You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It must be possible to validate the integrity of documents and metadata in the digital signature service many years after receipt. This is ensured by packing the information in a document package protected with digital signatures, as described below. In practice, this is a zip file with a given structure that contains a digital signature of the contents.
Standards
Standard
Document
Version
ETSI, ETSI TS 102 918
Electronic Signatures and Infrastructures (ESI); Associated Signature [1]
ETSI, 2013-06.
ETSI, ETSI TS 103 174
Electronic Signatures and Infrastructures (ESI); ASiC Baseline Profile [2]
ETSI, 2013-06.
ETSI, ETSI TS 101 903
Electronic Signatures and Infrastructures (ESI); XML Advanced Electronic Signatures (XAdES) [6]
ETSI, 2010-12.
ETSI, ETSI TS 103 171
Electronic Signatures and Infrastructures (ESI); XAdES Baseline Profile [7]
ETSI, 2012-03.
ASiC profile for the document package
The document is packaged in a document package together with metadata in accordance with ASiC (ETSI TS 102 918) [1], and further limited according to the profile defined in Baseline Profile (ETSI TS 103 174) [2]. Additional restrictions are as follows:
There should only be one signature in the META-INF catalogue, with the name signatures.xml. This signature shall cover all other files in the container, and the sender's organization certificate shall be used for signing.
equirements for the contents of Container” refererer til “6.2.2 punkt 4b) "META-INF/manifest.xml" if present […] i”ASiC":etsi1
This file should not be present
Signature in the document package
The document package should be signed by the “Data Controller”, but may be signed by the “Data Processor”.
The signature must be in accordance with XAdES (ETSI TS 101 903) [6] with the baseline profile defined in XAdES Baseline Profile (ETSI TS 103 171) [7] (B-Level Conformance). Additional restrictions are as follows:
The signing algorithm should be rsa-sha256. The finger print algorithm in the references should be sha256. The finger print algorithm in CertDigest should be sha1