ETSI - EN 319 162-1
Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC); Part 1: Building blocks and ASiC baseline containers
|Publication Date:||1 April 2016|
The present document specifies Associated Signature Containers (ASiC) which bind together into one single digital container based on ZIP  either detached digital signatures or time assertions, with a number of file objects (e.g. documents, XML structured data, spreadsheet, multimedia content) to which they apply.
The present document specifies general purpose ASiC containers building blocks and a limited set of baseline containers.
ASiC supports the following signature and time assertion formats:
• CAdES object incorporating CAdES signatures (ETSI EN 319 122-1  and ETSI EN 319 122-2 );
• XAdES signatures (ETSI EN 319 132-1  and ETSI EN 319 132-2 );
• IETF RFC 3161  and updated by IETF RFC 5816  time-stamp tokens; and
• IETF RFC 4998  or IETF RFC 6283  evidence records.
NOTE 1: No restriction is placed on time assertions eventually used within CAdES signatures or XAdES signatures.
The building blocks defined in the present document support additional features not supported by the aforementioned formats, such as time-stamping and CAdES signing of multiple content and XAdES parallel signatures, that can be used in other contexts.
The present document defines baseline containers which provide the basic features necessary for a wide range of business and governmental use cases for electronic procedures and communications to be applicable to a wide range of communities when there is a clear need for interoperability.
The present document aims at supporting associated signature containers in different regulatory frameworks.
NOTE 2: Specifically, but not exclusively, ASiC Associated Signature Containers specified in the present document aim at supporting electronic signature and electronic seal as per Regulation (EU) No 910/2014 [i.3].
The present document defines four levels of ASiC baseline containers addressing incremental requirements to maintain the availability and integrity of the containers over the long term, suitably profiled for reducing the optionality as much as possible, in a way that a certain level always addresses all the requirements already addressed at levels that are below it.
The present document does not address the identification of the validation policy to be used for verifying a container that contains time assertions.