure, of type dictionary, as described in ISO 32000-1 1, clause 12.8.1, table 252 that contains all the of information about the Digital Signa
41、ture The present document makes use of certain keywords to signify requirements. Below follows their definitions: may: means that a course of action is permissible within this profile shall: means that the definition is an absolute requirement of this profile NOTE: It has to strictly be followed in
42、order to conform to the present document. should: means that among several possibilities one is recommended, in this profile, as particularly suitable, without mentioning or excluding others, or that a certain course of action is preferred but not necessarily required NOTE: Implementers may know val
43、id reasons in particular circumstances to ignore this recommendation, but the full implications must be understood and carefully weighed before choosing a different course. ETSI ETSI TS 102 778-2 V1.2.1 (2009-07)83.2 Abbreviations For the purposes of the present document, the following abbreviations
44、 apply: CAdES CMS Advanced Electronic Signatures NOTE: As per TS 101 733 i.2. CMS Cryptographic Message Syntax CRL Certificate Revocation List OCSP Online Certificate Status Protocol PDF Portable Document Format 4 Description of Profile for CMS Signatures in PDF 4.1 Introduction This profile specifi
45、es a PDF signature as specified in ISO 32000-1:2008 1 that enables greater interoperability for PDF Signatures by providing additional restrictions beyond those of ISO 32000-1 1. 4.2 Features Signature encoded in CMS as defined by PKCS #7 1.5 (see RFC 2315 2). Supports serial signatures. Optionally
46、includes signature time-stamp. Optionally includes revocation information. Signature protects integrity of the document and authenticates the signatory. Signature can optionally include the “reasons“ for the signature. Signature can optionally include a description of the location of signing. Signat
47、ure can optionally include contact info of the signatory. A “legal content attestation“ can be used to indicate to the relying party the PDF capabilities which may affect the signed document (e.g. JavaScript). 4.3 Time Stamping When a digital signature is applied to a document, a conforming signatur
48、e handler may choose to stamp it with the signers local machine time, and that is what may appear in the signature appearance. Because a user can set that time forward or back on their computer, that time is usually not trusted. Therefore a timestamp from a trusted timestamp server should instead be
49、 applied on the digital signature as soon as possible after the signature is created so the timestamp reflects the time at which the document was signed. A conforming signature handler that is signing a document should be sure that no other user actions take place between the creation of the signature and obtaining the timestamp. Timestamps fulfil a critical need in the validation process: if a conforming signature handler validates and times
