ETSI - TS 102 918
Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC)
|Publication Date:||1 June 2013|
The present document specifies the use of container structures, to bind together a number of signed objects (e.g. documents, XML structured data, spreadsheet, multimedia content) with either detached advanced electronic signatures or time-stamp tokens into one single digital container based on ZIP  and supporting the following signature and time-stamp token formats:
• CAdES (TS 101 733 );
• XAdES (TS 101 903 );
• RFC 3161  time-stamp tokens.
NOTE 1: No restriction is placed on the format of time-stamp tokens used within CAdES/XAdES.
Other time-stamp token formats and methods could be considered in future versions of the present document.
A number of application environments use ZIP based container formats to package sets of data objects together with meta-information. ASiC technical specification is designed to operate with a range of such ZIP based application environments. Rather than enforcing a single packaging structure ASiC describes how these container formats can be used to associate advanced electronic signatures with any data objects. In particular, the present documents aim is to work with implementations of OCF (OEBPS Container Format), ODF (Open Office), UCF or any similarly structured container format to also comply with one of the modes of use ASiC. It is also the aim of the present document to address use of "virtual dossiers" container formats such as required in some pan-European projects.
• Clause 4 provides a general introduction and background to ASiC.
• Clause 5 describes simple form which can be used for basic use cases where a single data object (e.g. a document), or a container has to be signed.
• Clause 6 describes extended form for use cases providing much greater flexibility in data objects protected by an individual signature.
• Clause 7 defines conformance requirements for ASiC implementations.
• Annex A specifies container metadata and referencing rules.
• Annex B gives examples of the use of the ASiC for particular applications.
New elements are defined in the present document to support additional features such time-stamping and CAdES signing of multiple content and XAdES parallel signatures that may be used in other contexts.
The present document offers a basic support for TSTs, since it does not currently address:
• the identification of the validation policy to be used for verifying a container that contains the TST;
• the data that contains the certification path and related revocation information to verify the TST.
NOTE 2: In the present version of this document reference to documents outside the container is not allowed and long term verification is out of scope.