ETSI - TS 101 903
XML Advanced Electronic Signatures (XAdES)
|Publication Date:||1 March 2006|
The present document defines XML formats for advanced electronic signatures that remain valid over long periods, are compliant with the European Directive and incorporate additional useful information in common uses cases. This includes evidence as to its validity even if the signer or verifying party later attempts to deny (repudiates) the validity of the signature.
The present document is based on the use of public key cryptography to produce digital signatures, supported by public key certificates.
The present document uses a signature policy, implicitly or explicitly referenced by the signer, as one possible basis for establishing the validity of an electronic signature.
The present document uses time-stamps or trusted records (e.g. time-marks) to prove the validity of a signature long after the normal lifetime of critical elements of an electronic signature and to support non-repudiation. It also specifies the optional use of additional time-stamps to provide very long-term protection against key compromise or weakened algorithms.
The present document then, specifies the use of the corresponding trusted service providers (e.g. time-stamping authorities), and the data that needs to be archived (e.g. cross certificates and revocation lists). An advanced electronic signature aligned with the present document can, in consequence, be used for arbitration in case of a dispute between the signer and verifier, which may occur at some later time, even years later.
The present document builds on the standards for Electronic Signatures defined in:
• IETF W3C: "XML-Signature Syntax and Processing" ;
• TS 101 733: "Electronic Signature Formats" ;
• ITU-T Recommendation X.509: "Information technology - Open Systems Interconnection - The Directory: Authentication framework" ;
• RFC 3261: "Internet X.509 Public Key Infrastructure Time-Stamp protocol (TSP)" .
NOTE: See clause 2 for a full set of references.
The present document, being built on the framework defined in  makes use of the terms defined there. Some of the definitions in  are repeated in the present document for the sake of completeness.
The present document:
• shows a taxonomy of the qualifying information (properties) that have to be present in an electronic signature to remain valid over long periods, to satisfy common use cases requirements, and to be compliant with the European Directive;
• specifies XML schema definitions for new elements able to carry or to refer to the aforementioned properties;
• specifies two ways for incorporating the qualifying information to XMLDSIG, namely either by direct incorporation of the qualifying information or using references to such information. Both ways make use of mechanisms defined in XMLDSIG.
Clause 2 in the present document contains references to relevant documents and standards.
Clause 4 gives an overview of the various types of advanced electronic signatures defined in the present document.
Clause 5 contains the namespace specification for the XML schema definitions appearing in the present document.
Clause 6 describes how the qualifying information is added to XMLDSIG.
Clause 7 contains the details (including schema definitions) of the elements where the qualifying information is included.
Clause 8 specifies conformance requirements for claiming endorsement to the present document.
Annex A is normative. It contains definitions for relevant concepts used throughout the present document.
Annex B is informative. It defines extended formats of advanced electronic signatures that include validation data and time-stamps for archival.
Annex C is informative. It presents details on some concepts used in the current specification.
Annex D is normative. It contains the whole set of schema definitions for the elements defined in the present document.
Annex E is informative. It contains the non normative DTD corresponding to the aforementioned schema.
Annex F is informative. It shows examples of how to incorporate qualifying information leading to the XML Advanced Electronic Signatures.
Annex G is informative. It presents certain technical rules that verifiers should take into account when verifying XAdES signatures.
Annex H contains bibliography.