oasis dss 1.0 profiles xades spec cd 01

1

XAdES Profiles of the OASIS Digital 2 3

4

5

6 7

8 9

10 11

12 13 14 15

16 17 18 19 20 21

22 23 24 25 26 27 28 29

30

Signature Service Committee Draft, 24 December 2004 (Working Draft 06)

Document identifier: oasis-dss-1.0-profiles-XAdES-spec-cd-01

Location: http://docs.oasis-open.org/dss/

Editor: Juan Carlos Cruellas, individual

Contributors: Nick Pope, individual Ed Shallow, Universal Post Union Trevor Perrin, individual

Abstract: This draft defines one abstract profile of the OASIS DSS protocols for the purpose of creating and verifying XML or CMS based Advanced Electronic Signatures. It also defines two concrete sub-profiles: one for creating and verifying XML Advanced Electronic Signatures and the other for creating and verifying CMS based Advanced Electronic Signatures.

Status: This is a Committee Draft produced by the OASIS Digital Signature Service Technical Committee. Committee members should send comments on this draft to [email protected]. For information on whether any patents have been disclosed that may be essential to implementing this specification, and any offers of patent licensing terms, please refer to the Intellectual Property Rights section of the Digital Signature Service TC web page at http://www.oasis-open.org/committees/dss/ipr.php.

oasis-dss-1.0- profiles-XAdES-spec-cd-01 24 December, 2004

Copyright OASIS Open 2004. All Rights Reserved. Page 1 of 31
http://docs.oasis-open.org/dss/mailto:[email protected]:[email protected]:[email protected]:[email protected]://www.oasis-open.org/committees/dss/ipr.php



Table of Contents 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54

55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74

1 Introduction ....................................................................................................................... 5 1.1 Notation .................................................................................................................... 5 1.2 Namespaces ............................................................................................................ 5

2 Overview ........................................................................................................................... 6 3 Advanced Electronic Signature abstract profile ................................................................ 7

3.1 Overview .................................................................................................................. 7 3.2 Profile Features ........................................................................................................ 8

3.2.1 Scope................................................................................................................... 8 3.2.2 Relationship To Other Profiles............................................................................. 8 3.2.3 Signature Object .................................................................................................. 8

3.3 Profile of Signing Protocol........................................................................................ 8 3.3.1 Element ...................................................................................... 9

3.3.1.1 Element .......................................................................................9 3.3.1.1.1 Element ..................................................................................9 3.3.1.1.2 Element ..................................................................................9 3.3.1.1.3 Optional inputs < ClaimedIdentity> / ...........................................9 3.3.1.1.4 Element .................................................................................9 3.3.1.1.5 Element ............................................................................ 10

3.3.1.1.5.1 Requesting SigningTime ........................................................................... 10 3.3.1.1.5.2 Requesting CommitmentTypeIndication.................................................... 10 3.3.1.1.5.3 Requesting SignatureProductionPlace ...................................................... 10 3.3.1.1.5.4 Requesting SignerRole.............................................................................. 10 3.3.1.1.5.5 Requesting ............................. 11 3.3.1.1.5.6 Requesting data objects format ............................................................... 11

3.3.2 Element ................................................................................. 12 3.3.2.1 Element .................................................................................................. 12 3.3.2.2 Element ................................................................................... 12 3.3.2.3 Element ..................................................................... 12

3.4 Profile of Verifying Protocol.................................................................................... 12 3.4.1 Element .................................................................................. 12

3.4.1.1 Attribute Profile ...................................................................................................... 13 3.4.1.2 Element ..................................................................................... 13

3.4.1.2.1 Element ................................................................ 13 4 Element ............................................................................................ 14

4.1.1.1 Element .................................................................................. 14 4.1.1.1.1 Element ........................................................................... 14

5 XML Advanced Electronic Signatures concrete Profile .................................................. 15 5.1 Overview ................................................................................................................ 15 5.2 Profile features ....................................................................................................... 15

5.2.1 Identifier ............................................................................................................. 15 5.2.2 Scope................................................................................................................. 15 5.2.3 Relationship To Other Profiles........................................................................... 16 5.2.4 Signature Object ................................................................................................ 16 5.2.5 Transport Binding............................................................................................... 16



75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90

91 92 93 94 95 96 97 98 99

100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122

5.2.6 Security Binding ................................................................................................. 16 5.3 Profile of Signing Protocol...................................................................................... 16

5.3.1 Element .................................................................................... 16 5.3.1.1 Attribute Profile ...................................................................................................... 16 5.3.1.2 Element ..................................................................................... 16

5.3.1.2.1 Element ................................................................................ 16 5.3.1.2.2 Element ................................................................................ 17 5.3.1.2.3 Optional inputs < ClaimedIdentity> / ......................................... 17 5.3.1.2.4 Element ............................................................................... 17 5.3.1.2.5 Element ............................................................................ 17

5.3.1.2.5.1 Requesting SigningTime ........................................................................... 17 5.3.1.2.5.2 Requesting CommitmentTypeIndication.................................................... 17 5.3.1.2.5.3 . Requesting SignatureProductionPlace .................................................... 17 5.3.1.2.5.4 Requesting SignerRole.............................................................................. 17 5.3.1.2.5.5 Requesting ............................. 17 5.3.1.2.5.6 Requesting data objects format ............................................................... 17

5.3.2 Element ................................................................................. 17 5.3.2.1 Element .................................................................................................. 17 5.3.2.2 Element ................................................................................... 18



5.4.1.2.1 Element ................................................................ 18 5.4.1.3 Element ................................................................................... 18

5.4.2 Element ............................................................................... 18 5.4.2.1 Attribute Profile ........................................................ Error! Bookmark not defined. 5.4.2.2 Element .................................................................................. 18

5.4.2.2.1 Element ........................................................................... 18 5.5 Profile Bindings ...................................................................................................... 18

5.5.1 Transport Bindings............................................................................................. 18 5.5.2 Security Bindings ............................................................................................... 19

5.5.2.1 Security Requirements .......................................................................................... 19 5.5.2.2 TLS X.509 Mutual Authentication .......................................................................... 19

6 CMS-based Advanced Electronic Signature profile........................................................ 20 6.1 Overview ................................................................................................................ 20 6.2 Profile features ....................................................................................................... 20

6.2.1 Identifier ............................................................................................................. 20 6.2.2 Scope................................................................................................................. 21 6.2.3 Relationship To Other Profiles........................................................................... 21 6.2.4 Signature Object ................................................................................................ 21 6.2.5 Transport Binding............................................................................................... 21 6.2.6 Security Binding ................................................................................................. 21

6.3 Profile of Signing Protocol...................................................................................... 21 6.3.1 Element .................................................................................... 21


6.3.1.2.1 Element ................................................................................ 21



123 124 125 126 127 128 129 130 131

132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159

6.3.1.2.2 Element ................................................................................ 22 6.3.1.2.3 Optional inputs < ClaimedIdentity> / ......................................... 22 6.3.1.2.4 Element ............................................................................... 22 6.3.1.2.5 Element ............................................................................ 22

6.3.1.2.5.1 Requesting SigningTime ........................................................................... 22 6.3.1.2.5.2 Requesting CommitmentTypeIndication.................................................... 22 6.3.1.2.5.3 . Requesting SignatureProductionPlace .................................................... 22 6.3.1.2.5.4 Requesting SignerRole.............................................................................. 22 6.3.1.2.5.5 Requesting data objects format ................................................................ 22

6.3.2 Element ................................................................................. 22 6.3.2.1 Attribute Profile ........................................................ Error! Bookmark not defined. 6.3.2.2 Element .................................................................................................. 23 6.3.2.3 Element ................................................................................... 23



6.4.1.2.1 Element ................................................................ 23 6.4.1.3 Element ................................................................................... 23

6.4.2 Element ............................................................................... 23 6.4.2.1 Attribute Profile ........................................................ Error! Bookmark not defined. 6.4.2.2 Element .................................................................................. 23

6.4.2.2.1 Element ........................................................................... 23 6.5 Profile Bindings ...................................................................................................... 23

6.5.1 Transport Bindings............................................................................................. 23 6.5.2 Security Bindings ............................................................................................... 23

6.5.2.1 Security Requirements .......................................................................................... 23 6.5.2.2 TLS X.509 Mutual Authentication .......................................................................... 24

7............................................................................................................................................... 25 8 Identifiers defined in this specification ............................................................................ 26

8.1 Predefined advanced electronic signature forms identifiers .................................. 26 9 Editorial Issues................................................................................................................ 27 10 References...................................................................................................................... 29

10.1 Normative ............................................................................................................... 29 Appendix A. Revision History .................................................................................................. 30 Appendix B. Notices ................................................................................................................ 31



1 Introduction 160 161 162 163 164 165 166 167

168

169 170 171 172 173 174

175 176

177

178 179 180 181

182

The DSS signing and verifying protocols are defined in [DSSCore]. As defined in that document, the DSS protocols have a fair degree of flexibility and extensibility. This document defines an abstract profile for the use of the DSS protocols for creating and verifying XML and binary Advanced Electronic Signatures as defined in [COMMENT: Bold these and other references:] [XAdES] and [TS 101 733]. This document also defines two concrete profiles derived from the abstract one: one for creating and verifying XAdES signatures and the other for creating and verifying signatures as defined in TS 101733.

1.1 Notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this specification are to be interpreted as described in IETF RFC 2119 [RFC 2119]. These keywords are capitalized when used to unambiguously specify requirements over protocol features and behavior that affect the interoperability and security of implementations. When these words are not capitalized, they are meant in their natural-language sense.

This specification uses the following typographical conventions in text: , Attribute, Datatype, OtherCode.

1.2 Namespaces The structures described in this specification are contained in the schema file [XAdES-ABS-XSD]. All schema listings in the current document are excerpts from the schema file. In the case of a disagreement between the schema file and this document, the schema file takes precedence.

This schema is associated with the following XML namespace: http://www.docs.oasis-open.org/dss/oasis-dss-1.0-profiles-XAdES-cd-01# 183

184

185

186

187

188 189

190 191 192

If a future version of this specification is needed, it will use a different namespace.

Conventional XML namespace prefixes are used in this document:

o The prefix dss: (or no prefix) stands for the DSS core namespace [Core-XSD].

o The prefix ds: stands for the W3C XML Signature namespace [XMLSig].

o The prefix xades: stands for ETSI XML Advanced Electronic Signatures (XAdES) document [XAdES].

Applications MAY use different namespace prefixes, and MAY use whatever namespace defaulting/scoping conventions they desire, as long as they are compliant with the Namespaces in XML specification [XML-ns].



2 Overview 193 194 195

196 197 198

199 200

201 202

203 204

This document defines three profiles of the protocols specified in: Digital Signature Services Core Protocol and Elements [DSSCore].

The first one is an abstract profile defining messages for supporting the lifecycle of advanced electronic signatures. Both, XML and binary advanced electronic signatures are supported by this profile.

One concrete profile, derived from the aforementioned abstract profile, gives support to the lifecycle of XML advanced electronic signatures as specified in [XAdES].

A second concrete profile, also derived from the abstract one, gives support to the lifecycle of binary advanced electronic signatures as specified in [TS 101733].

Implementations should implement one of the concrete profiles (or both) in order to request generation or validation of advanced electronic signatures in one of the two formats (or both).



3 Advanced Electronic Signature abstract 205 206

207

208 209

210

211

212 213 214

215

216

217 218

219 220 221 222

223 224 225 226

227

228 229

230 231 232

233 234 235 236

237

238

239

240 241

242 243 244

245 246

profile 3.1 Overview This abstract profile supports operations within each phase of the lifecycle of two types of advanced electronic signature:

XML encoded signatures based on [XMLSig] such as specified in [XAdES].

Binary encoded signatures based on [RFC 3161] such as specified in [TS 101733].

Henceforward, the document will use the term advanced signature when dealing with issues that affect to both types of signatures. The document will use XAdES or TS 101733 signatures when dealing with issues that affect one or the other but not both of them.

For the generation of advanced signatures, the following operations apply:

SignRequest. This operation supports requests for:

o Generating predefined advanced signature forms as defined in [XAdES] and [TS 101733].

o Generating XML signatures incorporating specific signed/unsigned properties whose combination does not fit any predefined XAdES signature form. In such cases, the form MUST have been defined in a proprietary specification and MUST be identified by one URI.

o Generating CMS signatures incorporating specific signed/unsigned attributes whose combination does not fit any predefined [TS 101733] signature forms. In such cases, the form MUST have been defined in a proprietary specification and MUST be identified by one URI.

SignResponse. This operation supports delivery of:

o Predefined advanced signature forms as defined in [XAdES] and [TS 101733].

o XML signatures with specific properties whose combination does not fit any predefined XAdES signature form. In such cases, the form MUST have been defined in some other specification and MUST be identified by one URI.

o CMS signatures incorporating specific signed attributes whose combination does not fit any predefined [TS 101733] signature form. In such cases, the form MUST have been defined in some other specification and MUST be identified by one URI.

For advanced signature verification (and updating) the following operations apply:

VerifyRequest. This operation supports requests for:

o Verifying a predefined advanced signature form.

o Verifying XML signatures incorporating specific properties whose combination does not fit any predefined XAdES signature form.

o Verifying any of the signatures mentioned above PLUS updating them by addition of additional properties (time-stamps, validation data, etc) leading to a predefined XAdES form.

o Verifying CMS signatures incorporating specific attributes whose combination does not fit any predefined [TS 101733] signature form.



247 248 249

250

251

252

253 254

255

256

257

258

259

260

261 262

263

264 265

266 267 268

269

270

271 272

273 274

275

276 277 278 279

280 281

282 283

284 285

286

287

o Verifying any of the signatures mentioned above PLUS updating them by addition of additional attributes (time-stamps, validation data, etc) leading to a predefined [TS 101733] form.

o Verifying a long-term advanced signature in a certain point of time.

VerifyResponse. This operation supports delivery of:

o Advanced signature verification result of signatures mentioned above.

o Advanced signature verification result PLUS the updated signatures as requested.

o Updated signatures as requested.

The material for each operation will clearly indicate the lifecycle phase it pertains to.

3.2 Profile Features

3.2.1 Scope This document profiles the DSS signing and verifying protocols defined in [DSSCore].

3.2.2 Relationship To Other Profiles

The profile in this document is based on the [DSSCore]. The profile in this document is not directly implementable, and may be further profiled.

3.2.3 Signature Object This profile supports the creation and verification of advanced signatures as defined in [XAdES] and [TS 101733].

This profile also supports update of advanced signatures by addition of unsigned properties (time-stamps and different types of validation data), as specified in [XAdES] and [TS 101733].

3.3 Profile of Signing Protocol The present profile allows requesting:

Predefined forms of advanced electronic signatures as defined in [XAdES] and [TS 101733].

Other forms of signatures based in [XMLSig] or [RFC 3369] defined in other specifications,

In both cases, the specific requested form will be identified by an URI.

According to this profile, the following predefined advanced signature forms defined in [XAdES] and [TS 101733] MAY be requested (those forms whose name begin by XAdES- are forms names for XAdES signatures; the other ones denote forms for TS 101733 signatures):

BES and XAdES-BES. In this form, the signing certificate is secured by the signature itself.

EPES and XAdES-EPES. This form incorporates an explicit identifier of the signature policy that will govern the signature generation and verification.

ES-T and XAdES-T. This form incorporates a trusted time, by means of a time-stamp token or a time-mark.

ES-C and XAdES-C.

ES-X and XAdES-X.



288

289

290 291 292 293

294 295

296

297

298 299

300

301

302

303

304

305

306 307

308

309

ES-X-L and XAdES-X-L.

ES-A and XAdES-A.

In addition, the present profile provides means for requesting incorporation in any of the aforementioned forms any of the following properties: SigningTime, CommitmentTypeIndication, SignatureProductionPlace, SignerRole, IndividualDataObjectTimeStamp, AllDataObjectTimeStamp and DataObjectFormat.

Other electronic signature forms based in [XMLSig] or [RFC 3369], defined elsewhere, MAY also be requested using the mechanisms defined in this profile.

3.3.1 Element

3.3.1.1 Element

None of the optional inputs specified in the [DSS Core] are precluded in this abstract profile. It only constrains some of them and specifies additional optional inputs.

3.3.1.1.1 Element This element is OPTIONAL. If present, SHALL be either:

urn:ietf:rfc:3275

for requesting XML Signatures, or

urn:-ietf:rfc:3369

for requesting CMS Signatures, as defined in 7.1 of [DSS Core].

If not present the signature type SHALL be implied by the selected or the signature policy applied by the server.

3.3.1.1.2 Element The form of signature required MAY be indicated using the following optional input 310

311 312

313 314

315 316 317

318 319

320

321 322

323 324 325

326

327 328

If not present the signature form SHALL be implied by the selected or the signature policy applied by the server.

Section 8.1 of this abstract profile defines a set of URIs identifying the predefined advanced electronic signature forms specified in [TS101733] and [XAdES].

Should other standard or proprietary specification define new signature forms and their corresponding URIs, concrete sub-profiles of this abstract profile could be defined for giving support to their verification and update.

Should a form identified by an URI, admit different properties combinations, the server will produce a specific combination depending on its policy or configuration settings.

3.3.1.1.3 Optional inputs < ClaimedIdentity> / As forms defined in [XAdES] and [TS 101733] require that the signing certificate is protected by the signature, the server MUST gain access to that certificate.

or optional inputs MAY be present. If they are not present, the server may use means not specified in this profile to identify the signers key and gain access to its certificate.

3.3.1.1.4 Element This element MAY be used by the client to request the inclusion in the advanced signature of a time-stamp on all the data that are to be signed.



329

330

331 332

333

334 335 336

337 338 339

340

341

342

343

344

345

346 347

348 349 350

This profile defines the following value for its Type attribute.

urn:oasis:names:tc:dss:1.0:profiles:XAdES:AllDataObjectTimeStamp

Note: IndividualDataObjectsTimeStamp is requested using element as defined in section 3.3.1.1.5.5.

3.3.1.1.5 Element The requester MAY request to the server the addition of optional signed properties using the elements child profiled as indicated in clauses below.

Signed properties that MAY be requested are: SigningTime, CommitmentTypeIndication, SignerRole, SignatureProductionPlace, DataObjectFormat, and IndividualDataObjectsTimeStamp.

3.3.1.1.5.1 Requesting SigningTime Value for element:

urn:oasis:names:tc:dss:1.0:profiles:XAdES:SigningTime

No content is required for Value element, since it will be generated by the server.

3.3.1.1.5.2 Requesting CommitmentTypeIndication Value for element:

urn:oasis:names:tc:dss:1.0:profiles:XAdES:CommitmentTypeIndication

When the value of the commitment is fixed by the requester, this property will have a value that the server will incorporate to the advanced signature. In such cases the element MUST have the following content: 351 352 353 354 355 356 357 358

359 360

361 362 363

364

365

366

367

368

369

370

Element will be present when requesting a XML signature.

Element will be present when requesting a ASN.1 signature. Its contents MUST be the base64 encoding of CommitmentTypeIndication ASN.1 type defined in [TS 101733], DER-encoded.

3.3.1.1.5.3 Requesting SignatureProductionPlace Value for element:

urn:oasis:names:tc:dss:1.0:profiles:XAdES:SignatureProductionPlace

No content is required for element, as it will be generated by the server.

3.3.1.1.5.4 Requesting SignerRole Value for element:

urn:oasis:names:tc:dss:1.0:profiles:XAdES:SignerRole



371 372 373

When the value of the role is fixed by the requester, this property will have a value that the server will incorporate to the advanced signature. In such cases the element MUST have the following content: 374 375 376 377 378 379 380 381

Element will be present when requesting a XML signature. 382

383 384 385

386

387 388

389

390 391

392 393

Element will be present when requesting a ASN.1 signature. Its contents MUST be the base64 encoding of SignerAttribute ASN.1 type defined in [TS 101733], DER-encoded.

3.3.1.1.5.5 Requesting This property is only incorporated in XAdES signatures, not in TS101733 signatures, because an XML signature is able to sign several documents.

Value for element:

urn:oasis:names:tc:dss:1.0:profiles:XAdES:IndividualDataObjectTimeStamp

In this case, the content of element will be the element , defined as shown below. 394 395 396 397 399 400 401 402 403 405 406 407

408 409

410 411 412 413 414 415

416 417 418 419

420

421 422

WhichDocument attribute contains the reference to the document whose time-stamp is requested (see attribute ID in [CoreDSS] section 2.4.1).

[XAdES] mandates that elements corresponding to signed documents that have been individually time-stamped before being signed, must include an Id attribute. [XAdES] also mandates element to use this Id attribute to indicate what signed documents have actually been time-stamped before signing. See [XAdES] and definitions for more details.

The client MAY request a value for the elements Id attribute using the RefId optional attribute if a forcing a value for such an attribute is not present in the request. If the request does not specify a value for this attribute, then the server will automatically generate it.

3.3.1.1.5.6 Requesting data objects format Both [XAdES] and [TS101733] specify signed properties containing information on the format of the signed documents.



423

424

425 426 427

Value for Identifier element:

urn:oasis:names:tc:dss:1.0:profiles:XAdES:DataObjectFormat

When the value of the data object formats are fixed by the requester, this property will have a value that the server will incorporate to the advanced signature. The content of element will be the element , defined as shown below. 428 429 430 431 432 433 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449

450

451 452 453

454

455

456

457

458

459

460 461

462 463

464

465

466

467

468

Element will be present when requesting a XML signature.

Element will be present when requesting a ASN.1 signature. Its contents MUST be the base64 encoding of ContentHints ASN.1 type defined in [RFC 2634] DER-encoded.

3.3.2 Element This clause profiles the dss:SignResponse element for the requests profiled in clause 3.3.1

3.3.2.1 Element This profile does not apply any restriction to the dss:Result element.

3.3.2.2 Element The following restrictions apply to the contents of dss:SignatureObject:

When the generation of a CMS based signature is requested, the base-64 encoded signature MUST be present in the dss:Base64Signature element.

When the generation of an enveloping or detached XMLSig based signature is requested, this element will contain a ds:Signature element.

3.3.2.3 Element This element will only appear if an enveloped XML signature is requested.

3.4 Profile of Verifying Protocol

3.4.1 Element This clause specifies the profile for the contents of the dss:VerifyRequest when used for:



469

470 471

472

473 474

475

476 477

478 479 480

481

482 483

484

485 486 487

488 489 490

491 492

Requesting verification of advanced signatures.

Requesting verification of advanced signatures AND update of signatures to other predefined forms.

3.4.1.1 Attribute Profile The value for the Profile attribute, indicating the concrete sub-profile of this abstract profile, MUST be present.

3.4.1.2 Element This profile specifies restrictions for the following possible children of dss:OptionalInputs element:

. This element SHALL be present when the client requests verification of a signature and update to other predefined form of advanced signature.

3.4.1.2.1 Element This element MUST be present when the client requests verification of a signature and update to a predefined form of advanced signature.

The Type attribute identifies the advanced signature form requested.

Acceptable predefined values for this attribute are the URIs specified in table 1 corresponding to the following forms predefined in [TS101733] and [XAdES]: XAdES-T/ES-T, XAdES-C/ES-C, XAdES-X/ES-X,XAdES-X-L,ES-X-L, XAdES-A, ES-A.

Should other standard or proprietary specification define new signature forms and their corresponding URIs, concrete sub-profiles of this abstract profile could be defined for giving support to their verification and update.

When the requested form allows for different contents, the server MUST decide the specific contents of the updated signature delivered, according to its configuration and settings.



4 Element 493 494

495

496 497

498

499

500 501

502 503

504 505

506

507 508

4.1.1.1 Element This profile specifies restrictions for the following optional outputs:

. This element MUST be present in a successful response of a request containing .

No additional restrictions are applied by this profile to the contents of any additional outputs.

4.1.1.1.1 Element The content of the dss:UpdatedSignature will be a dss:SignatureObject element profiled according to the following rules:

When the update of a CMS based signature is requested, the base-64 encoded signature itself MUST be present in the dss:Base64Signature element.

When the update of a XMLSig based signature is requested, one of the following elements MUST appear:

The ds:Signature containing a XMLSig based signature.

The dss:SignaturePtr pointing to the XMLSig based signature embedded in one of the input documents.



5 XML Advanced Electronic Signatures 509 510

511

512 513 514 515

516

517

518

519 520 521 522

523

524

525 526 527

528

529

530

531 532

533 534 535

536

537

538

539 540

541

542

543

544

545

546

concrete Profile 5.1 Overview This concrete profile supports operations within each phase of the lifecycle of XML Advanced Electronic Signature based on [XMLSig] such as specified in [XAdES]. It will then provide all the features related to XAdES signatures that are specified in the abstract profile defined in section 3.

For the generation of XAdES signatures, the following operations apply:


o Generating predefined advanced signature forms as defined in [XAdES].

o Generating XML signatures incorporating specific signed/unsigned properties whose combination does not fit any predefined XAdES signature form. In such cases, the form MUST have been defined in a proprietary specification and MUST be identified by one URI.

o SignResponse. This operation supports delivery of:

o Predefined advanced signature forms as defined in [XAdES].

o XML signatures with specific properties whose combination does not fit any predefined XAdES signature form. In such cases, the form MUST have been defined in a proprietary specification and MUST be identified by one URI.

For verification [and updating] of XAdES signatures the following operations apply:


o Verifying a predefined XAdES signature form.

o Verifying XML signatures incorporating specific properties whose combination does not fit any predefined XAdES signature form.

o Verifying any of the signatures mentioned above PLUS updating them by addition of additional properties (time-stamps, validation data, etc) leading to a predefined XAdES form.






5.2 Profile features

5.2.1 Identifier urn:oasis:names:tc:dss:1.0:profiles:XAdES.

5.2.2 Scope This document profiles the DSS abstract profile defined in section 3 of the present document.



547

548 549

550

551 552

553 554 555

556

557

558

559

560

561

562

563

564

565 566 567

568 569 570 571

572 573

574

575

576

577

578 579

580

581

582


The profile in this section is based on the abstract profile for Advanced Electronic Signatures defined in section 3.

5.2.4 Signature Object This profile supports the creation and verification of XML advanced signatures as defined in [XAdES]].

This profile also supports verification and update of advanced signatures by addition of unsigned properties (time-stamps and different types of validation data), as specified in [XAdES]

5.2.5 Transport Binding This profile does not specify or constrain the transport binding.

5.2.6 Security Binding This profile does not specify or constrain the security binding.


Predefined forms of advanced electronic signatures as defined in [XAdES].

Other forms of signatures based in [XMLSig] defined in other specifications,


According to this profile, the following predefined advanced signature forms defined in [XAdES] MAY be requested: XAdES-BES, XAdES-EPES, XAdES-T, XAdES-C, XAdES-X, XAdES-X-L., and XAdES-A.


Other electronic signature forms based in [XMLSig] defined elsewhere MAY also be requested using the mechanisms defined in this profile.

5.3.1 Element

5.3.1.1 Attribute Profile urn:oasis:names:tc:dss:1.0:profiles:XAdES.

5.3.1.2 Element


5.3.1.2.1 Element This element is MANDATORY. Its vaule MUST be:

urn: ietf:rfc:3275



583

584

585

586

587

588

589

590

591

592

593

594

595 596 597

598

599

600

601

602

603 604 605

606

607

608

609

610

611 612 613

614

615 616

617

618

5.3.1.2.2 Element Usage of these elements is according to what is stated in section 3.3.1.1.2 .

5.3.1.2.3 Optional inputs < ClaimedIdentity> / Usage of these elements is according to what is stated in section 3.3.1.1.3.

5.3.1.2.4 Element Usage of these elements is according to what is stated in section 3.3.1.1.4.

5.3.1.2.5 Element

5.3.1.2.5.1 Requesting SigningTime Usage of these elements is according to what is stated in section 3.3.1.1.5.1.

5.3.1.2.5.2 Requesting CommitmentTypeIndication The value for element is the one defined in section 3.3.1.1.5.2:


When the value of the commitment is established by the requester, the element MUST contain a element as defined in section 3.3.1.1.5.2 with the child.

5.3.1.2.5.3 . Requesting SignatureProductionPlace Usage of these elements is according to what is stated in section 3.3.1.1.5.3



When the value of the role is fixed by the requester, the element MUST contain a element as defined in section 3.3.1.1.5.4 with the child.

5.3.1.2.5.5 Requesting Usage of these elements is according to what is stated in section 3.3.1.1.5.5.

5.3.1.2.5.6 Requesting data objects format Value for element:


When the value of the data object formats are fixed by the requester, the element MUST contain a element as defined in section 3.3.1.1.5.6 with the child.

5.3.2 Element This section profiles the dss:SignResponse element for the requests profiled in clause 5.3.1.




619

620

621

622 623 624 625

626

627

628

629

630

631

632

633

634

635

636 637

638

639

640

641

642 643

644

645 646

647

648

649 650

5.3.2.2 Element The content of this element MUST be one of the following:

A ds:Signature element containing a XMLSig based signature.

A dss:SignaturePtr pointing to the XMLSig based signature embedded in one of the output documents. In such a case, the optional output element, containing the signature created, MUST be present within the dss:DocumentWithSignature element


5.4.1 Element

5.4.1.1 Attribute Profile urn:oasis:names:tc:dss:1.0:profiles:XAdES.

5.4.1.2 Element


5.4.1.3 Element The dss:SignatureObject element will have one of the following contents:

A ds:Signature containing a XMLSig based signature.

A dss:SignaturePtr pointing to the XMLSig based signature embedded in one of the inputdocuments.

5.4.2 Element

5.4.2.1 Element Usage of these elements is according to what is stated in section 4.1.1.1.

5.4.2.1.1 Element The content of the dss:UpdatedSignature will be a dss:SignatureObject element with one of the following contents:

A ds:Signature containing a XMLSig based signature.

A dss:SignaturePtr pointing to the XMLSig based signature embedded in one of the inputdocuments.

5.5 Profile Bindings

5.5.1 Transport Bindings Messages transported in this profile MAY be transported by the HTTP POST Transport Binding and the SOAP 1.2 Transport Binding defined in [DSSCore].



651

652

653

654

655

656 657

658

659

660

661 662

663

5.5.2 Security Bindings

5.5.2.1 Security Requirements This profile MUST use security bindings that:

Authenticates the requester to the DSS server

Authenticates the DSS server to the DSS client

Protects the integrity or a request, response and the association of response to the request.

Optionally, protects the confidentiality of a request and response.

The following MAY be used to meet these requirements.

5.5.2.2 TLS X.509 Mutual Authentication This profile is secured using the TLS X.509 Mutual Authentication Binding defined in [DSSCore].



6 CMS-based Advanced Electronic Signature 664 665

666

667 668 669 670

671

672

673

674 675 676 677

678

679

680 681 682 683

684 685

686

687

688 689

690 691 692

693

694

695

696 697

698

699

700

701

profile 6.1 Overview This concrete profile supports operations within each phase of the lifecycle of CMS based Advanced Electronic Signature based on [RFC 3369] such as specified in [TS 101733]. It will then provide all the features related to TS 101733 signatures that are specified in the abstract profile defined in section 3.

For the generation of TS101733 signatures, the following operations apply:


o Generating predefined advanced signature forms as defined in [TS101733].

o Generating CMS signatures incorporating specific signed/unsigned attributes whose combination does not fit any predefined [TS 101733] signature forms. In such cases, the form MUST have been defined in a proprietary specification and MUST be identified by one URI.

o SignResponse. This operation supports delivery of:

o Predefined advanced signature forms as defined in [TS101733].

o CMS signatures incorporating specific signed attributes whose combination does not fit any predefined [TS 101733] signature form. In such cases, the form MUST have been defined in a proprietary specification and MUST be identified by one URI.

For verification [and updating] of signatures as specified in [TS 101733] the following operations apply:


o Verifying a predefined [TS 101733] signature form.

o Verifying CMS signatures incorporating specific attributes whose combination does not fit any predefined [TS 101733] signature form.

o Verifying any of the signatures mentioned above PLUS updating them by addition of additional attributes (time-stamps, validation data, etc) leading to a predefined [TS 101733] form.






6.2 Profile features

6.2.1 Identifier urn:oasis:names:tc:dss:1.0:profiles:CAdES.



702

703

704

705 706

707

708 709

710 711 712

713

714

715

716

717

718

719

720

721

722 723

724 725 726 727

728 729

730

731

732

733

734 735

736

737

738

6.2.2 Scope This document profiles the DSS abstract profile defined in section 3 of the present document.


The profile in this document is based on the abstract profile for Advanced Electronic Signatures defined in section 3.

6.2.4 Signature Object This profile supports the creation and verification of CMS based advanced signatures as defined in [TS101733]].

This profile also supports verification and update of advanced signatures by addition of unsigned properties (time-stamps and different types of validation data), as specified in [TS101733]

6.2.5 Transport Binding This profile does not specify or constrain the transport binding.

6.2.6 Security Binding This profile does not specify or constrain the security binding.


Predefined forms of advanced electronic signatures as defined in [TS 101733].

Other forms of signatures based in [RFC 3369] defined in other specifications,


According to this profile, the following predefined advanced signature forms defined in [TS 101733] MAY be requested: BES, EPES, ES-T, ES-C, ES-X, ES-X-L, and ES-A


Other electronic signature forms based in [RFC 3369], defined elsewhere, MAY also be requested using the mechanisms defined in this profile.

6.3.1 Element

6.3.1.1 Attribute Profile urn:oasis:names:tc:dss:1.0:profiles:CAdES.

6.3.1.2 Element


6.3.1.2.1 Element This element is MANDATORY. Its vaule MUST be:

urn: ietf:rfc:3369



739

740

741

742

743

744

745

746

747

748

749

750

751

752 753 754 755

756

757

758

759

760

761 762 763 764

765

766

767

768 769 770 771

772

773 774

6.3.1.2.2 Element Usage of these elements is according to what is stated in section 3.3.1.1.2 .

6.3.1.2.3 Optional inputs < ClaimedIdentity> / Usage of these elements is according to what is stated in section 3.3.1.1.3.


6.3.1.2.5 Element This section profiles section 3.3.1.1.5.

6.3.1.2.5.1 Requesting SigningTime Usage of these elements is according to what is stated in section 3.3.1.1.5.1.

6.3.1.2.5.2 Requesting CommitmentTypeIndication The value for element is the one defined in section 3.3.1.1.5.2:


When the value of the commitment is established by the requester, the element MUST contain a element as defined in section 3.3.1.1.5.2 with the child containing the base64encoding of CommitmentTypeIndication ASN.1 type as specified in [TS101733], DER-encoded.

6.3.1.2.5.3 . Requesting SignatureProductionPlace Usage of these elements is according to what is stated in section 3.3.1.1.5.3



When the value of the role is fixed by the requester, the element MUST contain a element as defined in section 3.3.1.1.5.4 with the child containing the base64encoding of SignerAttribute ASN.1 type as specified in [TS101733], DER-encoded.

6.3.1.2.5.5 Requesting data objects format Value for element:


When the value of the data object formats are fixed by the requester, the element MUST contain a element as defined in section 3.3.1.1.5.6 with the child containing the base64encoding of ContentHints ASN.1 type as specified in [TS101733], DER-encoded.

6.3.2 Element This section profiles the dss:SignResponse element for the requests profiled in clause 5.3.1.



775

776

777

778 779

780

781

782

783

784

785

786

787

788 789

790

791

792

793

794 795

796

797

798

799 800

801

802

803

804

805

806 807


6.3.2.2 Element The dss:SignatureObject MUST contain the dss:Base64Signature child with a CMS based signature base-64 encoded.


6.4.1 Element

6.4.1.1 Attribute Profile urn:oasis:names:tc:dss:1.0:profiles:CAdES.

6.4.1.2 Element


6.4.1.3 Element The dss:SignatureObject element MUST contain the dss:Base64Signature child with a CMS based signature base64 encoded.

6.4.2 Element

6.4.2.1 Element Usage of these elements is according to what is stated in section 4.1.1.1.

6.4.2.1.1 Element The content of the dss:UpdatedSignature will be a dss:SignatureObject element with one of the following contents:

A dss:Base64Signature element with the CMS based signature base64 encoded.

6.5 Profile Bindings

6.5.1 Transport Bindings Messages transported in this profile MAY be transported by the HTTP POST Transport Binding and the SOAP 1.2 Transport Binding defined in [DSSCore].

6.5.2 Security Bindings

6.5.2.1 Security Requirements This profile MUST use security bindings that:

Authenticates the requester to the DSS server

Authenticates the DSS server to the DSS client

Protects the integrity or a request, response and the association of response to the request.



808

809

810

811 812

813

Optionally, protects the confidentiality of a request and response.

The following MAY be used to meet these requirements.

6.5.2.2 TLS X.509 Mutual Authentication This profile is secured using the TLS X.509 Mutual Authentication Binding defined in [DSSCore].



7 814



8 Identifiers defined in this specification 815 816 817

818

819

8.1 Predefined advanced electronic signature forms identifiers

The table below shows the URIs for standard forms of advanced electronic signature:

Advanced signature

FORM

URI

XAdES-BES

BES

urn:oasis:names:tc:dss:1.0:profiles:XAdES:forms:BES

XAdES-EPES

EPES

urn:oasis:names:tc:dss:1.0:profiles:XAdES:forms:EPES

XAdES-T

ES-T

urn:oasis:names:tc:dss:1.0:profiles:XAdES:forms:ES-T

XAdES-C

ES-C

urn:oasis:names:tc:dss:1.0:profiles:XAdES:forms:ES-C

XAdES-X

ES-X

urn:oasis:names:tc:dss:1.0:profiles:XAdES:forms:ES-X

XAdES-X-L

ES-X-L

urn:oasis:names:tc:dss:1.0:profiles:XAdES:forms:ES-X-L

XAdES-A

ES-X-A

urn:oasis:names:tc:dss:1.0:profiles:XAdES:forms:ES-A

Table 1. 820



9 Editorial Issues 821 822 823 824 825 826

827 828

829

830 831 832 833

834

835

836 837 838 839 840 841 842

843

844

845 846 847

848

849 850 851 852 853 854 855 856

857

858

859 860

861 862 863 864 865 866

867

1. The current text only allows request of signature forms identified by an URI defined somewhere. There are in [XAdES] and in [TS 101733] certain forms that allow different combination of properties. If we leave the standard as it is now, we are leaving the server to decide which combination of properties to select or we assume that any combination of properties in each form will have its unique identifier.

Report: Comments received in favor of leave the text as it is. Forms requested by URI. If possible different combinations of properties, the server decides

Satus: CLOSED if no objections.

2. Should not this abstract profile also allow requesting the updating of the signature by enumeration of the properties desired?. In this way, this profile would allow both mechanisms to update signatures: by identifying the form or by identifying the set of unsigned properties.

Report: Comments received in favor of leave the text as it is


3. Section 3.3.1.1.3. A proposal has been made to associate the presence in the request of to the production of a signature where the signers certificate is protected by property, and if instead, is present then the signature will contain a signed with a element. I would prefer not linking the information required by the server to gain access to the signers certificate with the mechanism selected in the signature for protecting this certificate.

Report: Comments received in favor of leave the text as it is


4. Section 3.3.1.1.4. Proposal for suppress any mention to time-marking and capabilities for the protocol to differentiate, when requesting ES-T or XAdES-T a time-stamp or a time-mark.

Satus: CLOSED. Leave as it is now.

5. Sections 3.3.1.1.5.2, 3.3.1.1.5.3, 3.3.1.1.5.4, and 3.3.1.1.5.6. In the former version the values of the signed properties passed to the server was left open. A proposal was made to force them to be elements whose types would be those defined in [XAdES]. The current version allows them to be elements of types defined in [XAdES] when requesting XML Sig based signatures OR containing the base 64 encoded value of the corresponding property defined in [TS 101733], DER-encoded, since both kind of signatures may be requested to the server.

Report: Comments received accepting changes.

Satus: CLOSED.

6. Section 3.3.1.1.5.5. A proposal was made to use for supporting request of individualDataObjectsTimeStamp property.

does contain much more information than the required for pointing to the data object to be time-stamped before signing and give indication of the Id attribute that its corresponding must have. In fact the element has quite a lot of commonality with , except the . But as there is not a type definition, a new schema definition must be generated.




868

869 870 871 872 873 874

875

876

877 878

879 880 881 882

883 884

885

886 887 888 889 890

891

892

893 894 895 896 897

898

899 900 901 902

903

904

Satus: CLOSED.

7. Previous version explicitly mentioned that this profile would allow for requesting verification of signatures in one specific time. As this is something covered by the core, this mention has been suppressed. Comments have been raised relating this time with the time appearing in . From my point of view one thing is the time that the signer claims to have signed and a different issue is the time when the verifier verifies the signature.


Satus: CLOSED.

8. A new element has been defined as optional input to allow requesting the server update of a signature without verification.

Report: Comments pointing out the weakness that this element could bring in future as it would mean that some servers could update signatures without verifying them, and this would bring other ways to ascertain that a updated signature had actually been verified.

Decision: to suppress this feature. The corresponding section has been eliminated from this version.

Status: CLOSED.

9. Requesting CounterSignature is not explicitly mentioned here. I think that it would always be possible to use the core to get a copy of element from the and send it to the server using core protocol. Does anyone see any reason for including a new optional input?

Report: Comments received suggesting not go into this issue.

Satus: CLOSED until further consideration.

10. The comment has been made that in order to identify the signers key and gain access to the signers certificate, there may be mechanisms out of the dss-core, so that it does not make sense to make mandatory to use or in section 3.3.1.1.3. I agree with that comment. Text has been accordingly modified.

Satus: CLOSED.

11. Section 3.3.1.1.5.5. A comment has been made to suppress optional RefId attribute and leave the server decide. So far I have kept it, as I still think that it is worth to give the client the opportunity to request it. In addition I have added text clarifying the relationship with RefId attribute in .

Report: Comments received accepting text as it is.

Satus: CLOSED.



10 References 905 906

907

908 909

910 911

912

913

914 915

916 917

918

919 920

921

922

923

924

10.1 Normative [Core-XSD] T. Perrin et al. DSS Schema. OASIS, (MONTH/YEAR TBD)

[DSSCore] T. Perrin et al. Digital Signature Service Core Protocols and Elements. OASIS, (MONTH/YEAR TBD)

[RFC 2119] S. Bradner. Key words for use in RFCs to Indicate Requirement Levels. IETF RFC 2396, August 1998.

http://www.ietf.org/rfc/rfc2396.txt.

[TS 101733] Advanced Electronic Signatures. ETSI TS 101 733.

[XAdES] XML Advanced Electronic Signatures. ETSI TS 101 903, February 2002 (shortly to be reissued).

[XML-ns] T. Bray, D. Hollander, A. Layman. Namespaces in XML. W3C Recommendation, January 1999.

http://www.w3.org/TR/1999/REC-xml-names-19990114

[XMLSig] D. Eastlake et al. XML-Signature Syntax and Processing. W3C Recommendation, February 2002.

http://www.w3.org/TR/1999/REC-xml-names-19990114

[RFC 2634] P. Hoffman (ed.). Enhanced Security Services for S/MIME, June 1999.

[RFC 3369] Message Syntax (CMS). R. Housley. August 2002.
http://www.ietf.org/rfc/rfc2396.txthttp://www.w3.org/TR/1999/REC-xml-names-19990114/http://www.w3.org/TR/1999/REC-xml-names-19990114



Appendix A. Revision History 925

Rev Date By Whom What

wd-01 2004-03-08 Juan Carlos Cruellas Initial, incomplete version: SignRequest for predefined forms + optional properties.

wd-02 2004-03-08 Juan Carlos Cruellas Second version of the initial version: it incorporates SignRequest-SignResponse and VerifyRequest-VerifyResponse.

No capability for requesting individually any property. This is still an on-going discussion.

wd-03 2004-06-18 Juan Carlos Cruellas Third version. Quite a lot of editorial work done.

No capability for requesting individually any property. This is still an on-going discussion.

wd-04 2004-08-09 Juan Carlos Cruellas Fourth version:

Suppressed element.

So far: signature forms identified by URI. Not possibility of requesting properties by enumeration.

Solved most of editorial issues.

Small editorial changes.

wd-05 2004-10-08 Juan Carlos Cruellas Fifth version:

Addition of two concrete sub-profiles: one for XAdES and the other for TS 101733

wd-06 2004-11-09 Juan Carlos Cruellas Sixth version:

Addition of bindings for concrete profiles.

Additional changes from comments raised before voting as a CD



Appendix B. Notices 926 927 928 929 930 931 932 933 934 935

936 937 938

939

940 941 942 943 944 945 946 947 948

949 950

951 952 953 954 955

OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS's procedures with respect to rights in OASIS specifications can be found at the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification, can be obtained from the OASIS Executive Director.

OASIS invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to implement this specification. Please address the information to the OASIS Executive Director.

Copyright OASIS Open 2003. All Rights Reserved.

This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself does not be modified in any way, such as by removing the copyright notice or references to OASIS, except as needed for the purpose of developing OASIS specifications, in which case the procedures for copyrights defined in the OASIS Intellectual Property Rights document must be followed, or as required to translate it into languages other than English.

The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.

This document and the information contained herein is provided on an AS IS basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
IntroductionNotationNamespacesOverviewAdvanced Electronic Signature abstract profileOverviewProfile FeaturesScopeRelationship To Other ProfilesSignature ObjectProfile of Signing ProtocolElement Element Element Element Optional inputs < ClaimedIdentity> / Element Element Requesting SigningTimeRequesting CommitmentTypeIndicationRequesting SignatureProductionPlaceRequesting SignerRoleRequesting Requesting data objects formatElement Element Element Element Profile of Verifying ProtocolElement Attribute ProfileElement Element Element Element Element XML Advanced Electronic Signatures concrete ProfileOverviewProfile featuresIdentifierScopeRelationship To Other ProfilesSignature ObjectTransport BindingSecurity BindingProfile of Signing ProtocolElement Attribute ProfileElement Element Element Optional inputs < ClaimedIdentity> / Element Element Requesting SigningTimeRequesting CommitmentTypeIndication. Requesting SignatureProductionPlaceRequesting SignerRoleRequesting Requesting data objects formatElement Element Element Profile of Verifying ProtocolElement Attribute ProfileElement Element Element Element Element Element Profile BindingsTransport BindingsSecurity BindingsSecurity RequirementsTLS X.509 Mutual AuthenticationCMS-based Advanced Electronic Signature profileOverviewProfile featuresIdentifierScopeRelationship To Other ProfilesSignature ObjectTransport BindingSecurity BindingProfile of Signing ProtocolElement Attribute ProfileElement Element Element Optional inputs < ClaimedIdentity> / Element Element Requesting SigningTimeRequesting CommitmentTypeIndication. Requesting SignatureProductionPlaceRequesting SignerRoleRequesting data objects formatElement Element Element Profile of Verifying ProtocolElement Attribute ProfileElement Element Element Element Element Element Profile BindingsTransport BindingsSecurity BindingsSecurity RequirementsTLS X.509 Mutual AuthenticationIdentifiers defined in this specificationPredefined advanced electronic signature forms identifiersEditorial IssuesReferencesNormative

oasis dss 1.0 profiles xades spec cd 01

Documents

copyright oasis open

xades profiles

oasis dss protocols

sec profilesxades

individual abstract

working draft

signature object

concrete subprofiles