Certipost e-signing Services. Rev Description of Change Author Date

Transcription

1 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 1 f 12 Rev Descriptin f Change Authr Date 1.0 First Versin Wim Culier 15/06/2007 Clarificatins t enable this plicy t be used fr mre prducts Wim Culier 23/08/ Intrductin. Scpe This dcument cvers the plicy rules that are used t state under which cnditins an electrnic signature generatin and validatin methds are valid when used within the cntext f the Certipst e-signing service f Handwritten Equivalent level. Mrever, the present dcument sets the rles and bligatins f all actrs invlved in the e-signing Handwritten Equivalent transactins. These rights and bligatins fr entities invlved in e-signing Handwritten Equivalent transactins are stated in the frm f bth cntract bligatins and technical requirements. Finally, the present dcument versees the technical standards and peratins used t create the electrnic signatures thrugh the Certipst e-signing Handwritten Equivalent service Organizatin f the dcument The rganizatin f this dcument is based n the signature plicy framewrk as defined in ETSI TR v.1: Signature plicy reprt Preceding language versin This dcument is translated in several languages. In case f cnflicting cntent between the different languages, the English versin precedes. The different language versins can be fund in the fllwing lcatin: English versin: Signing_HandwrittenEquivalentSignaturePlicy_EN_v.pdf Dutch versin (Nederlandstalige versie): Signing_HandwrittenEquivalentSignaturePlicy_NL_v.pdf French versin (versin francphne): Signing_HandwrittenEquivalentSignaturePlicy_FR_v.pdf 1.4. Definitins Advanced Electrnic Signature: means an electrnic signature that meets the fllwing requirements: It is uniquely linked t the signatry; It is capable f identifying the signatry; It is created using means that the signatry can maintain under his sle cntrl; and It is linked t the data t which it relates in such a manner that any subsequent change f the data is detectable. Certificatin Authrity (CA): An authrity trusted by ne r mre users t create and assign certificates. Optinally the certificatin authrity may create the users keys. Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

2 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 2 f 12 Certificate identifier: a unique identifier f a Certificate cnsisting f the name f the CA and f the certificate serial number assigned by the CA. Certificate Plicy: A named set f rules that indicates the applicability f a certificate t a particular cmmunity and/r class f applicatin with cmmn security requirements. Certificate Validity perid: The time interval during which the CA warrants that it will maintain infrmatin abut the status f the certificate. Certificate revcatin list: a list cntaining the serial numbers f revked certificates frm a given CA, tgether with ther revcatin infrmatin. Certificatin path: A chain f multiple certificates, cmprising a certificate f the public key wner (the end entity) signed by ne CA, and zer r mre additinal certificates f CAs signed by ther CAs. Certificatin Service Prvider: an entity r a legal r natural persn wh issues certificates r prvides ther services related t electrnic signatures; [EC 1999/93] CRL distributin pint: A directry entry r ther distributin surce fr CRLs; a CRL distributed thrugh a CRL distributin pint may cntain revcatin entries fr nly a subset f the full set f certificates issued by ne CA r may cntain revcatin entries fr multiple CAs. Data t be signed (DTBS): the cmplete electrnic data t be signed (including bth Signer's Dcument and Signature Attributes) Digital signature: data appended t, r a cryptgraphic transfrmatin f, a data unit that allws a recipient f the data unit t prve the surce and integrity f the data unit and prtect against frgery, e.g. by the recipient. e-signing Framewrk: The Certipst e-signing framewrk is the whle f the Certipst e-signing signature plicies and the cmpnent enfrcing cmpliance t the plicy in questin fr creating and verifying e-signing signatures. This framewrk can be used by different frnt-end applicatins as part f a Certipst prduct r service. e-signing Handwritten Equivalent Service: e-signing Service that is limited t the creatin f signatures accrding t the present Signature Plicy (Handwritten Equivalent signatures). e-signing Service: Any prduct r service that makes use f the Certipst e-signing Framewrk t create electrnic signatures fr the user f the service. Since this dcument is limited t the Handwritten Equivalent type f signature, when this term is mentined further in this dcument this means the e-signing Handwritten Equivalent Service. End entity: A certificate subject that uses its public key fr purpses ther than fr signing certificates. Electrnic signature: means data in electrnic frm that are attached t r lgically assciated with ther electrnic data Hash functin: A functin that maps string f bits t fixed-length strings f bits, satisfying the fllwing tw prperties: - It is cmputatinally unfeasible t find fr a given utput an input that maps t this utput - It is cmputatinally unfeasible t find fr a given input a secnd input which maps t the same utput Initial verificatin: a prcess perfrmed by a Verifier that must be dne sn after a signature is generated in rder t capture the infrmatin that will make it valid fr lng term verificatin. Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

3 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 3 f 12 Object identifier: a sequence f numbers that uniquely and permanently references an bject. OCSP: see Online Certificate Status Prtcl Online certificate status prtcl: real time n line trusted surce f certificate status infrmatin. Parallel signature: the applicatin f separate independent signatures t the same Signer s dcument Public key: That key f an entity s asymmetric key pair that can be made public Private key: That key f an entity's asymmetric key pair that shuld nly be used by that entity. Qualified certificate: a certificate which meets the requirements laid dwn in Annex I f the Directive and is prvided by a certificatin-service-prvider wh fulfils the requirements laid dwn in Annex II f the Directive [EC 1999/93] Qualified electrnic signature: an advanced electrnic signature which is based n a qualified certificate and which is created by a secure-signature-creatin device (Nte: Definitin f Art. 5.1 signature taken frm the Directive [4]). Secure Signature Creatin Device: means a signature creatin device that meets the requirements laid dwn in [4], Annex III. Signature attributes: Additinal infrmatin that is signed tgether with the Signer's Dcument. Signature creatin data: means unique data, such as cdes r private cryptgraphic keys, which are used by the signatry t create an electrnic signature. Signature creatin device: means cnfigured sftware r hardware used t implement the signature creatin data. Signature plicy: a set f technical and prcedural requirements fr the creatin and verificatin f an electrnic signature, under which the signature can be determined t be valid. Signature plicy identifier: Object Identifier that unambiguusly identifies a Signature Plicy. Signature plicy issuer: An rganizatin that creates, maintains and publishes a signature plicy. Signature plicy issuer name: A name f a Signature Plicy Issuer. Signature verificatin: a prcess perfrmed by a Verifier either sn after the creatin f an electrnic signature r later t determine if an electrnic signature is valid against a signature plicy implicitly r explicitly referenced. Signature verificatin data: data, such as cdes r public cryptgraphic keys, which are used fr the purpse f verifying an electrnic signature; [EC 1999/93] Signature verificatin device: cnfigured sftware r hardware used t implement the signature verificatindata [EC 1999/93] Signer: Entity that creates an (electrnic) signature (physical r legal persn). Signer s identity: the registered name f the Signer (i.e. as registered by the CSP supplying the Signer s certificate). Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

4 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 4 f 12 Signer s dcument: The electrnic data t which the electrnic signature is attached t r lgically assciated with. Time-Mark: A prf-f-existence fr a datum at a particular pint in time, in the frm f a recrd in a secure audit trail, which includes at least a trustwrthy time value and a hash representatin f the datum. Time stamp: A prf-f-existence fr a date at a particular pint in time, in the frm f a data structure signed by a Time Stamping Authrity, which includes at least a trustwrthy time value, a unique identifier fr each newly generated time stamp, an identifier t uniquely indicate the time-stamp plicy under which the time stamp was created, a hash representatin f the datum, i.e. a data imprint assciated with a ne-way cllisin resistant uniquely identified hash-functin. Time stamp authrity: An authrity trusted by ne r mre users t prvide a Time Stamping Service. Time stamp service: A service that prvides a trusted assciatin between a date and a particular pint in time, in rder t establish reliable evidence indicating the time at which the datum existed. Usual verificatin: a prcess perfrmed by a Verifier that may be dne years after the electrnic signature was prduced, des nt need t capture mre data than the data that was captured at the time f initial verificatin. Validatin data: additinal data, cllected by the Signer and/r a Verifier, needed t verify the electrnic signature in rder t meet the requirements f the signature plicy. It may include: certificates, revcatin status infrmatin, time-stamps r Time-Marks. Verifier: An entity that validates r verifies an electrnic signature (physical r legal persn). This may be either a relying party r a third party interested in the validity f an electrnic signature. 2. Certipst e-signing Service 2.1. Certipst e-signing actrs Signer: see abve Verifier: see abve Certipst e-signing service prvider: Certipst e-signing service prvider helps the Signer t create a signature accrding t the present signature plicy, in rder t ensure that the signature generated has a legal value equivalent t a handwritten signature as per the Directive [4] implemented in the Belgian law n electrnic signature [6]. Certipst e-signing service prvider helps the Verifier t assess whether a signature was cmpliant t the present signature plicy, and thus that the signature verified has a legal value equivalent t a handwritten signature as per the Directive [4] implemented in the Belgian law n electrnic signature [6] Certipst e-signing service descriptin The gal f the Certipst e-signing Service is t lwer the barrier fr electrnic dcument signing dramatically by taking the legal and technical cmplexity f this signing away frm the Signer wh applies the signature and Verifier wh trusts the signature. The Certipst e-signing Service is a service that will help users t create and verify Qualified Electrnic Signatures with lng term value. Qualified Electrnic Signatures are electrnic signatures that cmply with the requirements frm the Eurpean Directive [1] and Belgian law [2] cncerning electrnic signatures in such a way that frm a legal pint f view they are autmatically accepted as equivalent t a handwritten signature. As the requirements frm the Eurpean Directive and Belgian law are cmplex fr the general public, Certipst has created this service t take this cmplexity away frm the Signer and the Verifier. By simply using the Certipst e-signing service, bth the Signer and Verifier can be assured f cmpliance f their signature and verificatin methd t the Eurpean Directive and Belgian law. In additin, the Certipst e-signing service ffers a number Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

5 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 5 f 12 f supplementary measures t make sure that the cnditins fr lng term nn-repudiatin f signatures are met Supprted standard The signature will be frmatted in the standard XML Advanced Electrnic Signature standard (XAdES) i, t allw all measures t be applied fr lng term nn-repudiatin. XAdES defines several different signature prfiles. Each prfile adds additinal verificatin infrmatin n tp f the encapsulated prfile. The range ges frm the basic XAdES prfile, which is nly sufficient fr very shrt-term prf f nn-repudiatin up t XAdES- A which ffers enugh nn-repudiatin prf elements fr archiving. Fr mre infrmatin see the ETSI standard. The electrnic signature applied accrding t the present Signature Plicy must be frmatted in at least the XAdES-T prfile. This prfile cntains as well a timestamp that can prf at what time the signature was psed. Anther XAdES prfile that encapsulates a XAdES-T such as XAdES-X-L is f curse accepted as well. Fr signatures that have t be prven beynd the expiratin date f the certificate, the XAdES-X-L shuld be used (the XAdES-X-L als cntains the certificate status infrmatin). The signature itself will be created with the Signer s SSCD, the frmatting f the XAdES-T r XAdES-X-L signature dcument (and inclusin f timestamp(s) and pssibly certificate status infrmatin) will be perfrmed n the Certipst e-signing server. At any mment, any party in pssessin f the XAdES-T signature can add revcatin status infrmatin and timestamps t frm a XAdES-X-L. At any mment, any party in pssessin f the XAdES-X-L can add a new timestamp t frm a XAdES-A frmat fr a lng term archiving versin f the signature. All signatures created under this signature plicy will as well include within the XAdES frmat references t the present Signature Plicy in the frm f OID, hash and URL f the present Signature Plicy e-signing creatin The Signer can create a signature accrding t this Signature Plicy using the Certipst e-signing service. Multiple presentatin envirnments can use the Certipst e-signing Framewrk. It is pssible that the Certipst e-signing service will at a certain mment implement ther signature plicies than the present ne. The implementatins based n the Certipst e-signing Handwritten Equivalent Signature Plicy will have the fllwing in cmmn: 1. The user can select a file t be signed 2. The Certipst e-signing service will perfrm a number f verificatins (nt necessarily in this rder): a. Whether the signature is valid fr the specified signed file b. Certificate issued under an accepted Certificate Plicy (see sectin Certificate requirements). c. Validity f the certificate: certificate nt revked r suspended, certificate within validity perid (between valid frm and valid t dates), full certificate chain validatin (including validatin f all certificates in the chain) When ne f the verificatins fails, the signature prcess will be abrted. 3. The Certipst e-signing service will create the XAdES-T file. This includes the cllectin f a timestamp. In case the e-signing server creates a XAdES-X-L file, this includes the cllectin and inclusin f Certificate status infrmatin and timestamps e-signing verificatin The Verifier can use any means t verify the signature created accrding t this plicy. Hwever, fllwing cnditins must be met. The Certipst e-signing verificatin service implementatin meets all these criteria, and is pen fr use t any Verifier. i ETSI TS Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

6 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 6 f Assurance that the signature is valid fr the specified signed file. 2. Validity f the certificate at the time f signing: certificate nt revked r suspended, certificate nt expired and already valid, full certificate chain validatin (including validatin f all certificates in the chain). This may include the cnstructin f a XAdES-X-L frm the XAdES-T r a XAdES-A frm the XAdES-X-L. 3. Certificate issued under an accepted Certificate Plicy (see sectin Certificate requirements). 4. Verificatin f all the timestamps in the XAdES-T, XAdES-X-L r XAdES-A (in case additinal timestamps have been added fr lng term nn-repudiatin assurance), including the verificatin that the timestamp validity perids verlap (at any pint in time at least ne f the timestamps shuld be valid t assure in case f algrithm breach that never the nn-repudiatin value might have been cmprmised). 3. Signature plicy infrmatin 3.1. General Certipst e-signing Handwritten Equivalent Signature Plicy infrmatin Fllwing ETSI requirements ii, the Certipst e-signing Handwritten Equivalent signature plicy includes the fllwing data: 3.. Signature Plicy Identifier: Signature Plicy Name: Certipst e-signing Handwritten Equivalent Signature Plicy Signature Plicy OID: (the last tw digits define the majr and minr versins f the signature plicy respectively) Signature Plicy URL: Signing_HandwrittenEquivalentSignaturePlicy_EN_v1.0.pdf Date f issue 15 June Signature Plicy Issuer name: Certipst sa/nv cntact details: Registered ffice: Certipst s.a/n.v. Centre Mnnaie / MuntCentrum B-1000 Bruxelles / Brussel TVA B.T.W. BE RC Bruxelles / HR Brussel Operatinal address: Ninvesteenweg 196, B-9320 Erembdegem Phne: Fax: Signature Plicy Issuer OID: Signing Perid The present Signature Plicy is valid frm the date f issue till it becmes superseded by a next versin Cmmn Rules ii Specified in reference dcument [ 1] ETSI TR (V.1) : «Signature plicy reprt» Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

7 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 7 f Rules fr the Signer Absence f time based dynamic cntent The Signer is respnsible that the file being signed des nt cntain any dynamic cntent that might mdify the visualized result f the file during time (e.g. amunts r sentences that change after a certain date). The Signer must nt include such dynamic cntent in any file the Signer creates that will be subject t use f the e- Signing service. In case the Signer wants t sign a dcument that he did nt create himself, he shuld make sure that such dynamic cntent is nt present. That is why we advice against the signing f dcuments cntaining macr s r ther executable cde. We advice in such a case t cnvert the file first t a frmat that des nt cntain dynamic cntent such as TIFF, PDF, JPEG, Dcuments accepted by law Althugh that the Belgian Law [6] lays dwn the cnditins fr electrnic signatures t be accepted as equivalent t handwritten signatures, ther laws smetimes lay dwn cnditins that rule ut electrnic signatures after all. Additinally, fr sme transactins, electrnic dcuments and/r electrnic signatures may nt be allwed accrding t the applicable cntractual cnditins (e.g. a certain frm f cmmunicatin was cntractually agreed that rules ut the use f electrnic signatures). The Signer is respnsible that the file being signed is accepted by law and applicable cntracts t be signed electrnically. In the present Signature Plicy, n exhaustive list can be prvided f types f cntent that are nt allwed by Belgian law t be signed electrnically, but particularly the types f cntent listed belw shuld be investigated by the Signer: testament cheque, rder nte and bill f exchange unilateral engagement by a nn-merchant t pay a certain amunt r gd f value cntracts which need t be registered, such as cntracts t rent a huse (by lack f e-registratin) authentic acts ( authentieke akten, "actes authentiques"), such as the cntract t buy real estate and dnatins. sme kinds f mandate, such as the mandate fr authentic acts, the mandate t accept a dnatin r the mandate t be present at the executin f civil state acts. Transactin under anther cuntry s legislatin might be subject t similar exceptins Signed attributes The fllwing set f Signed Attributes will be prvided by the Signer: Signing time Signing Certificate (including the full certificate path) Signature Plicy (in the frm f OID, hash and URL f the current Signature Plicy) Unsigned attributes The fllwing set f Unsigned Attributes shuld be prvided by the Signer. If nt added by the Signer, they may be added by the Verifier. Timestamps: this must include SignatureTimeStamps (timestamp n the signature itself), this shuld include SigAndRef TimeStamps (timestamp n the cmbinatin f the signature and the references t validatin infrmatin) an may include ArchiveTimeStamps (timestamps added ver time t maintain lng term nn-repudiatin value) Cuntersignature (pssibly, nt mandatry) Certificate values: this must include the CmpleteCertificate Refs and shuld include the Certificate- Values Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

8 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 8 f 12 Certificate status references: this must include the CmpleteRevcatinData Refs and shuld include the RevcatinValues Rules fr the Verifier Signed attributes Signing time: nly t be used as an indicatin, nly a timestamp can give cnclusive infrmatin abut a time reference. The ldest timestamp within the XAdES structure will be used t determine signing time. Signing Certificate: Full verificatin f the signing certificate fr the signing time (signing time during the lifetime f the certificate, certificate nt revked r suspended, full verificatin n the certificate chain) Nte: Althugh the XAdES-X-L frmat cntains certificate verificatin data, this certificate verificatin data can have been cllected nt taking a cautinary perid in cnsideratin (see cautinary perid in the sectin Timestamping). Perfrming a new nline certificate status verificatin can nly cnclusively give the crrect status if this new nline verificatin is perfrmed after the cautinary perid but befre the expiratin f the certificate. Often certificate status infrmatin services d nt keep mentin n revcatin r suspensin n expired certificates. Therefre the way the verificatin is perfrmed depends n the state f the certificate at verificatin time. When perfrming a verificatin befre expiratin f the Signature certificate: The Verifier shuld as well perfrm a new nline certificate status verificatin. In case this new verificatin shws the certificate being revked r suspended, the Verifier shuld nt trust the signature in case the date and time f revcatin r suspensin is earlier r equal t signing date and time, even if the certificate revcatin data included in the XAdES-X-L signature claims the certificate t have been valid at that time. Only when the Verifier can nt btain such new status infrmatin, the certificate status infrmatin frm the XAdES-X-L itself can be used as nly certificate status infrmatin, implying an acceptance f the resulting risk. When perfrming a verificatin after expiratin f the Signature certificate: The certificate status infrmatin frm the XAdES-X-L itself must be used as nly certificate status infrmatin, implying an acceptance f the resulting risk. A new nline certificate status verificatin cannt be trusted upn t cntain crrect revcatin data abut the certificate. Signature Plicy: The Verifier shuld check that this is indeed the Signature Plicy that was identified in the XAdES structure (by hash cmparisn) Unsigned attributes The fllwing set f Unsigned Attributes shuld be prvided by the Signer. If nt added by the Signer, they may be added by the Verifier. Timestamps: Several timestamps can have been applied. Except the verificatin f the validity f the timestamps themselves and the timestamp signing certificates, the Verifier shuld make sure that timestamps are included in such a way that the timestamp validity perids verlap (at any pint in time at least ne f the timestamps shuld be valid t assure in case f algrithm breach that never the nn-repudiatin value might have been cmprmised), and this fr the perid between the Signing time and the mment f the verificatin. Cuntersignature (pssibly, nt mandatry): Same checks as n the first signature. Certificate values: Used in the verificatins abve. Certificate status references: Used in the verificatins abve. Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

9 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 9 f Trust cnditins Signing Certificate Certificate requirements The trust pints that must be used fr the start f prcessing f the Signing Certificate path (the self-signed certificates fr the CAs) are limited t: Belgium Electrnic Identity card (eid) certificates: Belgium Rt CA Certipst E-Trust certificates: Certificate Path Length Belgacm E-Trust Rt CA fr qualified certificates Certipst E-Trust TOP Rt CA GTE CyberTrust Glbal Rt N limitatin n Certificate Path Length applies. Acceptable Certificate Plicies Only certificate plicies are accepted that apply t Qualified Certificates stred n SSCD. Naming cnstraints N naming cnstraints apply. Explicit Indicatin f the certificate plicies eid Certipst E-Trust (eid Citizen signing certificate) (eid Freigner signing certificate) x (Certipst E-Trust qualified fr qualified signatures fr physical persns) x (Certipst E-Trust qualified fr qualified signatures fr legal persns) x (Certipst E-Trust qualified fr qualified signatures fr physical persns) x (Certipst E-Trust qualified fr qualified signatures fr legal persns) x (Certipst E-Trust qualified fr qualified signatures fr cmmunities) Revcatin Requirements Revcatin status infrmatin n the Signer certificate shuld be validated in the fllwing way: eid certificates: The OCSP service shuld be used. When the OCSP service cannt be used fr whatever reasn, full CRLs shuld be used. Certipst certificates: Full CRLs shuld be used. Revcatin status infrmatin n the CA certificates in the Signer certificate chain shuld be validated in the fllwing way: eid certificates: The OCSP service shuld be used. When the OCSP service cannt be used fr whatever reasn, full CRLs shuld be used. Certipst certificates: Full CRLs shuld be used. Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

10 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 10 f Timestamping Time Stamping Authrities Public Key Rules The certificate f the time stamping authrities public key shuld include the timestamping ExtendedKeyUsage (OID: ). Naming cnstraints N naming cnstraints apply. Cautinary Perid At the time f the creatin f the signature XAdES-X-L frmat by the e-signing service prvider, a validatin will be perfrmed n the validity f the certificate used fr signing. This includes the verificatin whether the certificate was nt revked r suspended during at the mment it was used fr signing. Such verificatin is prefrmed by getting revcatin infrmatin frm the certificate issuer (CRL r OCSP). Sme time ges by between the mment that the certificate was requested t be revked and the time that the revcatin services (CRL r OCSP server) publish this status. That means that there is a small risk that the revcatin status cllected during the creatin f the XAdES-X-L is nt crrect (the certificate being cnsidered valid while it is nt). As a result there is a risk that the XAdES-X-L claims a valid signature, while in reality the signature is nt valid. A means t eliminate this risk is by waiting fr a certain perid (cautinary perid r grace perid) after the actual signature befre creating the XAdES-X-L. If this grace perid is larger then the time that it takes fr the certificate status service t publish the revcatin infrmatin the risk is cmpletely mitigated. Hwever in this Signature Plicy, it was chsen nt t impse such a grace perid fr the fllwing reasns: 1. The certificates allwed by this Signature Plicy are stred n an SSCD, which limits cnsiderably the risk f abuse f a stlen r lst certificate. 2. Including a grace perid wuld in mst cases disrupt the nrmal flw f events in which the signature takes part in such a way that this wuld mre then ffset the psitive effect f applying such grace perid. 3. Even if the XAdES-X-L des nt cntain verificatin infrmatin frm after such grace perid, present signature plicy requests the Verifier t verify the revcatin data nline t assess whether the signing certificate was nt revked r suspended at the time f signature. Maximum Acceptable Time Nt applicable Certificate requirements Belgacm E-Trust Rt CA fr Qualified Certificates Certificate Path Length N limitatin n Certificate Path Length applies. Acceptable Certificate Plicies There is n specific indicatin n the acceptable Certificate Plicies. Naming cnstraints N naming cnstraints apply Revcatin Requirements Revcatin status infrmatin n the timestamping certificate shuld be validated in the fllwing way: Certipst certificates: Full CRLs shuld be used. Revcatin status infrmatin n the CA certificates in the timestamping certificate chain shuld be validated in the fllwing way: Certipst certificates: Full CRLs shuld be used. Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

11 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 11 f Attributes N attribute signing is part f this signature plicy Algrithm Cnstraints Fllwing Signer algrithm cnstraints apply t signatures created under this Signature Plicy: The Signing Algrithms : One f the fllwing algrithms shuld be used: RSA / SHA1, RSA/SHA256, RSA/SHA512 Minimum Key Length: The Certificate Plicies that are accepted define the minimum key length. This signature plicy des nt define Algrithm Cnstraints n certificates r timestamping authrities Cmmn Extensins N cmmn extensins have been defined in this signature plicy Cmmitment Rules Nt applicable Signature Validatin Plicy Extensins N Signature Validatin Plicy Extensins are applicable Area f applicatin, Business Applicatin dmain, transactinal cntext This signature plicy applies t the cntext f a Certipst e-signing Handwritten Equivalent transactin Cmputer- prcessible vs. human-readable signature plicy Tw frmats f signature plicies can be implemented: Cmputer-prcessible plicy and human readable signature plicy. Frm the develpers pint f view it wuld be cnvenient, if the plicy is available in a cmputerprcessible frmat. Hwever, because it is the Signer that gives a cmmitment with regard t the cntent f the signed dcument as per this plicy, there must always be a human readable versin f the plicy. Mrever, the Signer must be able t read the plicy befre creating a signature under it. Fr the reasns we have expressed abve, Certipst pted fr a human-readable plicy Explicit vs. implicit signature plicy The reference t a signature plicy within a signed dcument may be either implicit r explicit. We pted fr an explicit reference t the signature plicy indicated by the Signer within the electrnic signature (and thus prtected by the electrnic signature frm the Signer). In this case, the benefit is t allw a prcessing f the electrnic signatures, even lng after they have been generated and utside their riginal cntext f use (e.g. in frnt f a judge). The Signature Plicy is identifiable by a unique identifier, e.g. an OID (Object IDentifier), and verifiable using a hash f the signature plicy. S each time an electrnic signature is generated, it includes within the signed dcument the unique identifier f the signature plicy, the hash value f the signature plicy and a lcatin (URL)) where a cpy f the Signature Plicy may be btained Certipst e-signing Handwritten Equivalent signature plicy publicatin Befre signing, a Signer shuld be sure which security plicy will apply. In the same way, when verifying an electrnic signature, a Verifier needs t make sure t use the crrect security plicy. Certipst issues its wn signature plicies and make them available t end-entities by placing them n a secure web site (that can be accessed via SSL). By this way, an end-entity (a Signer r Verifier) has the guarantee that he is in pssessin f the genuine plicy. Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.

12 Certipst e-signing Handwritten Equivalent Signature Plicy Dcument OID: Apprval Status: Apprved Versin: 12 f Certipst e-signing Handwritten Equivalent signature plicy archiving In case the current versin f this signature plicy is superseded, the next versin f the signature plicy will identify the repsitry where the current signature plicy versin will be archived and hw a Verifier can get access. This might be required fr the verificatin f electrnic signature created under the current signature plicy versin Certipst e-signing Handwritten Equivalent signature plicy cnfrmance statements The present Signature Plicy claims cnfrmance t ETSI TS , ETSI TR and t the Belgian Law f 9th July References [1]: ETSI TR (v.1): Signature plicy reprt. [2]: ETSI TS ETSI TS (v1.2.2): XML Advanced Electrnic Signatures (XAdES). [3]: RFC 3280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revcatin List (CRL) Prfile. [4]: EC 1999/93: Eurpean Cmmunity (EC) DIRECTIVE 1999/93/EC OF THE EUROPEAN PARLIAMENT AND COUNCIL ON A COMMUNITY FRAMEWORK FOR ELECTRONIC SIGNATURES [5]: ETSI TR (v.1): Signature Plicy fr Extended Business Mdel. [6]: The 9th f July 2001 Belgian Law abut electrnic signatures. Handwritten Equivalent Signature Plicy Versin Cpyright 2007 Certipst sa/nv. All rights reserved.