1 / 9

Comprehensive Signature Verification Report Profile

Comprehensive Signature Verification Report Profile. Provides support for multiple signatures for comprehensive signature verification reports for XML-Signatures [RFC 3275], [ETSI 101903] CMS-Signatures [RFC 3852], [ETSI 101733] Time Stamps [RFC 3161], [OASIS DSS]

ania
Télécharger la présentation

Comprehensive Signature Verification Report Profile

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Comprehensive Signature Verification Report Profile • Provides support • for multiple signatures • for comprehensive signature verification reports for • XML-Signatures [RFC 3275], [ETSI 101903] • CMS-Signatures [RFC 3852], [ETSI 101733] • Time Stamps [RFC 3161], [OASIS DSS] • Public-Key Certificates [RFC 5280] • Certificate Revocation Lists [RFC 5280] • Attribute Certificates [RFC 3281] • OCSP-Responses [RFC 2560] • Evidence Records [RFC 4998] • arbitrary other structures (in additional profiles)

  2. Comprehensive Signature Verification Report Profile • For each verified signature an individual report is issued, which includes: • Details on cryptographic verification of the signature. • For each certificate in the certification path: • Details on the cryptographic verification • Details on their status (this may include references or values of CRLs and OCSP responses for instance). • Details on certificate in their certification paths • Details on the signed and unsigned properties present within the signature.

  3. Comprehensive Signature Verification Report Profile • If time-stamps are present within the signature,for each one, the report includes: • Details on the cryptographic verification of the time-stamp itself. • For each certificate in the certification path of time-stamp certificate: • Details on the cryptographic verification • Details on their status (this may include references or values of CRLs and OCSP responses for instance). • Details on certificate in their certification paths • Details of the checks performed against the Trusted Status Lists providing information of the status of the Trusted Services Providers issuing PKI related material.

  4. Among which, time-stamps FormatOK Properties DetailedSignatureReport VerifyManifestResultst SignatureOK CertificatePathValidity PathValiditySummary CertificateIdentifier PathValidityDetail Details on all the cer- tificates in the path (in next slide)

  5. CertificateIdentifier PathValidityDetail Subject ChainingOK TSLValidity CertificateValidity ValidityPeriodOK ExtensionsOK Details XML encoded of contents of this certificate. CertificateValue CertificateContent SignatureOK CertificateStatus Details on the status of this certificate (including CRL, OCSP responses) in next slide

  6. Details certification path for the CRL itself Details certification path for the OCSP Response itself CertStatusOK RevocationDate RevocationInfo RevocationReason CertificateStatus CRLValidity CRLReference OCSPValidity RevocationEvidence OCSPReference Other

  7. Details on the status f this certificate (including CRL, OCSP responses) RevocationDate CertificateStatus RevocationReason ChainingOK CertiStatusOK RevocationInfo ValidityPeriodOK ExtensionsOK Details XML encoded of contents of this certificate. CertificateValue CertificateContent SignatureOK CertificateStatus

  8. Optional Input / Output

  9. Individual Structures Structure of IndividualReport

More Related