Levels of the existing and upcoming versions of XAdES

MURATA Makoto eb2m-mrt at asahi-net.or.jp
Tue Jun 9 02:32:24 CEST 2015


John,

2015-06-09 8:37 GMT+09:00 John Haug <johnhaug at exchange.microsoft.com>:

>  This is what I’ve been looking at recently in preparation for next
> week’s meeting.  Can you (or someone you’ve been talking to) what is meant
> by this?  In 6.2.2 “Notation for requirements” there is a listing of the
> meanings of various cell values in the large table showing which elements /
> qualifying properties / services apply to which XAdES level.  The last item
> under #5 reads:
>
> "*": means that the qualifying property or signature’s element (service)
> identified in the first column
>
> should not be incorporated to the signature (provided) in the
> corresponding level. Upper signature levels
>
> may specify other requirements.
>
>
>
> Comparing to “shall not be present” it seems the key difference is “should
> not” vs. “shall not”.  The example at the bottom of 6.2.2 looks at
> CompleteCertificateRefs.  The table entry for that row shows “*” for B-B
> and B-T and “shall not be present” for B-LT and B-LTA.  Does that mean rows
> using “*” and “shall not be present” are effectively deprecating those
> elements/properties?  These rows comprise four elements used in XAdES-C
> plus the RefsOnlyTimeStamp and SigAndRefsTimeStamp.
>

I have also been thinking about the same thing.  I will e-mail JNSA.

>
>
> Ultimately, I’m trying to compare the current XAdES levels with the
> upcoming ones and I can only see doing so by comparing which elements are
> allowed in each.  (Wouldn’t it be nice if there existed a schema for each
> level?)
>

I did create a set of RNG schemas for the current XAdES.  One driver file
for each
conformance level.  Unfortunately, mine is based on
the "misunderstanding"  that -A requires -C.  My schemas are available at
http://www.asahi-net.or.jp/~eb2m-mrt/XAdES.zip

Regards,
Makoto


>
> John
>
>
>
> *From:* eb2mmrt at gmail.com [mailto:eb2mmrt at gmail.com] *On Behalf Of *MURATA
> Makoto
> *Sent:* Sunday, June 7, 2015 4:41 AM
> *To:* SC34
> *Subject:* Levels of the existing and upcoming versions of XAdES
>
>
>
> 1. Existing XAdES
>
>
>
> The existing XAdES (ETSI TS 101 903 V1.4.2) has four forms and three
>
> advanced forms.
>
>
>
> Four forms
>
>
>
>     Basic Electronic Signature (XAdES-BES)
>
>     Explicit Policy based Electronic Signature (XAdES-EPES)
>
>     Electronic Signature with Validation Data (XAdES-T and XAdES-C).
>
>
>
> Three advanced forms
>
>
>
>     Extended signatures with time forms (XAdES-X)
>
>     Extended long electronic signatures with time (XAdES-X-L)
>
>     Archival electronic signatures (XAdES-A)
>
>
>
> Conformant generators must support either XAdES-BES or XAdES-EPES,
>
> while conformance verifiers must support either XAdES-BES or
>
> XAdES-EPES.  Conformnace requirements on XAdES-T and those on XAdES-C
>
> are defined, but generators or verifiers are not required to support
>
> them.  Conformance requirements on XAdES-X, XAdES-X-L, or XAdES-A are
>
> not defined.
>
>
>
> ISO 14533-2(=JIS X5093) defines different conformance requirements.
>
> One is the support of XAdES-T, and the other is the support of
>
> XAdES-A.
>
>
>
> 2. Upcoming XAdES
>
>
>
> The upcoming XAdES (Draft EN 319 132-1 and Draft EN 319 132-2)
>
> provides four XAdES baseline signature levels (132-1) and
>
> some additional levels (in 132-2).
>
>
>
> 2.1 Baseline signature levels
>
>
>
> a) B-B (some signed and some unsigned qualifying properties)
>
>
>
> b) B-T (trusted token proving that the signature itself actually
>
> existed at a certain date and time.)
>
>
>
> c) B-LT (all the material required for validation)
>
>
>
> d) B-LTA (time-stamps that allow validation long time after the generation)
>
>
>
> 2.2 Additional  levels
>
>
>
> There are:
>
>
>
> XAdES-E-BES
>
> XAdES-E-EPES
>
> XAdES-E-T
>
>
>
> XAdES-E-C
>
> XAdES-E-X
>
> XAdES-E-X-Long
>
> XAdES-E-X-L
>
>
>
> XAdES-E-A signatures built on XAdES-E-T
>
> XAdES-E-A signatures built on XAdES-E-C, XAdES-E-X, XAdES-E-X-Long, and
> XAdES-E-X-L
>
>
>
> Regards,
>
> Makoto
>



-- 

Praying for the victims of the Japan Tohoku earthquake

Makoto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.vse.cz/pipermail/sc34wg4/attachments/20150609/8f9f1e4e/attachment.html>


More information about the sc34wg4 mailing list