1、 ETSI TS 102 853 V1.2.1 (2014-12) Electronic Signatures and Infrastructures (ESI); Signature validation procedures and policies TECHNICAL SPECIFICATION ETSI ETSI TS 102 853 V1.2.1 (2014-12)2Reference RTS/ESI-0002853v121 Keywords electronic signature, security, trust services ETSI 650 Route des Lucio
2、les F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org The pre
3、sent document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such vers
4、ions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the c
5、urrent status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be repro
6、duced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restrictio
7、n extend to reproduction in all media. European Telecommunications Standards Institute 2014. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its M
8、embers and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 853 V1.2.1 (2014-12)3Contents Intellectual Property Rights 6g3Foreword . 6g3Modal verbs terminology 6g3Introduction 6g31 Scope 7g32 References 7g32.1 Nor
9、mative references . 7g32.2 Informative references 8g33 Definitions and abbreviations . 9g33.1 Definitions 9g33.2 Abbreviations . 10g34 Introduction to signature validation . 11g34.1 Status indication of the signature validation process 11g34.2 Validation Constraints 15g34.3 X.509 certificate meta-da
10、ta 16g34.4 Trust Management 16g34.5 The concept of revocation freshness 16g35 Basic Building Blocks 17g35.1 Identification of the Signers Certificate (ISC) . 18g35.1.1 Description 18g35.1.2 Inputs 18g35.1.3 Outputs 18g35.1.4 Processing . 19g35.1.4.1 XAdES processing 19g35.1.4.2 CAdES processing 19g3
11、5.1.4.3 PAdES processing . 20g35.2 Validation Context Initialization (VCI) 20g35.2.1 Description 20g35.2.2 Inputs 20g35.2.3 Outputs 20g35.2.4 Processing . 20g35.2.4.1 Processing commitment type indication 21g35.2.4.1.1 XAdES Processing 21g35.2.4.2 Processing Signature Policy Identifier 21g35.3 X.509
12、 Certificate Validation (XCV) 22g35.3.1 Description 22g35.3.2 Inputs 22g35.3.3 Outputs 22g35.3.4 Processing . 22g35.4 Cryptographic Verification (CV) . 23g35.4.1 Description 23g35.4.2 Inputs 23g35.4.3 Outputs 24g35.4.4 Processing . 24g35.5 Signature Acceptance Validation (SAV) 24g35.5.1 Description
13、24g35.5.2 Inputs 24g35.5.3 Outputs 25g35.5.4 Processing . 25g35.5.4.1 Processing AdES properties/attributes 26g35.5.4.2 Processing signing certificate reference constraint . 26g35.5.4.3 Processing claimed signing time . 26g3ETSI ETSI TS 102 853 V1.2.1 (2014-12)45.5.4.4 Processing signed data object
14、format 26g35.5.4.5 Processing indication of production place of the signature . 26g35.5.4.6 Processing Time-stamps on signed data objects . 27g35.5.4.7 Processing Countersignatures . 27g35.5.4.8 Processing signer attributes/roles 27g36 Basic Validation Process 27g36.1 Description . 27g36.2 Inputs 28
15、g36.3 Outputs . 28g36.4 Processing. 28g37 Validation Process for Time-Stamps 29g37.1 Description . 29g37.2 Inputs 30g37.3 Outputs . 30g37.4 Processing. 30g38 Validation Process for AdES-T 30g38.1 Description . 30g38.2 Inputs 30g38.3 Outputs . 31g38.4 Processing. 31g38.4.1 Message Imprint Verificatio
16、n of the signature-timestamp for XAdES . 32g38.4.2 Message Imprint Verification of the signature-time-stamp for CAdES/PAdES . 32g39 Validation of LTV forms 32g39.1 The concept of Proof Of Existence (POE) . 33g39.2 Additional Building blocks. 33g39.2.1 Past certificate validation 33g39.2.1.1 Descript
17、ion 33g39.2.1.2 Input 34g39.2.1.3 Output . 34g39.2.1.4 Processing . 34g39.2.2 Control-time sliding process . 34g39.2.2.1 Description 34g39.2.2.2 Input 35g39.2.2.3 Output . 35g39.2.2.4 Processing . 35g39.2.3 POE extraction 36g39.2.3.1 Description 36g39.2.3.2 Input 36g39.2.3.3 Output . 36g39.2.3.4 Pro
18、cessing . 37g39.2.3.4.1 Extraction from a time-stamp on the signature 37g39.2.3.4.2 Extraction from a time-stamp on certificates and revocation references . 37g39.2.3.4.3 Extraction from a time-stamp on the signature and certificates and revocation references . 37g39.2.3.4.4 Extraction from an archi
19、ve-time-stamp . 37g39.2.3.4.5 Extraction from a long-term-validation attribute . 37g39.2.3.4.6 Extraction from a PDF document time-stamp . 38g39.2.4 Past signature validation process 38g39.2.4.1 Description 38g39.2.4.2 Input 38g39.2.4.3 Output . 38g39.2.4.4 Processing . 39g39.3 Long Term Validation
20、Process . 39g39.3.1 Description 39g39.3.2 Input 40g39.3.3 Output . 40g39.3.4 Processing . 40g3Annex A (informative): Validation Constraints 43g3A.1 X.509 Certificate path validation constraints . 43g3ETSI ETSI TS 102 853 V1.2.1 (2014-12)5A.2 Constraints on X.509 Certificate meta-data . 45g3A.3 Crypt
21、ographic Constraints 46g3A.4 Constraints on Signature Elements . 46g3Annex B (informative): Certificate Meta-Data 47g3Annex C (informative): Validation Examples 48g3C.1 General remarks and assumptions 48g3C.2 Symbols 49g3C.3 Example 1: Revoked certificate . 49g3C.3.1 AdES-BES/EPES . 50g3C.3.2 AdES-T
22、 50g3C.4 Example 2: Revoked CA certificate . 51g3C.4.1 AdES-BES/EPES . 51g3C.4.2 AdES-T 52g3C.4.3 LTV 52g3Annex D (informative): Validation process versus signature conformance levels 55g3History 56g3ETSI ETSI TS 102 853 V1.2.1 (2014-12)6Intellectual Property Rights IPRs essential or potentially ess
23、ential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs noti
24、fied to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to
25、 the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Electronic Signatures and Infrastruc
26、tures (ESI). Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “may not“, “need“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of prov
27、isions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. Introduction The present document defines an algorithm to validate electronic signatures, with special consideration on signature validation of “old“ electronic signatures, where certificates may
28、 have expired or been revoked or even the usage period of algorithms have been exceeded. It does so by capitalizing on security measures that have been applied by e.g. the signer or previous verifiers and ensures that such signatures still can be validated. It is agnostic to the type of security mea
29、sures; while it is primarily aiming at Advanced Electronic Signatures, which provide such features intrinsically, but it also allows for variations, like classical archiving services, where the security measures may also be non-cryptographic. The way the algorithm is presented aims at clarity and un
30、derstandability. It is not assumed, nor recommended, that the algorithm will be implemented as described. Efficiency and other implementational aspects were not considered. A conformant implementation will provide the same results, however, as the algorithm here would. An efficient implementation wi
31、ll need to reorder steps in algorithms, use caching of results wherever possible and do things in parallel, if possible. Signature validation is driven by a signature validation policy. The algorithm presented here supports such policies. It is assumed that the validator, represented by the driving
32、application, provides such a policy in possibly different forms - as a formal policy, as a set of configuration parameters, or by the way the algorithm has been implemented. To avoid confusing terms, the term constraint is used for a single policy rule that influences decisions made by the algorithm
33、. A formal signature policy, as specified in i.3, can provide a set of constraints, which may be used exclusively or may be combined with other constraints (e.g. coming from local configuration). ETSI ETSI TS 102 853 V1.2.1 (2014-12)71 Scope The present document specifies procedures for establishing
34、 whether an electronic signature is technically valid based on the considerations specified in the present document and the validation constraints are applied to the verification procedures. These constraints may be specified as part of a formal signature policy. It is outside the scope of the prese
35、nt document as to whether a signature is accepted by the relying party and specifically if it bears legal validity. NOTE: Factors outside the scope of the present document, such as delays in reporting revocations or unintended data errors in a document, may impact on the signature and so may need to
36、 be taken into account in considering the technical validity of a signature in case of dispute. 2 References References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-sp
37、ecific references, the latest version of the reference document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were va
38、lid at the time of publication, ETSI cannot guarantee their long term validity. 2.1 Normative references The following referenced documents are necessary for the application of the present document. 1 ETSI TS 101 903 (V1.4.2): “Electronic Signatures and Infrastructures (ESI); XML Advanced Electronic
39、 Signatures (XAdES)“. 2 ETSI TS 101 733 (V2.1.1): “Electronic Signatures and Infrastructures (ESI); CMS Advanced Electronic Signatures (CAdES)“. 3 ETSI TS 102 231: “Electronic Signatures and Infrastructures (ESI); Provision of harmonized Trust-service status Information“. 4 IETF RFC 5280: “Internet
40、X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile“. 5 ETSI TS 101 862: “Qualified certificate Profile“. 6 ISO/IEC 9594-8:2014: “Information technology - Open Systems Interconnection - The Directory - Part 8: Public-key and attribute certificate frameworks“. 7
41、ETSI TS 101 456: “Electronic Signatures and Infrastructures (ESI); Policy requirements for certification authorities issuing qualified certificates“. 8 ETSI TS 102 042: “Electronic Signatures and Infrastructures (ESI); Policy requirements for certification authorities issuing public key certificates
42、“. 9 Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. 10 W3C Recommendation (2008): “XML Signature Syntax and Processing“. 11 IETF RFC 3161: “Internet X.509 Public Key Infrastructure; Time-Stamp Protocol (TSP)“
43、. ETSI ETSI TS 102 853 V1.2.1 (2014-12)812 ETSI TS 102 778-1: “Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles; Part 1: PAdES Overview - a framework document for PAdES“. 13 ETSI TS 102 778-3: “Electronic Signatures and Infrastructures (ESI); PDF Advanced E
44、lectronic Signature Profiles; Part 3: PAdES Enhanced - PAdES-BES and PAdES-EPES Profiles“. 14 ETSI TS 102 778-4: “Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles; Part 4: PAdES Long Term - PAdES LTV Profile“. 15 ETSI TS 102 778-5: “Electronic Signatures an
45、d Infrastructures (ESI); PDF Advanced Electronic Signature Profiles; Part 5: PAdES for XML Content - Profiles for XAdES signatures“. 16 IETF RFC 5652: “Cryptographic Message Syntax (CMS)“. 17 IETF RFC 4998: “Evidence Record Syntax (ERS)“. 18 ETSI TS 103 171: “Electronic Signatures and Infrastructure
46、s (ESI); XAdES Baseline Profile“. 19 ETSI TS 103 172: “Electronic Signatures and Infrastructures (ESI); PAdES Baseline Profile“. 20 ETSI TS 103 173: “Electronic Signatures and Infrastructures (ESI); CAdES Baseline Profile“. 2.2 Informative references The following referenced documents are not necess
47、ary for the application of the present document but they assist the user with regard to a particular subject area. i.1 IETF RFC 4158: “Internet X.509 Public Key Infrastructure: Certification Path Building“. i.2 ETSI TR 102 272: “Electronic Signatures and Infrastructures (ESI); ASN.1 format for signa
48、ture policies“. i.3 ETSI TR 102 038: “TC Security - Electronic Signatures and Infrastructures (ESI); XML format for signature policies“. i.4 “Certificate Validation: back to the past“, Moez Ben MBarka and Julien Stern, EuroPKI 2011, 15-16 September 2011, Leuven - Belgium. i.5 ECRYPT II Yearly Report
49、 on Algorithms and Keysizes (2010-2011), Revision 1.0, 30. June 2011. i.6 Commission Decision 2009/767/EC of 16 October 2009 setting out measures facilitating the use of procedures by electronic means through the points of single contact under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market. Corrigenda OJ L 299, 14.11.2009, p. 18-54 as amended by Commission Decision 2010/425/EU and by Commission Decision 2013/662/EU. i.7 Directive 2006/123/EC of the European Pa
