scope:

The present document specifies the use of container structures, to bind together a number of signed objects (e.g. documents, XML structured data, spreadsheet, multimedia content) with either advanced electronic signatures or time-stamp tokens into one single digital container. This uses package formats based on ZIP [8] and supports the following signature and time-stamp token formats:

• CAdES (TS 101 733 [1]);

• XAdES (TS 101 903 [2]) detached signature(s);

• RFC 3161 [3] time-stamp tokens.

NOTE: No restriction is placed on the format of time-stamp tokens used within CAdES/XAdES. Other time-stamp token formats and methods could be considered in future versions of the present document.

A number of application environments use ZIP based container formats to package sets of files together with meta-information. ASiC technical specification is designed to operate with a range of such ZIP based application environments. Rather than enforcing a single packaging structure ASiC describes how these package formats can be used to associate advanced electronic signatures with any data objects. In particular, the present documents aim is to work with implementations of OCF (OEBPS Container Format), ODF (Open Office), UCF or any similarly structured container format to also comply with one of the modes of use ASiC. It is also the aim of the present document to address use of "virtual dossiers" container formats such as required in some pan-European projects.

• Clause 4 provides a general introduction and background to ASiC.

• Clause 5 describes simple formats which can be used for basic use cases where a single data object (e.g. a document), or a complete package of data objects have to be signed.

• Clause 6 describes extended formats for use cases providing much greater flexibility in data objects protected by an individual signature.

• Clause 7 defines conformance requirements for ASiC implementations.

• Annex A specifies container metadata and referencing rules.

• Annex B gives examples of the use of the ASiC for particular applications.

New elements are defined in the present document to support additional features such time-stamping and CAdES signing of multiple content and XAdES parallel signatures that may be used in other contexts.

The present document offers a basic support for TSTs, since it does not currently address:

• the identification of the validation policy to be used for verifying a container that contains the TST;

• the data that contains the certification path and related revocation information to verify the TST.

Reference to documents outside the container and long term verification of time-stamping and CAdES signing of multiple content using the extended form is out of the present document scope.