XAdES
XAdES (short for "XML Advanced Electronic Signatures") is a set of extensions to XML-DSig recommendation making it suitable for advanced electronic signature.
Description
While XML-DSig is a general framework for digitally signing documents, XAdES specifies precise profiles of XML-DSig for use with advanced electronic signature in the meaning of European Union Directive 1999/93/EC. One important benefit from XAdES is that electronically signed documents can remain valid for long periods, even if underlying cryptographic algorithms are broken.
Profiles
XAdES defines six profiles (forms) differing in protection level offered.
- XAdES (also named XAdES-BES for "Basic Electronic Signature"), basic form just satisfying Directive legal requirements for advanced signature;
- XAdES-T (timestamp), adding timestamp field to protect against repudiation;
- XAdES-C (complete), adding references to verification data (certificates and revocation lists) to the signed documents to allow off-line verification and verification in future (but does not store the actual data);
- XAdES-X (extended), adding timestamps on the references introduced by XAdES-C to protect against possible compromise of certificates in chain in future;
- XAdES-X-L (extended long-term), adding actual certificates and revocation lists to the signed document to allow verification in future even if their original source is not available;
- XAdES-A (archival), adding possibility for periodical timestamping (e.g. each year) of the archived document to prevent compromise caused by weakening signature during long-time storage period.
See also
- European Telecommunications Standards Institute (ETSI)
- XML Signature
- CAdES, CMS Advanced Electronic Signature
- PAdES, PDF Advanced Electronic Signature
- Trusted timestamping
External links
- W3C XAdES version 1.1.1 from 2003
- ETSI TS 101 903 XAdES version 1.1.1 from 2002-02-12
- ETSI TS 101 903 XAdES version 1.2.2 from 2004-04-02
- ETSI TS 101 903 XAdES version 1.3.2 from 2006-03-07
- ETSI TS 101 903 XAdES version 1.4.1 from 2009-06-15
- ETSI TS 101 903 V1.2.2 Technical Specification, XSD and DTD
- ETSI TS 101 903 V1.3.2 XSD and DTD
- ETSI TS 101 903 V1.4.1 XSD
- SD-DSS : A free and open-source Java library for creating/manipulating PAdES/CAdES/XAdES/ASiC Signatures
- SD-DSS : GitHub repository
|