OASIS DSS v1.0 Profile for Comprehensive Multi-Signature...

oasis-dssx-1.0-profiles-vr-cs01 12 November 2010 Copyright © OASIS® 2010. All Rights Reserved. of 44

OASIS DSS v1.0 Profile for Comprehensive Multi-Signature Verification Reports Version 1.0 Committee Specification 01

12 November 2010 Specification URIs: This Version:

http://docs.oasis-open.org/dss-x/profiles/verificationreport/oasis-dssx-1.0-profiles-vr-cs01.html http://docs.oasis-open.org/dss-x/profiles/verificationreport/oasis-dssx-1.0-profiles-vr-cs01.doc http://docs.oasis-open.org/dss-x/profiles/verificationreport/oasis-dssx-1.0-profiles-vr-cs01.pdf (Authoritative)

Previous Version: http://docs.oasis-open.org/dss-x/profiles/verificationreport/oasis-dssx-1.0-profiles-vr-cd02.html http://docs.oasis-open.org/dss-x/profiles/verificationreport/oasis-dssx-1.0-profiles-vr-cd02.doc http://docs.oasis-open.org/dss-x/profiles/verificationreport/oasis-dssx-1.0-profiles-vr-cd02.pdf (Authoritative)

Latest Version: http://docs.oasis-open.org/dss-x/profiles/verificationreport/oasis-dssx-1.0-profiles-vr.html http://docs.oasis-open.org/dss-x/profiles/verificationreport/oasis-dssx-1.0-profiles-vr.doc http://docs.oasis-open.org/dss-x/profiles/verificationreport/oasis-dssx-1.0-profiles-vr.pdf (Authoritative)

Technical Committee: OASIS Digital Signature Services eXtended (DSS-X) TC

Chair(s): Juan Carlos Cruellas, UPC-DAC <[email protected]> Stefan Drees, Individual Member, <[email protected]>.

Editor(s): Detlef Hühnlein, Federal Office for Information Security, Germany <[email protected]>

Related work: This specification is based on

• oasis-dss-core-spec-v1.0-os

and may be combined with other existing profiles, such as

• oasis-dss-profiles-AdES-v1.0-os • oasis-dss-profiles-german_signature_law-spec-v1.0-os

for example. Declared XML Namespace(s):

urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:schema#


Abstract: This document defines a protocol and processing profile of the DSS Verifying Protocol specified in Section 4 of [DSSCore], which allows to return individual signature verification reports for each signature in a verification request and include detailed information of the different steps taken during verification.

Status: This document was last revised or approved by the Digital Signature Services Extended (DSS-X) TC on the above date. The level of approval is also listed above. Check the “Latest Version” or “Latest Approved Version” location noted above for possible later revisions of this document. Technical Committee members should send comments on this specification to the Technical Committee’s email list. Others should send comments to the Technical Committee by using the “Send A Comment” button on the Technical Committee’s web page at http://www.oasis-open.org/committees/dss-x/. For information on whether any patents have been disclosed that may be essential to implementing this specification, and any offers of patent licensing terms, please refer to the Intellectual Property Rights section of the Technical Committee web page (http://www.oasis-open.org/committees/dss-x/ipr.php)


Notices Copyright © OASIS® 2010. All Rights Reserved. All capitalized terms in the following text have the meanings assigned to them in the OASIS Intellectual Property Rights Policy (the "OASIS IPR Policy"). The full Policy may be found at the OASIS website. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this section are included on all such copies and derivative works. However, this document itself may not be modified in any way, including by removing the copyright notice or references to OASIS, except as needed for the purpose of developing any document or deliverable produced by an OASIS Technical Committee (in which case the rules applicable to copyrights, as set forth in the OASIS IPR Policy, must be followed) or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. OASIS requests that any OASIS Party or any other party that believes it has patent claims that would necessarily be infringed by implementations of this OASIS Committee Specification or OASIS Standard, to notify OASIS TC Administrator and provide an indication of its willingness to grant patent licenses to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. OASIS invites any party to contact the OASIS TC Administrator if it is aware of a claim of ownership of any patent claims that would necessarily be infringed by implementations of this specification by a patent holder that is not willing to provide a license to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. OASIS may include such claims on its website, but disclaims any obligation to do so. OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS' procedures with respect to rights in any document or deliverable produced by an OASIS Technical Committee can be found on the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this OASIS Committee Specification or OASIS Standard, can be obtained from the OASIS TC Administrator. OASIS makes no representation that any information or list of intellectual property rights will at any time be complete, or that any claims in such list are, in fact, Essential Claims. The names "OASIS" and “DSS” are trademarks of OASIS, the owner and developer of this specification, and should be used only to refer to the organization and its official outputs. OASIS welcomes reference to, and implementation and use of, specifications, while reserving the right to enforce its marks against misleading uses. Please see http://www.oasis-open.org/who/trademark.php for above guidance.


Table of Contents OASIS Digital Signature Services eXtended (DSS-X) TC ............................................................................ 1 1 Introduction .......................................................................................................................................... 5

1.1 Terminology ....................................................................................................................................... 5 1.2 Normative References ....................................................................................................................... 5 1.3 Namespaces ...................................................................................................................................... 6

2 Profile Features .................................................................................................................................... 8 2.1 Overview ............................................................................................................................................ 8 2.2 Scope ................................................................................................................................................. 8 2.3 Relationship To Other Profiles ........................................................................................................... 8 2.4 Profile Identifier .................................................................................................................................. 8

3 Verification Reports within DSS Verifying Protocol .............................................................................. 9 3.1 Element <ReturnVerificationReport> ................................................................................................. 9 3.2 Element <VerificationReport> .......................................................................................................... 10 3.3 Element <IndividualReport> ............................................................................................................. 11 3.4 VerificationResultType ..................................................................................................................... 13 3.5 Element <DetailedSignatureReport> ............................................................................................... 14

3.5.1 SignatureValidityType ............................................................................................................... 14 3.5.2 AlgorithmValidityType ............................................................................................................... 15 3.5.3 CertificatePathValidityType ....................................................................................................... 15 3.5.4 PropertiesType .......................................................................................................................... 26 3.5.5 Element <IndividualTimeStampReport> ................................................................................... 37 3.5.6 Element <IndividualCertificateReport> ..................................................................................... 37 3.5.7 Element <IndividualAttributeCertificateReport> ........................................................................ 37 3.5.8 Element <IndividualCRLReport> .............................................................................................. 37 3.5.9 Element <IndividualOCSPReport> ........................................................................................... 37 3.5.10 Element <EvidenceRecordReport> ........................................................................................ 37

4 Conformance ..................................................................................................................................... 41 4.1 Level 1 – “Basic” .............................................................................................................................. 41 4.2 Level 2 – “Comprehensive” .............................................................................................................. 41 4.3 Level 3 – “Convenient” ..................................................................................................................... 42

A. Acknowledgements ............................................................................................................................ 43 B. Revision History ................................................................................................................................. 44


1 Introduction 1

This document defines a protocol and processing profile of the DSS Verifying Protocol specified in 2 Section 4 of [DSSCore], which allows to support the verification of multiple signatures within some 3 <VerifyRequest> and include detailed information of the different steps taken during verification. 4

The following sections describe how to understand the rest of this document. 5

1.1 Terminology 6

The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD 7 NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described 8 in [RFC2119]. 9 These keywords are capitalized when used to unambiguously specify requirements over protocol features 10 and behavior that affect the interoperability and security of implementations. When these words are not 11 capitalized, they are meant in their natural-language sense. 12 This specification uses the following typographical conventions in text: <ns:Element>, Attribute, 13 Datatype, OtherCode. 14

1.2 Normative References 15

[CAdES] ETSI: “Electronic Signature Formats”, Electronic Signatures and Infrastructures 16 (ESI) – Technical Specification, ETSI TS 101 733 V1.7.4, 2008-07 17

[Core-XSD] S. Drees, T. Perrin, J. C. Cruellas, N. Pope, K. Lanz, et al.: “DSS Schema”, 18 February 2007 http://docs.oasis-open.org/dss/v1.0/DSS-XML-SCHEMAS-v1.0-19 os/oasis-dss-core-schema-v1.0-os.xsd 20

[DSSCore] OASIS Standard, Digital Signature Service Core Protocols and Elements, April 21 2007 http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.pdf 22

[DSSAdES] OASIS Standard, Advanced Electronic Signature Profiles of the OASIS Digital 23 Signature Service Version 1.0, April 2007 http://docs.oasis-24 open.org/dss/v1.0/oasis-dss-profiles-AdES-spec-v1.0-os.pdf 25

[DSSSigG] OASIS Standard, German Signature Law Profile of the OASIS Digital Signature 26 Service Version 1.0, April 2007 http://docs.oasis-open.org/dss/v1.0/oasis-dss-27 profiles_german_signature_law-spec-v1.0-os.pdf 28

[DSSVR-XSD] D. Hühnlein, I. Henkel, J. C. Cruellas, S. Drees, A. Kuehne, et. al.: “DSS 29 Verification Report Schema”, July 2009 http://www.oasis-30 open.org/committees/download.php/33059/VerificationReport-CD1.xsd 31

[DSSVisSig] OASIS Committee Draft 01, Visual Signature Profile of the OASIS Digital 32 Signature Services, April 2009 http://docs.oasis-open.org/dss-33 x/profiles/visualsig/v1.0/cd01/oasis-dssx-1.0-profiles-visualsig-cd1.pdf 34

[EC/1999/93] Directive 1999/93/EC of the European Parliament and of the Council of 13 35 December 1999 on a Community framework for electronic signatures 36 (http://europa.eu.int/eurlex/pri/en/oj/dat/2000/l 013/l 37 01320000119en00120020.pdf) 38

[ETSI102231-2.1.1] ETSI: “Provision of harmonized Trust-service status information”, Electronic 39 Signatures and Infrastructure (ESI) – Technical Specification, ETSI TS 102231 40 Version 2.1.1 of March 2006 41

[ETSI102231-3.1.2] ETSI: “Provision of harmonized Trust-service status information”, Electronic 42 Signatures and Infrastructure (ESI) – Technical Specification, ETSI TS 102231, 43 Version 3.1.2 of December 2009 (http://uri.etsi.org/02231/v3.1.2/) 44


[RFC2119] S. Bradner: “Key words for use in RFCs to Indicate Requirement Levels”, IETF 45 RFC 2119 (http://www.ietf.org/rfc/rfc2119.txt) 46

[RFC2560] M. Myers, R. Ankney, A. Malpani, S. Galperin, C. Adams: “X.509 Internet Public 47 Key Infrastructure - Online Certificate Status Protocol – OCSP”, IETF RFC 2560 48 (http://www.ietf.org/rfc/rfc3161.txt) 49

[RFC3161] C. Adams, P. Cain, D. Pinkas, R. Zuccherato: “Internet X.509 Public Key 50 Infrastructure Time-Stamp Protocol (TSP)”, IETF RFC 3161 51 (http://www.ietf.org/rfc/rfc3161.txt) 52

[RFC3275] D. Eastlage, J. Reagle, D. Solo: “(Extensible Markup Language) XML Signature 53 Syntax and Processing”, IETF RFC 3275 (http://www.ietf.org/rfc/rfc3275.txt) 54

[RFC3281] S. Farrell, R. Housley: “An Internet Attribute Certificate Profile for Authorization”, 55 IETF RFC 3281 (http://www.ietf.org/rfc/rfc3281.txt) 56

[RFC3852] R. Housley: “Cryptographic Message Syntax (CMS)”. IETF RFC 3852, 57 (http://www.ietf.org/rfc/rfc3852.txt) 58

[RFC4514] K. Zeilenga, Ed.: “Lightweight Directory Access Protocol (LDAP): String 59 Representation of Distinguished Names”, IETF RFC 4514 60 (http://www.ietf.org/rfc/rfc4514.txt) 61

[RFC4998] T. Gondrom, R. Brandner, U. Pordesch: “Evidence Record Syntax (ERS)”, IETF 62 RFC 4998 (http://www.ietf.org/rfc/rfc4998.txt) 63

[RFC5280] D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, W. Polk: “Internet 64 X.509 Public Key Infrastructure, Certificate and Certificate Revocation List (CRL) 65 Profile”, IETF RFC 5280 (http://www.ietf.org/rfc/rfc5280.txt) 66

[SAMLCore1.1] OASIS Standard, Assertions and Protocol for the OASIS Security Assertion 67 Markup Language (SAML) V 1.1, September 2003 http://www.oasis-68 open.org/committees/download.php/3406/oasis-sstc-saml-core-1.1.pdf 69

[SAMLCore2.0] OASIS Standard, Assertions and Protocols for the OASIS Security Assertion 70 Markup Language (SAML) V2.0, March 2005 http://docs.oasis-71 open.org/security/saml/v2.0/saml-core-2.0-os.pdf 72

[XAdES] ETSI: “XML Advanced Electronic Signatures (XAdES)”, ETSI TS 101 903, 73 Version 1.3.2, March 2006 74

[XML-ns] T. Bray, D. Hollander, A. Layman: “Namespaces in XML”, W3C 75 Recommendation, January 1999 (http://www.w3.org/TR/1999/REC-xml-names-76 19990114) 77

[XMLSig] D. Eastlake et al. “XML-Signature Syntax and Processing”, W3C 78 Recommendation, June 2008 (http://www.w3.org/TR/xmldsig-core/) 79

1.3 Namespaces 80

The structures described in this specification are contained in the schema file [DSSVR-XSD]. All schema 81 listings in the current document are excerpts from the schema file. In the case of a disagreement between 82 the schema file and this document, the schema file takes precedence. 83 This schema is associated with the following XML namespace: 84

urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:schema# 85

If a future version of this specification is needed, it will use a different namespace. 86 87 Conventional XML namespace prefixes are used in this document: 88 • The prefix vr: (or no prefix) stands for this profiles namespace [DSSVR-XSD]. 89

• The prefix ds: stands for the W3C XML Signature namespace [XMLSig]. 90

• The prefix dss: stands for the DSS core namespace [Core-XSD]. 91


• The prefix saml: stands for the OASIS SAML Schema namespace [SAMLCore1.1]. 92

• The prefix xades: stands for ETSI XML Advanced Electronic Signatures (XAdES) document 93 [XAdES]. 94

95 Applications MAY use different namespace prefixes, and MAY use whatever namespace 96 defaulting/scoping conventions they desire, as long as they are compliant with the Namespaces in XML 97 specification [XML-ns]. 98 99


2 Profile Features 100

2.1 Overview 101

While the DSS Verifying Protocol specified in Section 4 of [DSSCore] allows to verify digital signatures 102 and time stamps, this protocol is fairly limited with respect to the verification of multiple signatures in a 103 single request (cf. Section 4.3.1 of [DSSCore]). 104 In a similar manner it is possible to request and provide processing details (cf. Section 4.5.5 of 105 [DSSCore]), but this simple mechanism does not support the verification of multiple signatures in a single 106 request.and there are no defined structures yet, which reflect the necessary steps in the verification of a 107 complex signature, like an advanced electronic signature according to the European Directive 108 [EC/1999/93] for example. 109 Therefore the present profile defines how 110 • individual verification results may be returned, if multiple signatures are part of a 111

<dss:VerifyRequest> and 112

• detailed information gathered in the various steps taken during verification may be included in the 113 response to form a comprehensive verification report. 114

The requester MAY request the activation of this profile by sending a <ReturnVerificationReport> 115 element (cf. Section 3.1) in <dss:OptionalInputs>. A responder, which conforms to the present 116 profile SHALL return a <VerificationReport> element (cf. Section 3.2) in 117 <dss:OptionalOutputs>. 118

2.2 Scope 119

This document profiles the DSS Verifying Protocol (cf. [DSSCore], Section 4). 120 It does not profile the DSS Signing Protocol (cf. [DSSCore], Section 3) and does neither specify nor 121 constrain 122 • the type of signature object, 123 • the transport binding or 124 • the security binding. 125

2.3 Relationship To Other Profiles 126

This profile is based directly on the [DSSCore]. This profile is intended to be combined with other profiles 127 freely. 128

2.4 Profile Identifier 129

The DSS-client MAY use the following identifier in the Protocol attribute of a VerifyRequest: 130

urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport 131

The DSS-server MAY use this identifier in the VerifyResponse. 132


3 Verification Reports within DSS Verifying Protocol 133

134

3.1 Element <ReturnVerificationReport> 135

The <ReturnVerificationReport>-element is an optional input for the DSS Verifying Protocol to 136 request an individual report for each signature. It is defined as follows: 137 138

<element name="ReturnVerificationReport"> 139 <complexType> 140 <sequence> 141 <element name="IncludeVerifier" type="boolean" 142 maxOccurs="1" minOccurs="0" default="true" /> 143 <element name="IncludeCertificateValues" type="boolean" 144 maxOccurs="1" minOccurs="0" default="false" /> 145 <element name="IncludeRevocationValues" type="boolean" 146 maxOccurs="1" minOccurs="0" default="false" /> 147 <element name="ExpandBinaryValues" type="boolean" 148 maxOccurs="1" minOccurs="0" default="false"/> 149 <element name="ReportDetailLevel" type="anyURI" 150 maxOccurs="1" minOccurs="0" 151 default="urn:oasis:names:tc:dss:1.0:profiles: 152 verificationreport:reportdetail:allDetails" /> 153 </sequence> 154 </complexType> 155 </element> 156

157 It contains the following elements: 158 <IncludeVerifier> [Default] 159

This option specifies, whether the identity of the verifier should be included into the report or not. This 160 is especially useful when (possibly time stamped) reports are archived. It defaults to ‘true’. 161

<IncludeCertificateValues> [Default] 162 With this option it is possible to include the certificate values, which are used to verify the signature (in 163 binary form or as equivalent XML structure) into the report. This option defaults to ‘false’. 164

<IncludeRevocationValues> [Default] 165 This option specifies, whether the used revocation values (OCSP responses, CRLs and TSLs) should 166 be included (in binary form or as equivalent XML structure) into the report or not. It defaults to ‘false’. 167

<ExpandBinaryValues> [Default] 168

If this element is set to true a server which fulfills the conformance level “Convenient” MUST include 169 the content of certificates and revocation information not only as ASN.1-coded binary values into the 170 verification report, but also as equivalent XML structures. This option defaults to ‘false’. 171

<ReportDetailLevel> [Optional] 172 This option specifies the detail level of the verification report. The following options are defined: 173 – urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:reportdetail:noDetails 174

For every signature only the final result of the verification is reported. 175 – urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:reportdetail:noPathDetails 176

Additionally to the final result also the details of the signature verification including the result of 177 the certificate path validation are reported. The details concerning the validation of individual 178 certificates in the path are omitted however. 179


– urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:reportdetail:allDetails 180 For every signature, the certificate path details and details on the validation of individual 181 certificates in the path are requested. For every signature, the certificate path and each individual 182 certificate the details are reported. If the <ReportDetailLevel>-element is missing, this 183 option is assumed as default. 184

3.2 Element <VerificationReport> 185

If the element <ReturnVerificationReport> is provided as optional input in the request, the server 186 MUST include in the response the element <VerificationReport> as optional output: 187 188

<element name="VerificationReport" type="vr:VerificationReportType" /> 189

190 The VerificationReportType is the base structure for verification reports defined by this profile. It is 191 defined as follows: 192 193

<complexType name="VerificationReportType"> 194 <sequence> 195 <element ref="dss:VerificationTimeInfo" maxOccurs="1" 196 minOccurs="0" /> 197 <element name="VerifierIdentity" type="vr:IdentifierType" 198 maxOccurs="1" minOccurs="0" /> 199 <element name="IndividualReport" maxOccurs="unbounded" 200 type="vr:IndividualReportType" minOccurs="0" /> 201 </sequence> 202 </complexType> 203

204 It contains the following elements: 205 <VerificationTimeInfo> [Optional] 206

This element MAY contain the verification time, which was used by the server and other relevant time 207 instants. 208

<VerifierIdentity> [Optional] 209 This element contains the identity of the verifier, if the report option <IncludeVerifier> was set to 210 ‘true’. It is of type vr:IdentifierType, which is defined below. 211

<IndividualReport> [Optional, Unbounded] 212 For each independent1 signed object (signature, time stamp, certificate, CRL, OCSP-response, 213 evidence record etc.) that has been used in the signature verification process there will be one 214

1 A signed object x is called independent of another signed object y, if x was produced and can be verified without y and y was produced and can be verified without x. If a time stamp, certificate, CRL, OCSP-response etc. is included as unsigned attribute or property in an advanced electronic signature it is not independent of the signature for example.


<IndividualReport>-element in the verification report. The details of this element are specified in 215 the following section. 216

The IdentifierType MAY contain different types of identifiers. It is defined as follows: 217 218

<complexType name="IdentifierType"> 219 <sequence> 220 <element ref="ds:X509Data" maxOccurs="1" minOccurs="0" /> 221 <element name="SAMLv1Identifier" type="saml:NameIdentifierType" 222 maxOccurs="1" minOccurs="0" /> 223 <element name="SAMLv2Identifier" type="saml2:NameIDType" 224 maxOccurs="1" minOccurs="0" /> 225 <element name="Other" type="dss:AnyType" maxOccurs="1" 226 minOccurs="0" /> 227 </sequence> 228 </complexType> 229

230 It MAY contain the following elements or other identifying information: 231 <ds:X509Data> [Optional] 232

This element contains, if present, an X.509-certificate or certificate related information. Please refer to 233 [RFC3275] for further details with respect to the ds:X509Data-element. 234

<SAMLv1Identifier> [Optional] 235 This element contains, if present, an identifier of type saml:NameIdentifierType as defined in 236 [SAMLCore1.1]. 237

<SAMLv2Identifier> [Optional] 238 This element contains, if present, an identifier of type saml2:NameIDType as defined in 239 [SAMLCore2.0]. 240

<Other> [Optional] 241 This element MAY contain, if present, other identifying information. 242 243

3.3 Element <IndividualReport> 244

245 The element <IndividualReport> is part of the <VerificationReport>-element (see Section 3.2) 246 and is of type IndividualReportType, which is defined as follows: 247 248

<complexType name="IndividualReportType"> 249 <sequence> 250 <element name="SignedObjectIdentifier" 251 type="vr:SignedObjectIdentifierType"/> 252 <element ref="dss:Result"/> 253 <element name="Details" type="dss:AnyType" maxOccurs="1" 254 minOccurs="0" /> 255 </sequence> 256 </complexType> 257

258 It contains the following elements: 259 <SignedObjectIdentifier> [Required] 260

This element identifies the signature or validation data under consideration. The details of the 261 SignedObjectIdentifierType are specified below. 262


<Result> [Required] 263 The result of the signature verification as defined in section 2.6 of [DSSCore]. 264

<Details> [Optional] 265 The <Details> element MAY contain a detailed report for the signature or validation data under 266 consideration or any other signature-specific optional output defined in Section 4.5 of [DSSCore]. 267 The corresponding elements, which are specified in this document for this purpose are listed in 268 Section 4.2. 269

270 The SignedObjectIdentifierType is defined as follows: 271 272

<complexType name="SignedObjectIdentifierType"> 273 <sequence> 274 <element name="DigestAlgAndValue" 275 type="XAdES:DigestAlgAndValueType" maxOccurs="1" minOccurs="0"/> 276 <element ref="ds:CanonicalizationMethod" maxOccurs="1" minOccurs="0" /> 277 <element name="SignedProperties" 278 type="vr:SignedPropertiesType" maxOccurs="1" minOccurs="0" /> 279 <element ref="ds:SignatureValue" maxOccurs="1" minOccurs="0" /> 280 <element name="Other" type="dss:AnyType" maxOccurs="1" minOccurs="0" /> 281 </sequence> 282 <attribute name="WhichDocument" type="IDREF" use="optional"/> 283 <attribute name="XPath" type="string" use="optional"/> 284 <attribute name="Offset" type="integer" use="optional"/> 285 <attribute name="FieldName" type="string" use="optional"/> 286 </complexType> 287

288 The set of child elements of the SignedObjectIdentifierType SHOULD be chosen to identify the 289 signature or validation data in a given context in an unambiguous manner. 290 It contains the following attributes and elements: 291 <DigestAlgAndValue> [Optional] 292

This element contains, if present, the hash value of the signature or validation data under 293 consideration, where the signed object itself (e.g. the <ds:Signature>-element in case of an XML-294 signature according to [RFC3275], the SignedData-structure in case of a CMS-signature according 295 to [RFC3852] or a time stamp according to [RFC3161], the Certificate- or CertificateList-296 structure in case of an X.509-certificate or CRL according to [RFC5280] or the OCSPResponse-297 structure in case of an OCSP-response according to [RFC2560] for example) serves as input for the 298 hash-calculation. The structure of the DigestAlgAndValueType is defined in [XAdES]. This 299 element SHOULD NOT be used if the unique identification can be guaranteed by other elements. 300

<ds:CanonicalizationMethod> [Optional] 301 This element indicates, if present, the canonicalization method to be used before hashing XML-302 formatted data. Please refer to [RFC3275] for details of this element. This element is only necessary if 303 XML-based structures are subject to hashing. 304

<SignedProperties> [Optional] 305 This element contains, if present, any number of signed properties, which may be useful to identify the 306 signature under consideration. This MAY comprise information about the signatory and the signing 307 time for example. The structure of the SignedPropertiesType is defined in Section 3.5.4.2. In case 308 of signatures according to [RFC3275] or [RFC3852] this element SHOULD be present. 309

<ds:SignatureValue> [Optional] 310 This element specifies, if present, the binary signature value of the signature under consideration. This 311 element SHOULD be present – particulary if the used signature algorithm is randomized and hence 312 this element may serve as unique identifier. 313


<Other> [Optional] 314 This element MAY contain other elements, which (help to) identify a signature or related validation 315 data in a unique manner. 316

WhichDocument [Optional] 317 This attribute MAY specify the document which contains the signature under consideration. Note that 318 this identifier is only unique with respect to a specific request message (see [DSSCore], Section 319 2.4.1). 320

XPath [Optional] 321

This attribute MAY be used to point to a specific signature within an XML document. 322 Offset [Optional] 323

This attribute specifies the first byte of some signature and MAY be used to point to a specific 324 signature within some binary document. 325

FieldName [Optional] 326 This attribute specifies the name of a signature field and MAY be used to point to a specific signature 327 within some document format, in which there are field names such as PDF for example. 328

3.4 VerificationResultType 329

The VerifcationResultType defined below is extensively used in the present profile to indicate the 330 success or failure of individual verification steps. 331 This type draws from the dss:Result-element and the dss:DetailType defined in [DSSCore] and is 332 defined as follows: 333

<complexType name="VerificationResultType"> 334 <sequence> 335 <element name="ResultMajor" type="anyURI"/> 336 <element name="ResultMinor" type="anyURI" minOccurs="0"/> 337 <element name="ResultMessage" type="dss:InternationalStringType" 338 minOccurs="0"/> 339 <any namespace="##other" processContents="lax" minOccurs="0" 340 maxOccurs="unbounded"/> 341 </sequence> 342 </complexType> 343

344 <ResultMajor> [Required] 345

This element MUST indicate whether the verification result is valid, invalid or indetermined using the 346 URIs defined in [DSSCore]: 347 • urn:oasis:names:tc:dss:1.0:detail:valid 348

• urn:oasis:names:tc:dss:1.0:detail:invalid 349

• urn:oasis:names:tc:dss:1.0:detail:indetermined 350 <ResultMinor> [Optional] 351

In case of an invalid or indetermined verification step, further details MAY be provided using a specific 352 URI defined in this document or other profiles. 353

<ResultMessage> [Optional] 354 Especially in case of an invalid or indetermined verification step, further details MAY be provided in 355 textual form. 356

Furthermore an element of type VerificationResultType MAY contain other elements. 357


3.5 Element <DetailedSignatureReport> 358

The <DetailedSignatureReport>-element MAY appear in the <Details>-element within the 359 <IndividualReport>-element, which is specified in Section 3.3 above. This element is defined as 360 follows: 361

<element name="DetailedSignatureReport" 362 type="vr:DetailedSignatureReportType" /> 363

364 The DetailedSignatureReportType in turn is specified as follows: 365 366

<complexType name="DetailedSignatureReportType"> 367 <sequence> 368 <element name="FormatOK" type="vr:VerificationResultType" /> 369 <element name="Properties" type="vr:PropertiesType" 370 maxOccurs="1" minOccurs="0" /> 371 <element ref="dss:VerifyManifestResults" maxOccurs="1" 372 minOccurs="0" /> 373 <element name="SignatureHasVisibleContent" type="boolean" 374 maxOccurs="1" minOccurs="0"/> 375 <element name="SignatureOK" 376 type="vr:SignatureValidityType" /> 377 <element name="CertificatePathValidity" 378 type="vr:CertificatePathValidityType" /> 379 </sequence> 380 </complexType> 381

382 It contains the following elements: 383 <FormatOK> [Required] 384

This element indicates, whether the format of the signature is ok or not. More information on the use of 385 the VerificationResultType may be found in Section 3.4. 386

<Properties> [Optional] 387

This element contains information gathered during the verification of signed or unsigned properties. 388 The structure of the PropertiesType is defined in Section 3.5.4. 389

<VerifyManifestResults> [Optional] 390 This element is present, if a manifest verification has been performed. The structure and the 391 semantics of this element is described in Section 4.5.1 of [DSSCore]. 392

<SignatureHasVisibleContent> [Optional] 393 This element is only present if the FieldName-attribute (cf. Section 3.3) is present and indicates 394 whether the signature under consideration has visual signature content as explained in [DSSVisSig]. 395

<SignatureOK> [Required] 396

This element contains information about the mathematical validity of the digital signature under 397 consideration. It is of type SignatureValidityType, which is specified in Section 3.5.1. 398

<CertificatePathValidity> [Required] 399 This element contains the results of the certificate path validation. The CertificatePathValidityType is 400 defined in section 3.5.3. 401

3.5.1 SignatureValidityType 402

The SignatureValidityType is used in the definition of the <DetailedSignatureReport>-element 403 above for example and it is specified as follows: 404


405

<complexType name="SignatureValidityType"> 406 <sequence> 407 <element name="SigMathOK" type="vr:VerificationResultType" /> 408 <element name="SignatureAlgorithm" 409 type="vr:AlgorithmValidityType" 410 maxOccurs="1" minOccurs="0"/> 411 </sequence> 412 </complexType> 413

414 It comprises the following elements: 415 <SigMathOK> [Required] 416

Contains information about the mathematical validity of the digital signature under consideration, More 417 information on the use of the VerificationResultType may be found in Section 3.4. 418

<SignatureAlgorithm> [Optional] 419 This element MAY contain information about the applied signature algorithm. It is of type 420 AlgorithmValidityType, which is defined below. 421 422

3.5.2 AlgorithmValidityType 423

The AlgorithmValidityType is used in the definition of the SignatureValidityType above for example 424 and is specified as follows: 425

426

<complexType name="AlgorithmValidityType"> 427 <sequence> 428 <element name="Algorithm" type="anyURI" /> 429 <element name="Parameters" type="dss:AnyType" maxOccurs="1" 430 minOccurs="0" /> 431 <element name="Suitability" type="vr:VerificationResultType" 432 maxOccurs="1" minOccurs="0"/> 433 </sequence> 434 </complexType> 435

436

<Algorithm> [Required] 437 This element contains the URI for the algorithm. 438

<Parameters> [Optional] 439 This element MAY contain further parameters for the cryptographic algorithm. 440

<Suitabiltity> [Optional] 441

This element MAY contain the information about the suitability of the algorithm under consideration. 442 Note that it MAY depend on the policy of the specific signature and/or the policy under which the DSS 443 server is operated, whether the suitability of the algorithms is verified and what kind of algorithms are 444 considered appropriate under given circumstances and which are not. More information on the use of 445 the VerificationResultType may be found in Section 3.4. 446

3.5.3 CertificatePathValidityType 447

The <CertificatePathValidity>-element is of type CertificatePathValidityType and is used in the 448 definition of 449 • DetailedSignatureReportType (see above), 450 • AttributeCertificateValidityType (see Section 3.5.4.3), 451


• CRLValidityType (see Section 3.5.3.4), 452 • OCSPValidityType (see Section 3.5.3.5) and 453 • TimeStampValidityType (see Section 3.5.4.4). 454 455 It is specified as follows: 456 457

<complexType name="CertificatePathValidityType"> 458 <sequence> 459 <element name="PathValiditySummary" 460 type="vr:VerificationResultType" /> 461 <element name="CertificateIdentifier" 462 type="ds:X509IssuerSerialType" /> 463 <element name="PathValidityDetail" 464 type="vr:CertificatePathValidityDetailType" 465 minOccurs="0" maxOccurs="1"/> 466 </sequence> 467 </complexType> 468

469 It contains the following elements: 470 <PathValiditySummary> [Required] 471

This element is of type VerificationResultType (see Section 3.4) and contains a summary of the 472 result of the certificate path validation. 473

<CertificateIdentifier> [Required] 474 This element is of type ds:X509IssuerSerialType (see Section 4.4.4 of [RFC3275]) and contains a 475 unique reference to the certificate whose path has been checked. 476

<PathValidityDetail> [Optional] 477 Contains detailed results of the certificate path validation, if the element <ReportDetailLevel> in 478 the report options (see Section 3.1) was set to urn:oasis:names:tc:dss:1.0: 479 profiles:verificationreport:reportdetail:allDetails and the detailed validity information has not been 480 included elsewhere in the verification report. 481 482

The structure of CertificatePathValidityDetailType is specified as follows: 483 484

<complexType name="CertificatePathValidityDetailType"> 485 <sequence> 486 <sequence maxOccurs="unbounded" minOccurs="0"> 487 <element name="CertificateValidity" 488 type="vr:CertificateValidityType" /> 489 </sequence> 490 <element name="TSLValidity" 491 type="dss:AnyType" maxOccurs="1" minOccurs="0" /> 492 <element name="TrustAnchor" type="vr:VerificationResultType" /> 493 </sequence> 494 </complexType> 495

496 It contains the following elements: 497 <CertificateValidity> [Optional, Unbounded] 498

For every certificate in the certificate path there will be a <CertificateValidity>-element, which 499 provides information about the validity of the specific certificate. The structure of the 500 CertificateValidityType is defined below. 501


<TSLValidity> [Optional] 502 This element contains information about the validity of a Trust-service Status List (TSL) according to 503 [ETSI102231-2.1.1] or [ETSI102231-3.1.2] for example. This element SHOULD contain information 504 about 505

• the TSL-scheme under consideration, as provided by a SchemeInformation element, 506

• the Trust-service providers and their services, as provided by a 507 TrustServiceProviderList element, 508

• the measures for protecting the integrity and authenticity of the TSL-related information and 509 the result of the corresponding verification step. If the integrity and authenticity is protected by 510 means of an electronic signature, it is RECOMMENDED to include a 511 DetailedSignatureReport element. If the integrity is protected by a time stamp it is 512 RECOMMENDED to include an IndividualTimeStamp element etc. . 513

<TrustAnchor> [Required] 514 This element indicates how the trusted root certificate, which is used as trust anchor within the 515 verification process, is stored. The following URIs are defined for this purpose: 516

• urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:trustanchor:SSCD – indicates that the 517 trusted root certificate is stored within a secure signature creation device according to 518 [EC/1999/93]. 519

• urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:trustanchor:otherCard – indicates that 520 the trusted root certificate is stored within some other hardware token. 521

• urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:trustanchor:certDataBase – indicates 522 that the trusted root certificate is stored within some certificate data base. 523

• urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:trustanchor:other – indicates that the 524 trusted root certificate is stored using other means. 525

526

3.5.3.1 CertificateValidityType 527

528 The CertificateValidityType contains information about the validity of a single certificate and is defined 529 as follows: 530 531

<complexType name="CertificateValidityType"> 532 <sequence> 533 <element name="CertificateIdentifier" type="ds:X509IssuerSerialType" /> 534 <element name="Subject" type="string" /> 535 <element name="ChainingOK" type="vr:VerificationResultType" 536 maxOccurs="1" minOccurs="0"/> 537 <element name="ValidityPeriodOK" type="vr:VerificationResultType" /> 538 <element name="ExtensionsOK" type="vr:VerificationResultType" /> 539 <element name="CertificateValue" type="base64Binary" 540 maxOccurs="1" minOccurs="0" /> 541 <element name="CertificateContent" 542 type="vr:CertificateContentType" maxOccurs="1" minOccurs="0" /> 543 <element name="SignatureOK" 544 type="vr:SignatureValidityType" /> 545 <element name="CertificateStatus" type="vr:CertificateStatusType" /> 546 </sequence> 547 </complexType> 548

549 It contains the following elements: 550 <CertificateIdentifier> [Required] 551


This element is of type ds:X509IssuerSerialType (see [RFC3275], Section 4.4.4) and identifies the 552 certificate under consideration. 553

<Subject> [Required] 554

This element contains the subject of the certificate, where the string representation of distinguished 555 names defined in [RFC4514] MUST be used and hence an example of a <Subject>-element may be 556 CN=John Doe,O=Foo Inc.,OU=Sales etc. 557

<ChainingOK> [Optional] 558 If present, this element indicates whether the chaining to a previous certificate in the certificate path is 559 ok or not. If the certificate under consideration is the first certificate in the certificate path, this element 560 SHOULD be omitted. More information on the use of the VerificationResultType may be found in 561 Section 3.4. 562

<ValidityPeriodOK> [Required] 563 This element indicates, whether the reference point in time is within the validity period of the 564 certificate. More information on the use of the VerificationResultType may be found in Section 3.4. 565

<ExtensionsOK> [Required] 566 This element indicates, whether the certificate extensions are correct. More information on the use of 567 the VerificationResultType may be found in Section 3.4. 568

<CertificateValue> [Optional] 569 If present, this element contains the certificate in binary form (coded in ASN.1), if the report option 570 <IncludeCertificateValues> is set to ‘true’ and if the certificate is not already included in the 571 verification report. 572

<CertificateContent> [Optional] 573 If present, this element contains detailed information about the content of the certificate, if the report 574 option <ExpandBinaryValues> is set to ‘true’ and if the certificate content is not already included in 575 the verification report. 576

<SignatureOK> [Required] 577

This element indicates, whether the digital signature of the certificate is mathematically correct or not. 578 The SignatureValidityType is defined in section 3.5.1. 579

<CertificateStatus> [Required] 580 This element contains information about the result of the certificate revocation check. The 581 CertificateStatusType is defined in Section 3.5.3.3. 582 583

3.5.3.2 CertificateContentType 584

585 The CertificateContentType is used in CertificateValidityType and derived from the 586 TBSCertificate-structure defined in [RFC5280] specified as follows: 587 588

<complexType name="CertificateContentType"> 589 <sequence> 590 <element name="Version" type="integer" maxOccurs="1" 591 minOccurs="0" /> 592 <element name="SerialNumber" type="integer" /> 593 <element name="SignatureAlgorithm" type="anyURI" /> 594 <element name="Issuer" type="string" /> 595 <element name="ValidityPeriod" type="vr:ValidityPeriodType" /> 596 <element name="Subject" type="string" /> 597 <element name="Extensions" type="vr:ExtensionsType" 598 minOccurs="0" /> 599


</sequence> 600 </complexType> 601

602 It contains the following elements: 603 <Version> [Optional] 604

This element contains, if present, the version of the certificate structure. 605 <SerialNumber> [Required] 606

This element MUST contain the serial number of the certificate. 607 <SignatureAlgorithm> [Required] 608

This element MUST contain an identifier of the used signature algorithm. The 609 vr:VerificationResultType is defined in Section 3.4. 610

<Issuer> [Required] 611 This element MUST contain the issuer of the certificate, where different relative distinguished names 612 in a sequence MAY be separated by “:”. 613

<ValidityPeriod> [Required] 614 This element MUST contain the validity period of the certificate. The ValidityPeriodType is defined 615 below. 616

<Subject> [Required] 617 This element contains the subject of the certificate, where the string representation of distinguished 618 names defined in [RFC4514] MUST be used and hence an example of a <Subject>-element may be 619 CN=John Doe,O=Foo Inc.,OU=Sales etc. 620

621 <Extensions> [Optional] 622

If present, this element contains information about the list of extensions present in the certificate under 623 consideration. The ExtensionsType is defined below. 624

625 The ValidityPeriodType is specified as follows: 626 627

<complexType name="ValidityPeriodType"> 628 <sequence> 629 <element name="NotBefore" type="dateTime" /> 630 <element name="NotAfter" type="dateTime" /> 631 </sequence> 632 </complexType> 633

634 It contains the following elements: 635 <NotBefore> [Required] 636

The certificate is not valid before this point in time. 637 <NotAfter> [Required] 638

The certificate is not valid after this point in time. 639 640 The ExtensionsType is specified as follows: 641 642

<complexType name="ExtensionsType"> 643 <sequence minOccurs="0" maxOccurs="unbounded"> 644


<element name="Extension" type="vr:ExtensionType" /> 645 </sequence> 646 </complexType> 647

648 It contains an unbounded number <Extension>-elements of type ExtensionType. This type is defined 649 as follows: 650 651

<complexType name="ExtensionType"> 652 <sequence> 653 <element name="ExtnId" type="XAdES:ObjectIdentifierType" /> 654 <element name="Critical" type="boolean" /> 655 <element name="ExtnValue" type="dss:AnyType" maxOccurs="1" 656 minOccurs="0" /> 657 <element name="ExtensionOK" type="vr:VerificationResultType" /> 658 </sequence> 659 </complexType> 660

661 It contains the following elements: 662 <ExtnId> [Required] 663

This element MUST contain the identifier of the extension as urn:oid: … in the <Identifier>-664 element and MAY contain further information in the <Description>- and 665 <DocumentationReferences>-elements. Please refer to [XAdES] for more information on the 666 XAdES:ObjectIdentifierType. 667

<Critical> [Required] 668 This element specifies, whether the extension is critical or not. 669 670

<ExtnValue> [Optional] 671 This element SHOULD contain the value of the extension as an XML-structure, which mirrors the 672 original ASN.1-definition of the extension. 673

<ExtensionOK> [Required] 674 This element contains information about the validity of the specific extension within the given context 675 of the certificate. 676

677

3.5.3.3 CertificateStatusType 678

679 The CertificateStatusType is defined as follows: 680 681

<complexType name="CertificateStatusType"> 682 <sequence> 683 <element name="CertStatusOK" type="vr:VerificationResultType" /> 684 <element name="RevocationInfo" maxOccurs="1" 685 minOccurs="0"> 686 <complexType> 687 <sequence> 688 <element name="RevocationDate" type="dateTime" /> 689 <element name="RevocationReason" 690 type="vr:VerificationResultType" /> 691 </sequence> 692 </complexType> 693


</element> 694 <element name="RevocationEvidence" maxOccurs="1" minOccurs="0"> 695 <complexType> 696 <choice> 697 <element name="CRLValidity" 698 type="vr:CRLValidityType" /> 699 <element name="CRLReference" 700 type="XAdES:CRLIdentifierType" /> 701 <element name="OCSPValidity" 702 type="vr:OCSPValidityType" /> 703 <element name="OCSPReference" 704 type="XAdES:OCSPIdentifierType" /> 705 <element name="Other" type="dss:AnyType"/> 706 </choice> 707 </complexType> 708 </element> 709 </sequence> 710 </complexType> 711

712 It contains the following elements: 713 <CertStatusOK> [Required] 714

This element MUST contain the status of the certificate. 715 <RevocationInfo> [Optional] 716

If the certificate is revoked this element will contain more information about the revocation. It is defined 717 to be a sequence, which contains the following elements: 718 • <RevocationDate> 719

contains the date and time of revocation. 720 • <RevocationReason> 721

contains the reason for revocation. Following the definition of CRLReason in [RFC5280] there are 722 the following URIs to specify the revocation reason: 723 • urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:revocationreason:unspecified 724 • urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:revocationreason:keyCompromise 725 • urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:revocationreason:cACompromise 726 • urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:revocationreason:affiliationChanged 727 • urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:revocationreason:superseded 728 • urn:oasis:names:tc:dss-729

x:1.0:profiles:verificationreport:revocationreason:cessationOfOperation 730 • urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:revocationreason:certificateHold 731 • urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:revocationreason:removeFromCRL 732 • urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:revocationreason:privilegeWithdrawn 733 • urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:revocationreason:aACompromise 734

<RevocationEvidence> [Optional, Choice] 735 This element contains, if present, the used source of revocation information. This can be one of the 736 following elements: 737 • <CRLValidity> 738

This element contains information about the used CRL and its validity. The CRLValidityType is 739 defined in Section 3.5.3.4. 740


• <CRLReference> 741 This element contains a reference to the CRL in case it is already included elsewhere in the 742 present verification report. The XAdES:CRLIdentifierType is defined in [XAdES]. 743

• <OCSPValidity> 744 This element contains information about the used OCSP response and its validity. The 745 OCSPValidityType is defined in Section 3.5.3.5. 746

• <OCSPReference> 747 This element contains a reference to the used OCSP response, if it is already included elsewhere 748 in the present verification report. The XAdES:OCSPIdentifierType is defined in [XAdES]. 749

• <Other> 750 This element MAY contain information about alternative sources of revocation information. 751

3.5.3.4 CRLValidityType 752

The CRLValidityType contains information about a CRL and its validity and is specified as follows: 753 754

<complexType name="CRLValidityType"> 755 <sequence> 756 <element name="CRLIdentifier" type="XAdES:CRLIdentifierType" 757 maxOccurs="1" minOccurs="1" /> 758 <element name="CRLValue" type="base64Binary" 759 maxOccurs="1" minOccurs="0" /> 760 <element name="CRLContent" type="vr:CRLContentType" 761 maxOccurs="1" minOccurs="0" /> 762 <element name="SignatureOK" type="vr:SignatureValidityType" /> 763 <element name="CertificatePathValidity" 764 type="vr:CertificatePathValidityType" /> 765 </sequence> 766 <attribute name="Id" type="ID" use="optional" /> 767 </complexType> 768

769 It contains the following attributes and elements: 770 Id [Optional] 771

This attribute contains an optional identifier for the element. 772 <CRLIdentifier> [Required] 773

This element refers to an X.509v2 CRL according to [RFC5280]. 774 <CRLValue> [Optional] 775

If present, this element contains the CRL (encoded in ASN.1) if the report option 776 <IncludeRevocationValues> is set to ‘true’. 777

<CRLContent> [Optional] 778 This element contains, if present, the CRL in form of an equivalent XML structure if the report option 779 <ExpandBinaryValues> is set to ‘true’. The CRLContentType is defined below. 780

<SignatureOK> [Required] 781 This element indicates, whether the digital signature of the CRL is mathematically correct or not. The 782 SignatureValidityType is defined in section 3.5.1. 783

<CertificatePathValidity> [Required] 784 This element contains the result of the validation of the certificate path of the certificate which has 785 been used to sign the CRL. The CertificatePathValidityType is defined at the beginning of Section 786 3.5.3. 787

788


The CRLContentType is aligned to [RFC5280] specified as follows: 789 790

<complexType name="CRLContentType"> 791 <sequence> 792 <element name="Version" minOccurs="0" type="integer" /> 793 <element name="Signature" type="anyURI" /> 794 <element name="Issuer" type="string" /> 795 <element name="ThisUpdate" type="dateTime" /> 796 <element name="NextUpdate" minOccurs="0" type="dateTime" /> 797 <element name="RevokedCertificates" minOccurs="0"> 798 <complexType> 799 <sequence minOccurs="0" maxOccurs="unbounded"> 800 <element name="UserCertificate" type="integer" /> 801 <element name="RevocationDate" type="dateTime" /> 802 <element name="CrlEntryExtensions" minOccurs="0" 803 type="vr:ExtensionsType" /> 804 </sequence> 805 </complexType> 806 </element> 807 <element name="CrlExtensions" type="vr:ExtensionsType" 808 minOccurs="0" /> 809 </sequence> 810 </complexType> 811


This element contains, if present, the version of the CRL-structure. 815 <Signature> [Required] 816

This element contains the algorithm identifier for the algorithm used to sign the CRL. 817 <Issuer> [Required] 818

This element contains the issuer of the CRL, where different relative distinguished names in a 819 sequence MAY be separated by “:”. 820

<ThisUpdate> [Required] 821 This element contains the issue date of the CRL. 822

<NextUpdate> [Optional] 823 This element contains, if present, the date by which the next CRL will be issued. 824

<RevokedCertificates> [Optional] 825

The revoked certificates are contained in an unbounded sequence. They are listed by their serial 826 numbers (element <UserCertificate>). Certificates revoked by the CA are uniquely identified by 827 their certificate serial number. The date on which the revocation occurred is contained in the element 828 <RevocationDate>. Additional information MAY be supplied in the element 829 <CrlEntryExtensions>. 830

<CrlExtensions> [Optional] 831 If present, this element contains information about the list of extensions present in the CRL under 832 consideration. The ExtensionType is defined in Section 3.5.3.2. 833

3.5.3.5 OCSPValidityType 834

The OCSPValidityType contains information about an OCSP-response and its validity and is specified as 835 follows: 836 837


<complexType name="OCSPValidityType"> 838 <sequence> 839 <element name="OCSPIdentifier" type="XAdES:OCSPIdentifierType" /> 840 <element name="OCSPValue" type="base64Binary" 841 maxOccurs="1" minOccurs="0" /> 842 <element name="OCSPContent" type="vr:OCSPContentType" 843 maxOccurs="1" minOccurs="0" /> 844 <element name="SignatureOK" type="vr:SignatureValidityType" /> 845 <element name="CertificatePathValidity" 846 type="vr:CertificatePathValidityType" /> 847 </sequence> 848 <attribute name="Id" type="ID" use="optional" /> 849 </complexType> 850


This attribute contains an optional identifier for the element. 854 <OCSPIdentifier> [Required] 855

This element refers to an OCSP response according to [RFC2560]. 856 <OCSPValue> [Optional] 857

This element contains the OCSP response (encoded in ASN.1) if the report option 858 <IncludeRevocationValues> has been set to ‘true’. 859

<OCSPContent> [Optional] 860

This element contains the OCSP response in form of an equivalent XML structure if the report option 861 <ExpandBinaryValues> has been set to ‘true’. The OCSPContentType is defined below. 862

<SignatureOK> [Required] 863 This element indicates whether the digital signature of the OCSP-response is mathematically correct 864 or not. The SignatureValidityType is defined in section 3.5.1. 865 866 867

<CertificatePathValidity> [Required] 868 This element contains the result of the validation of the certificate path of the certificate which has 869 been used to sign the OCSP-response. The CertificatePathValidityType is defined at the beginning 870 of Section 3.5.3. 871

872 The OCSPContentType is aligned to [RFC2560] specified as follows: 873 874

<complexType name="OCSPContentType"> 875 <sequence> 876 <element name="Version" type="integer" /> 877 <element name="ResponderID" type="string" /> 878 <element name="producedAt" type="dateTime" /> 879 <element name="Responses"> 880 <complexType> 881 <sequence maxOccurs="unbounded" minOccurs="0"> 882 <element name="SingleResponse" 883 type="vr:SingleResponseType" /> 884 </sequence> 885 </complexType> 886 </element> 887 <element name="ResponseExtensions" type="vr:ExtensionsType" 888 maxOccurs="1" minOccurs="0"/> 889


</sequence> 890 </complexType> 891

892 It contains the following elements: 893 <Version> [Required] 894

This element contains the version of the OCSP-response syntax. 895 <ResponderID> [Required] 896

This element contains the name of the OCSP-responder. 897 <producedAt> [Required] 898

This element contains the time at which the OCSP-responder produced the response. 899 <Responses> [Required] 900

This element contains an unbounded sequence of <SingleResponse> entries. The 901 SingleResponseType is defined below. 902

<ResponseExtensions> [Optional] 903 If present, this element contains information about the list of extensions present in the OCSP-response 904 under consideration. The ExtensionsType is defined in Section 3.5.3.2. 905

906 The SingleResponseType is specified as follows: 907 908

<complexType name="SingleResponseType"> 909 <sequence> 910 <element name="CertID"> 911 <complexType> 912 <sequence> 913 <element name="HashAlgorithm" type="anyURI" /> 914 <element name="IssuerNameHash" type="hexBinary" /> 915 <element name="IssuerKeyHash" type="hexBinary" /> 916 <element name="SerialNumber" type="integer" /> 917 </sequence> 918 </complexType> 919 </element> 920 <element name="CertStatus" type="vr:VerificationResultType" /> 921 <element name="ThisUpdate" type="dateTime" /> 922 <element name="NextUpdate" type="dateTime" maxOccurs="1" 923 minOccurs="0" /> 924 <element name="SingleExtensions" type="vr:ExtensionsType" 925 maxOccurs="1" minOccurs="0" /> 926 </sequence> 927 </complexType> 928

929 It contains the following elements: 930 <CertID> [Required] 931

This element contains a sequence of elements, which uniquely identify the certificate (cf. [RFC2560], 932 Section 4.1.1). 933

<CertStatus> [Required] 934 This element contains information about the status of the certificate according to [RFC2560] using the 935 following URI in the ResultMajor-element: 936

• urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:certstatus:good 937 • urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:certstatus:revoked 938


• urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:certstatus:unknown 939 If the certificate is revoked and the revocation reason is present, this information MUST be included in 940 the ResultMinor-element as a URI defined in Section 3.5.3.4. In a similar fashion the revocation 941 time MUST be indicated in the ResultMessage-element. 942

<ThisUpdate> [Required] 943 This element contains the time at which the status being indicated is known to be correct (cf. 944 [RFC2560], Section 2.4). 945

<NextUpdate> [Optional] 946 This element contains, if present, the time until more recent information about the status of the 947 certificate will be available (cf. [RFC2560], Section 2.4). 948

<SingleExtensions> [Optional] 949 If present, this element contains information about the list of extensions present in the 950 SingleResponse-element. The ExtensionType is defined in Section 3.5.3.2. 951

3.5.4 PropertiesType 952

The PropertiesType is used in the definition of the <DetailedReport>-element (see Section 3.5) and 953 is specified as follows: 954 955

<complexType name="PropertiesType"> 956 <sequence> 957 <element name="SignedProperties" 958 type="vr:SignedPropertiesType" minOccurs="0" /> 959 <element name="UnsignedProperties" 960 type="vr:UnsignedPropertiesType" minOccurs="0" /> 961 </sequence> 962 <attribute name="Id" type="ID" use="optional" /> 963 </complexType> 964


This attribute contains, if present, an optional identifier for the element. 968 <SignedProperties> [Optional] 969

This element contains information gathered during the verification of signed properties. Details of the 970 SignedPropertiesType are specified in Section 3.5.4.1. 971

<UnsignedProperties> [Optional] 972

This element contains information gathered during the verification of unsigned properties. Details of 973 the UnsignedPropertiesType are specified in Section 3.5.4.2. 974

3.5.4.1 Signed Properties 975

The SignedPropertiesType is aligned to [XAdES] structured as follows: 976 977

<complexType name="SignedPropertiesType"> 978 <sequence> 979 <element name="SignedSignatureProperties" 980 type="vr:SignedSignaturePropertiesType" maxOccurs="1" 981 minOccurs="0" /> 982 <element name="SignedDataObjectProperties" 983 type="vr:SignedDataObjectPropertiesType" 984 minOccurs="0" /> 985


<element name="Other" type="dss:AnyType" 986 maxOccurs="1" minOccurs="0" /> 987 </sequence> 988 <attribute name="Id" type="ID" use="optional" /> 989 </complexType> 990


This attribute contains an optional identifier for the element. 994 <SignedSignatureProperties> [Optional] 995

This element contains information gathered during the verification of signed properties related to the 996 signature itself. The SignedSignaturePropertiesType is defined in Section 3.5.4.1.1. 997

<SignedDataObjectProperties> [Optional] 998 This element contains information gathered during the verification of signed properties related to the 999 signed data object. The SignedDataObjectPropertiesType is defined in Section 3.5.4.1.2. 1000

<Other> [Optional] 1001 This element contains, if present, information about other signed properties. 1002

3.5.4.1.1 SignedSignaturePropertiesType 1003

The SignedSignaturePropertiesType is aligned to [RFC3275] defined as follows: 1004 1005

<complexType name="SignedSignaturePropertiesType"> 1006 <sequence> 1007 <element ref="XAdES:SigningTime" maxOccurs="1" minOccurs="0" /> 1008 <element ref="XAdES:SigningCertificate" maxOccurs="1" 1009 minOccurs="0" /> 1010 <element ref="XAdES:SignaturePolicyIdentifier" maxOccurs="1" 1011 minOccurs="0" /> 1012 <choice maxOccurs="1" minOccurs="0"> 1013 <element ref="XAdES:SignatureProductionPlace" /> 1014 <element name="Location" type="string" /> 1015 </choice> 1016 <element name="SignerRole" type="vr:SignerRoleType" minOccurs="0" /> 1017 </sequence> 1018 </complexType> 1019

1020 It MAY contain the following elements: 1021 <XAdES:SigningTime> [Optional] 1022

This element contains, if present, the signing time (see Section 5.2.1 of [XAdES]). 1023 <XAdES:SigningCertificate> [Optional] 1024

This element contains, if present, a reference to the certificate upon which the signature is based (see 1025 Section 5.2.2 of [XAdES]). 1026

<XAdES:SignaturePolicyIdentifier> [Optional] 1027 This element references, if present, the policy under which the signature was produced (see Section 1028 5.2.3 of [XAdES]). 1029

<XAdES:SignatureProductionPlace> [Optional, Choice] 1030 This element contains, if present, information about the place where the signature was generated (see 1031 Section 5.2.7 of [XAdES]). This element SHOULD be used in case of a XAdES- or CAdES-based 1032 signature. 1033


<Location> [Optional, Choice] 1034 This element contains, if present, information about the place where the signature was generated (see 1035 Section 5.2.7 of [XAdES]). This element SHOULD be used in case of a PDF-based signature. 1036

<SignerRole> [Optional] 1037 This element contains, if present, information about the role of the signer (see Section 5.2.8 of 1038 [XAdES]). 1039

1040 The SignerRoleType is specified as follows: 1041 1042

<complexType name="SignerRoleType"> 1043 <sequence> 1044 <element name="ClaimedRoles" 1045 type="XAdES:ClaimedRolesListType" minOccurs="0" /> 1046 <element name="CertifiedRoles" 1047 type="vr:CertifiedRolesListType" minOccurs="0" /> 1048 </sequence> 1049 </complexType> 1050

1051 It MAY contain the following elements: 1052 <ClaimedRoles> [Optional] 1053

This element contains information about the claimed roles of the signer. The information is directly 1054 extracted from the signature. 1055

<CertifiedRoles> [Optional] 1056 This element contains information gathered during the verification of attribute certificates. 1057

1058 The CertifiedRolesListType is specified as follows: 1059 1060

<complexType name="CertifiedRolesListType"> 1061 <sequence> 1062 <element name="AttributeCertificateValidity" 1063 type="vr:AttributeCertificateValidityType" 1064 maxOccurs="unbounded" /> 1065 </sequence> 1066 </complexType> 1067

1068 It contains at least one <AttributeCertificateValidity>-element, which contains information 1069 about the content and validity of an attribute certificate according to [RFC3281]. The 1070 AttributeCertificateValidityType is defined in Section 3.5.4.3. 1071

3.5.4.1.2 SignedDataObjectPropertiesType 1072

The SignedDataObjectPropertiesType is defined as follows: 1073 1074

<complexType name="SignedDataObjectPropertiesType"> 1075 <sequence> 1076 <element ref="XAdES:DataObjectFormat" maxOccurs="unbounded" 1077 minOccurs="0" /> 1078 <choice maxOccurs="1" minOccurs="0"> 1079 <element ref="XAdES:CommitmentTypeIndication" 1080 maxOccurs="unbounded" minOccurs="1"/> 1081 <element name="Reason" type="string" /> 1082


</choice> 1083 <element name="AllDataObjectsTimeStamp" 1084 type="vr:TimeStampValidityType" minOccurs="0" 1085 maxOccurs="unbounded" /> 1086 <element name="IndividualDataObjectsTimeStamp" 1087 type="vr:TimeStampValidityType" minOccurs="0" 1088 maxOccurs="unbounded" /> 1089 </sequence> 1090 <attribute name="Id" type="ID" use="optional" /> 1091 </complexType> 1092


This attribute contains an optional identifier for the element. 1096 <XAdES:DataObjectFormat> [Optional, Unbounded] 1097

This element contains information about the format of the signed data object (see Section 5.2.5 of 1098 [XAdES]). This information is simply extracted from the signature. 1099

<XAdES:CommitmentTypeIndication> [Choice, Unbounded] 1100

This element contains, if present, an indication of the type of commitment implied by the signature 1101 (see Section 5.2.6 of [XAdES]). This element SHOULD be used in case of a XAdES- or CAdES-based 1102 signature. 1103

<Reason> [Choice] 1104 This element contains, if present, a description of the reason of the signature generation. This element 1105 is only relevant in case of a PDF-based signature identified by a FieldName-attribute (cf. Section 1106 3.3). 1107

<AllDataObjectsTimeStamp> [Optional, Unbounded] 1108

This element contains, if present, verification results for time stamps covering all data objects (see 1109 Section 5.2.6 of [XAdES]). The TimeStampValidityType is described in Section 3.5.4.4. 1110

<IndividualDataObjectsTimeStamp> [Optional, Unbounded] 1111 This element contains, if present, verification results for time stamps covering only certain data objects 1112 (see Section 5.2.10 of [XAdES]). The TimeStampValidityType is described in section 3.5.4.4. 1113

3.5.4.2 Unsigned Properties 1114

The UnsignedPropertiesType is specified as follows: 1115 1116

<complexType name="UnsignedPropertiesType"> 1117 <sequence> 1118 <element name="UnsignedSignatureProperties" 1119 type="vr:UnsignedSignaturePropertiesType" minOccurs="0" /> 1120 <element ref="XAdES:UnsignedDataObjectProperties" 1121 maxOccurs="1" minOccurs="0" /> 1122 <element name="Other" type="dss:AnyType" maxOccurs="1" 1123 minOccurs="0"> 1124 </element> 1125 </sequence> 1126 <attribute name="Id" type="ID" use="optional" /> 1127 </complexType> 1128



This attribute contains an optional identifier for the element. 1132 <UnsignedSignatureProperties> [Optional] 1133

This element contains information gathered during the verification of the unsigned properties related to 1134 the signature itself. The UnsignedSignaturePropertiesType is defined below. 1135

<XAdES:UnsignedDataObjectProperties> [Optional] 1136

This element contains unsigned properties referring to the signed data objects. These properties are 1137 directly extracted from the signature. 1138

<Other> [Optional] 1139 This element MAY contain information about other unsigned properties. 1140

1141 The UnsignedSignaturePropertiesType is defined as follows: 1142 1143

<complexType name="UnsignedSignaturePropertiesType"> 1144 <choice maxOccurs="unbounded"> 1145 <element name="CounterSignature" type="vr:SignatureValidityType" /> 1146 <element name="SignatureTimeStamp" type="vr:TimeStampValidityType" /> 1147 <element ref="XAdES:CompleteCertificateRefs" /> 1148 <element ref="XAdES:CompleteRevocationRefs" /> 1149 <element ref="XAdES:AttributeCertificateRefs" /> 1150 <element ref="XAdES:AttributeRevocationRefs" /> 1151 <element name="SigAndRefsTimeStamp" 1152 type="vr:TimeStampValidityType" /> 1153 <element name="RefsOnlyTimeStamp" type="vr:TimeStampValidityType" /> 1154 <element name="CertificateValues" type="vr:CertificateValuesType" /> 1155 <element name="RevocationValues" type="vr:RevocationValuesType" /> 1156 <element name="AttrAuthoritiesCertValues" 1157 type="vr:CertificateValuesType" /> 1158 <element name="AttributeRevocationValues" 1159 type="vr:RevocationValuesType" /> 1160 <element name="ArchiveTimeStamp" type="vr:TimeStampValidityType" /> 1161 </choice> 1162 <attribute name="Id" type="ID" use="optional" /> 1163 </complexType> 1164


This attribute contains an optional identifier for the element. 1168 <CounterSignature> [Choice] 1169

This element contains the results of the verification of a counter signature (see Section 7.2.4 of 1170 [XAdES]). The SignatureValidityType is described in section 3.5.1. 1171

<SignatureTimeStamp> [Choice] 1172

This element contains verification results of a time stamp of the signature (see Section 7.3 of 1173 [XAdES]). The TimeStampValidityType is described in section 3.5.4.4. 1174

<XAdES:CompleteCertificateRefs> [Choice] 1175 This element contains references to the certificates used during verification of the signature (see 1176 Section 7.4.1 of [XAdES]). This information is simply extracted from the signature. 1177

<XAdES:CompleteRevocationRefs> [Choice] 1178 Contains references to the revocation data used for the verification of the signature (see Section 7.4.2 1179 of [XAdES]). This information is simply extracted from the signature. 1180

<XAdES:AttributeCertificateRefs> [Choice] 1181


Contains the references to the full set of attribute authorities certificates that have been used to 1182 validate the attribute certificate (see section 7.4.3 of [XAdES]). This information is simply extracted 1183 from the signature. 1184

<XAdES:AttributeRevocationRefs> [Choice] 1185

Contains the references to the full set of revocation data that have been used in the validation of the 1186 attribute certificate(s) present in the signature (see section 7.4.4 of [XAdES]). 1187

<SigAndRefsTimeStamp> [Choice] 1188 Contains verification results for a time stamp referring to the signature and references on certificates 1189 and revocation data (see section 7.5.1 of [XAdES]). The TimeStampValidityType is described in 1190 section 3.5.4.4. 1191

<RefsOnlyTimeStamp> [Choice] 1192 Contains verification results for a time stamp referring only to references on certificates and revocation 1193 data (see section 7.5.2 of [XAdES]). The TimeStampValidityType is described in section 3.5.4.4. 1194

<CertificateValues> [Choice] 1195 Contains verification results for the certificates, which were used in the verification of the signature 1196 (see section 7.6.1 of [XAdES]). The CertificateValuesType is defined below. 1197

<RevocationValues> [Choice] 1198

Contains verification results of the revocation data used in the verification of the signature (see section 1199 7.6.2 of [XAdES]). The RevocationValuesType is defined below. 1200

<AttrAuthoritiesCertValues> [Choice] 1201 Contains verification results of the certificates of Attribute Authorities that have been used to validate 1202 the attribute certificates, which are contained in the signature (see section 7.6.3 of [XAdES]). The 1203 CertificateValuesType is defined below. 1204

<AttributeRevocationValues> [Choice] 1205 Contains verification results of the revocation data that have been used to validate the attribute 1206 certificate when present in the signature (see section 7.6.4 of [XAdES]). The RevocationValuesType 1207 is defined below. 1208

<ArchiveTimeStamp> [Choice] 1209

Contains verification results for a time stamp covering the complete signature including all attributes 1210 (see section 7.7 of [XAdES]). The TimeStampValidityType is described in section 3.5.4.4. 1211

1212 The CertificateValuesType is defined as follows: 1213 1214

<complexType name="CertificateValuesType"> 1215 <choice minOccurs="0" maxOccurs="unbounded"> 1216 <element name="EncapsulatedX509Certificate" 1217 type="vr:CertificateValidityType" /> 1218 <element name="OtherCertificate" /> 1219 </choice> 1220 <attribute name="Id" type="ID" use="optional" /> 1221 </complexType> 1222

1223 It defines the following attributes and elements: 1224 Id [Optional] 1225

This attribute contains an optional identifier for the element. 1226 <EncapsulatedX509Certificate> [Optional, Unbounded, Choice] 1227

Contains verification results for an X.509 certificate included in the signature. The 1228 CertificateValidityType is defined in Section 3.5.3.1. 1229


<OtherCertificate> [Optional, Unbounded, Choice] 1230 This element contains verification results for other certificates included in the signature. If a certificate 1231 with unknown format is included in the signature, a warning (error code 1232 urn:oasis:names:tc:dss:1.0:resultminor:certificateFormatNotCorrectWarning) SHOULD be returned. 1233

1234 The RevocationValuesType is defined as follows: 1235 1236

<complexType name="RevocationValuesType"> 1237 <sequence> 1238 <element name="CRLValues" minOccurs="0"> 1239 <complexType> 1240 <sequence maxOccurs="unbounded" minOccurs="1"> 1241 <element name="VerifiedCRL" 1242 type="vr:CRLValidityType" /> 1243 </sequence> 1244 </complexType> 1245 </element> 1246 <element name="OCSPValues" minOccurs="0"> 1247 <complexType> 1248 <sequence maxOccurs="unbounded" minOccurs="1"> 1249 <element name="VerifiedOCSPResponse" 1250 type="vr:OCSPValidityType" /> 1251 </sequence> 1252 </complexType> 1253 </element> 1254 <element name="OtherValues" type="dss:AnyType" minOccurs="0" /> 1255 </sequence> 1256 <attribute name="Id" type="ID" use="optional" /> 1257 </complexType> 1258


This attribute contains an optional identifier for the element. 1262 <CRLValues> [Optional] 1263

Contains the verification results for all CRLs included in a signature. The CRLValidityType is defined 1264 in Section 3.5.3.4. 1265

<OCSPValues> [Optional] 1266 Contains the verification results for all OCSP responses included in a signature. The 1267 OCSPValidityType is defined in Section 3.5.3.5. 1268

<OtherValues> [Optional] 1269

This element MAY contain verification results for other revocation data included in the signature. If 1270 other revocation data with unknown format is included in the signature, a warning (error 1271 urn:oasis:names:tc:dss:1.0:resultminor:improperRevocationInformation) SHOULD be returned. 1272

1273

3.5.4.3 AttributeCertificateValidityType 1274

The AttributeCertificateValidityType is defined as follows: 1275 1276

<complexType name="AttributeCertificateValidityType"> 1277 <sequence> 1278 <element name="AttributeCertificateIdentifier" 1279 type="vr:AttrCertIDType" maxOccurs="1" minOccurs="0" /> 1280


<element name="AttributeCertificateValue" type="base64Binary" 1281 maxOccurs="1" minOccurs="0" /> 1282 <element name="AttributeCertificateContent" 1283 type="vr:AttributeCertificateContentType" maxOccurs="1" 1284 minOccurs="0" /> 1285 <element name="SignatureOK" type="vr:SignatureValidityType" /> 1286 <element name="CertificatePathValidity" 1287 type="vr:CertificatePathValidityType" /> 1288 </sequence> 1289 </complexType> 1290

1291 It contains the following elements: 1292 <AttributeCertificateIdentifier> [Optional] 1293

This element MAY refer to an X.509v3 attribute certificate according to [RFC3281]. The structure of 1294 the AttrCertIDType is defined below. 1295

<AttributeCertificateValue> [Optional] 1296 This element MAY contain the certificate in binary form (coded in ASN.1), if the report option 1297 <IncludeCertificateValues> is set to ‘true’. 1298

<AttributeCertificateContent> [Optional] 1299 This element MAY contain an XML-based analogue of the content of the certificate, if the report option 1300 <ExpandBinaryValues> is set to ‘true’. The structure of the 1301 AttributeCertificateContentType is defined below. 1302

<SignatureOK> [Required] 1303 This element indicates, whether the digital signature is mathematically valid or not. The 1304 SignatureValidityType is defined in section 3.5.1. 1305

<CertificatePathValidity> [Required] 1306 This element contains the result of the validation of the certificate path of the certificate which has 1307 been used to sign the attribute certificate. The CertificatePathValidityType is defined at the 1308 beginning of Section 3.5.3. 1309

1310 The AttrCertIDType is structured as follows: 1311 1312

<complexType name="AttrCertIDType"> 1313 <sequence> 1314 <element name="Holder" type="vr:EntityType" maxOccurs="1" 1315 minOccurs="0"/> 1316 <element name="Issuer" type="vr:EntityType" /> 1317 <element name="SerialNumber" type="integer" /> 1318 </sequence> 1319 </complexType> 1320

1321 It contains the following elements: 1322 <Holder> [Optional] 1323

This element contains, if present, information about the holder of the certificate. The structure of the 1324 EntityType is defined below. 1325


<Issuer> [Required] 1326 This element contains information about the issuer of the attribute certificate. The structure of the 1327 EntityType is defined below. 1328

<SerialNumber> [Required] 1329 This element contains the serial number of the attribute certificate, which (together with the information 1330 provided in the <Issuer>-element) uniquely identifies the attribute certificate. 1331

1332 The EntityType is aligned to the structure of Holder and V2Form in [RFC3281] and is defined as 1333 follows: 1334 1335

<complexType name="EntityType"> 1336 <sequence> 1337 <element name="BaseCertificateID" 1338 type="ds:X509IssuerSerialType" maxOccurs="1" 1339 minOccurs="0"/> 1340 <element name="Name" type="string" maxOccurs="1" 1341 minOccurs="0"/> 1342 <element name="Other" type="dss:AnyType" maxOccurs="1" 1343 minOccurs="0"/> 1344 </sequence> 1345 </complexType> 1346

1347 It SHOULD contain sufficient information to identify the entity uniquely and MAY contain the following 1348 optional elements: 1349 <BaseCertificateID> [Optional] 1350

This element identifies, if present, the public-key certificate of the entity. The structure of the 1351 ds:X509IssuerSerielType is defined in [RFC3275]. 1352

<Name> [Optional] 1353 This element contains, if present, the name of the entity. 1354

<Other> [Optional] 1355 This element MAY contain other information, which is used to identify the entity. 1356 1357 The AttributeCertificateContentType contains the content of an attribute certificate according to 1358 [RFC3281] as XML structure and is structured as follows: 1359 1360

<complexType name="AttributeCertificateContentType"> 1361 <sequence> 1362 <element name="Version" minOccurs="0" type="integer" /> 1363 <element name="Holder" type="vr:EntityType" /> 1364 <element name="Issuer" type="vr:EntityType" /> 1365 <element name="SignatureAlgorithm" type="anyURI" /> 1366 <element name="SerialNumber" type="integer" /> 1367 <element name="AttCertValidityPeriod" 1368 type="vr:ValidityType" /> 1369 <element name="Attributes"> 1370 <complexType> 1371 <sequence minOccurs="0" maxOccurs="unbounded"> 1372 <element name="Attribute" 1373 type="vr:AttributeType" /> 1374 </sequence> 1375 </complexType> 1376 </element> 1377


<element name="IssuerUniqueID" type="hexBinary" maxOccurs="1" 1378 minOccurs="0"/> 1379 <element name="Extensions" minOccurs="0" 1380 type="vr:ExtensionsType" /> 1381 </sequence> 1382 </complexType> 1383


This element contains, if present, the version of the attribute certificate. 1387 <Holder> [Required] 1388

This element contains information about the holder of the certificate. The structure of the EntityType 1389 is defined above. 1390

<Issuer> [Required] 1391

This element contains the issuer of the attribute certificate. The structure of the EntityType is defined 1392 above. 1393

<SignatureAlgorithm> [Required] 1394 This element contains an identifier of the used signature algorithm. 1395

<SerialNumber> [Required] 1396 This element contains the serial number of the attribute certificate. 1397

<AttCertValidityPeriod> [Required] 1398 This element contains the validity period of the attribute certificate. The ValidityType is defined in 1399 section 3.5.3.2. 1400

<Attributes> [Optional, Unbounded] 1401 This element contains, if present, a list of attributes. The AttributeType is defined below. 1402

<IssuerUniqueID> [Optional] 1403

This element contains, if present, a unique identifier of the issuer of the attribute certificate. 1404 <Extensions> [Optional] 1405

If present, this element contains information about the list of extensions present in the attribute 1406 certificate. The ExtensionType is defined in Section 3.5.3.2. 1407

1408 The AttributeType is defined as follows: 1409 1410

<complexType name="AttributeType"> 1411 <sequence> 1412 <element name="Type" type="anyURI" /> 1413 <element name="Value" type="dss:AnyType" maxOccurs="unbounded" 1414 minOccurs="0" /> 1415 </sequence> 1416 </complexType> 1417

1418 It contains the following elements: 1419 <Type> [Required] 1420

This element MUST contain an identifier for the type of the attribute in the <Code>-element and MAY 1421 contain further information. 1422

<Value> [Optional, Unbounded] 1423


This element MAY contain any number of attribute values. 1424 1425

3.5.4.4 TimeStampValidityType 1426

The TimeStampValidityType is structured as follows: 1427 1428

<complexType name="TimeStampValidityType"> 1429 <sequence> 1430 <element name="FormatOK" type="vr:VerificationResultType" /> 1431 <element name="TimeStampContent" type="vr:TstContentType" 1432 maxOccurs="1" minOccurs="0" /> 1433 <element name="MessageHashAlgorithm" 1434 type="vr:AlgorithmValidityType" 1435 maxOccurs="1" minOccurs="0" /> 1436 <element name="SignatureOK" 1437 type="vr:SignatureValidityType" /> 1438 <element name="CertificatePathValidity" 1439 type="vr:CertificatePathValidityType" /> 1440 </sequence> 1441 <attribute name="Id" type="ID" use="optional" /> 1442 </complexType> 1443

1444 It contains the following elements and attributes: 1445 Id [Optional] 1446

This attribute contains an optional identifier for the element. 1447 <FormatOK> [Required] 1448

This element indicates, whether the format of the time stamp is ok or not. More information on the use 1449 of the VerificationResultType may be found in Section 3.4. 1450

<TimeStampContent> [Optional] 1451 This element contains the content of time stamp in form of an XML structure, if the report option 1452 <ExpandBinaryValues> is set to ‘true’. The TstContentType is specified below. 1453

<MessageHashAlgorithm> [Optional] 1454

This element contains, if present, information about the message hash algorithm and its suitability. 1455 The AlgorithmValidityType is defined in Section 3.5.2. 1456

<SignatureOK> [Required] 1457 This element indicates, whether the digital signature is mathematically valid or not. The 1458 SignatureValidityType is defined in Section 3.5.1. 1459

<CertificatePathValidity> [Required] 1460 This element contains the result of the validity check of the certificate. The 1461 CertificatePathValidityType is defined in Section 3.5.3. 1462

1463 The TstContentType complex type is defined as follows: 1464 1465

<complexType name="TstContentType"> 1466 <sequence> 1467 <element ref="dss:TstInfo" maxOccurs="1" minOccurs="0"/> 1468 <element name="Other" type="dss:AnyType" maxOccurs="1" 1469 minOccurs="0"/> 1470 </sequence> 1471 </complexType> 1472


It contains the following elements: 1473 <dss:TstInfo> [Optional] 1474

This element MAY contain the standard content of a time stamp as defined in Section 5.1.2 of 1475 [DSSCore]. Note that there is a straightforward mapping from the TSTInfo-Element according to 1476 [RFC3161] to the present structure. 1477

<Other> [Optional] 1478 This element MAY contain other information included in the time stamp. 1479

3.5.5 Element <IndividualTimeStampReport> 1480

The <IndividualTimeStampReport>-element MAY appear in the <Details>-element within the 1481 <IndividualReport>-element defined in Section 3.3. This element is defined as follows: 1482

<element name="IndividualTimeStampReport" type="vr:TimeStampValidityType"/> 1483

The TimeStampValidityType is defined in Section 3.5.4.4. 1484

3.5.6 Element <IndividualCertificateReport> 1485

The <IndividualCertificateReport>-element MAY appear in the <Details>-element within the 1486 <IndividualReport>-element defined in Section 3.3. This element is defined as follows: 1487

<element name="IndividualCertificateReport" 1488 type="vr:CertificateValidityType" /> 1489

The CertificateValidityType is defined in Section 3.5.3.1. 1490

3.5.7 Element <IndividualAttributeCertificateReport> 1491

The <IndividualAttributeCertificateReport>-element MAY appear in the <Details>-1492 element within the <IndividualReport>-element defined in Section 3.3. This element is defined as 1493 follows: 1494

<element name="IndividualAttributeCertificateReport" 1495 type="vr:AttributeCertificateValidityType" /> 1496

The AttributeCertificateValidityType is defined in Section 3.5.4.3. 1497

3.5.8 Element <IndividualCRLReport> 1498

The <IndividualCRLReport>-element MAY appear in the <Details>-element within the 1499 <IndividualReport>-element defined in Section 3.3. This element is defined as follows: 1500

<element name="IndividualCRLReport" type="vr:CRLValidityType" /> 1501

The CRLValidityType is defined in Section 3.5.3.4. 1502

3.5.9 Element <IndividualOCSPReport> 1503

The <IndividualOCSPReport>-element MAY appear in the <Details>-element within the 1504 <IndividualReport>-element defined in Section 3.3. This element is defined as follows: 1505

<element name="IndividualOCSPReport" type="vr:OCSPValidityType" /> 1506

The OCSPValidityType is defined in Section 3.5.3.5. 1507

3.5.10 Element <EvidenceRecordReport> 1508

The <EvidenceRecordReport>-element MAY appear in the <Details>-element within the 1509 <IndividualReport>-element defined in Section 3.3. This element is defined as follows: 1510


<element name="EvidenceRecordReport" type="vr:EvidenceRecordValidityType" /> 1511

The EvidenceRecordValidityType is based on the definition of the EvidenceRecord-element in 1512 [RFC4998] defined as follows: 1513

<complexType name="EvidenceRecordValidityType"> 1514 <sequence> 1515 <element name="FormatOK" type="vr:VerificationResultType" /> 1516 <element name="Version" type="integer" 1517 maxOccurs="1" minOccurs="0" /> 1518 <element name="DigestAlgorithm" 1519 type="vr:AlgorithmValidityType" maxOccurs="unbounded" 1520 minOccurs="0"> 1521 </element> 1522 <element name="CryptoInfos" maxOccurs="1" minOccurs="0"> 1523 <complexType> 1524 <sequence> 1525 <element name="Attribute" type="vr:AttributeType" 1526 maxOccurs="unbounded" minOccurs="1" /> 1527 </sequence> 1528 </complexType> 1529 </element> 1530 <element name="EncryptionInfo" maxOccurs="1" minOccurs="0"> 1531 <complexType> 1532 <sequence> 1533 <element name="EncryptionInfoType" 1534 type="vr:AlgorithmValidityType" /> 1535 <element name="EncryptionInfoValue" 1536 type="dss:AnyType" /> 1537 </sequence> 1538 </complexType> 1539 </element> 1540 <element name="ArchiveTimeStampSequence" maxOccurs="1" 1541 minOccurs="1"> 1542 <complexType> 1543 <sequence maxOccurs="unbounded" minOccurs="0"> 1544 <element name="ArchiveTimeStampChain"> 1545 <complexType> 1546 <sequence maxOccurs="unbounded" 1547 minOccurs="0"> 1548 <element name="ArchiveTimeStamp" 1549 type="vr:ArchiveTimeStampValidityType"/> 1550 </sequence> 1551 </complexType> 1552 </element> 1553 </sequence> 1554 </complexType> 1555 </element> 1556 </sequence> 1557 <attribute name="Id" type="ID" use="optional" /> 1558 </complexType> 1559

1560 It contains the following elements and attributes: 1561 Id [Optional] 1562

This attribute contains an optional identifier for the element. 1563 <FormatOK> [Required] 1564

This element indicates, whether the format of the evidence record according to [RFC4998] is ok or 1565 not. More information on the use of the VerificationResultType may be found in Section 3.4. 1566

<Version> [Optional] 1567


This element contains, if present, the version of the Evidence Record Syntax. 1568 <DigestAlgorithm> [Optional, unbounded] 1569

This element appears for each hash algorithm used to produce the evidence record and contains 1570 information about the hash algorithm and possibly its suitability. The AlgorithmValidityType is 1571 defined in Section 3.5.2. 1572

<CryptoInfos> [Optional] 1573

This element MAY contain further data useful in the validation of the <ArchiveTimeStampSequence>-1574 element. As explained in [RFC4998] this MAY include possible Trust Anchors, certificates, revocation 1575 information, or the information concerning the suitability of cryptographic algorithms. 1576

<EncryptionInfo> [Optional] 1577 This element MAY contain the necessary information to support encrypted content (cf. [RFC4998], 1578 Section 6.1). 1579

<ArchiveTimeStampSequence> [Required] 1580 This element is required and MAY contain a sequence of <ArchiveTimeStampChain>-elements (cf. 1581 [RFC4998], Section 5), which in turn MAY contain a sequence of <ArchiveTimeStamp>-elements, 1582 which are of type ArchiveTimeStampValidityType defined below. 1583 1584

The ArchiveTimeStampValidityType is based on the definition of the ArchiveTimeStamp-element in 1585 [RFC4998] defined as follows: 1586 1587

<complexType name="ArchiveTimeStampValidityType"> 1588 <sequence> 1589 <element name="FormatOK" type="vr:VerificationResultType" /> 1590 <element name="DigestAlgorithm" type="vr:AlgorithmValidityType" 1591 maxOccurs="1" minOccurs="0" /> 1592 <element name="Attributes" maxOccurs="1" minOccurs="0"> 1593 <complexType> 1594 <sequence> 1595 <element name="Attribute" type="vr:AttributeType" 1596 maxOccurs="unbounded" minOccurs="1"/> 1597 </sequence> 1598 </complexType> 1599 </element> 1600 <element name="ReducedHashTree" maxOccurs="1" minOccurs="0"> 1601 <complexType> 1602 <sequence maxOccurs="unbounded" minOccurs="1"> 1603 <element name="PartialHashTree"> 1604 <complexType> 1605 <sequence maxOccurs="unbounded" 1606 minOccurs="1"> 1607 <element name="HashValue" 1608 type="vr:HashValueType"/> 1609 </sequence> 1610 </complexType> 1611 </element> 1612 </sequence> 1613 </complexType> 1614 </element> 1615 <element name="TimeStamp" 1616 type="vr:TimeStampValidityType" /> 1617 </sequence> 1618 <attribute name="Id" type="ID" use="optional" /> 1619 </complexType> 1620

1621 It contains the following elements and attributes: 1622


Id [Optional] 1623 This attribute contains an optional identifier for the element. 1624

<FormatOK> [Required] 1625 This element indicates, whether the format of the evidence record according to [RFC4998] is ok or 1626 not. More information on the use of the VerificationResultType may be found in Section 3.4. 1627

<DigestAlgorithm> [Optional] 1628 This element contains, if present, information about the hash algorithm and possibly its suitability. The 1629 AlgorithmValidityType is defined in Section 3.5.2. 1630

<Attributes> [Optional] 1631

This element contains, if present, information about further attributes related to the archive time 1632 stamp. 1633

<ReducedHashTree> [Optional] 1634 This element MAY contain a sequence of <PartialHashTree>-elements, which in turn contain a 1635 list of <HashValue>-elements of type HashValueType defined below. 1636

<TimeStamp> [Required] 1637 This element is of type TimeStampValidityType (cf. Section 3.5.4.4) and contains information about 1638 the validity of the conventional time stamp, which is included in the present archive time stamp. 1639

1640 The HashValueType is used for the <HashValue>-element within the <PartialHashTree>-element 1641 above and is defined as follows: 1642

<complexType name="HashValueType"> 1643 <sequence> 1644 <element name="HashValue" type="hexBinary" /> 1645 </sequence> 1646 <attribute name="HashedObject" type="IDREF" use="optional"/> 1647 </complexType> 1648

It contains the following elements and attributes: 1649 HashedObject [Optional] 1650

This attribute MAY be used to point to the object, which served as pre-image of the hash value. 1651 <HashValue> [Required] 1652

This element contains the hash value produced by applying the hash algorithm specified by the 1653 <DigestAlgorithm>- or <TimeStamp>-element to the data specified by the HashedObject 1654 attribute. 1655

1656


4 Conformance 1657

This profile defines three conformance levels: 1658 • Level 1 - “Basic”, 1659 • Level 2 - “Comprehensive” and 1660 • Level 3 - “Comfortable”. 1661

4.1 Level 1 – “Basic” 1662

The conformance level “Basic” allows to return individual verification results for each signature contained 1663 in a <dss:VerifyRequest>. For this purpose the <dss:VerifyResponse> MUST contain in 1664 <dss:OptionalOutputs> a <VerificationReport>-element, as specified in Section 3.2. The 1665 <VerificationReport>-element MUST contain an <IndividualSignatureReport>-element (see 1666 Section 3.3) for each signature or time stamp (i.e. <dss:SignatureObject>) contained in the 1667 <VerifyRequest>-element. 1668 The <Details>-element within <IndividualSignatureReport> MAY contain other elements, such 1669 as the Optional Outputs defined in Section 4.5 of [DSSCore]. 1670

4.2 Level 2 – “Comprehensive” 1671

The conformance level “Advanced” comprises all requirements of conformance Level 1 (“Basic”), as 1672 explained in Section 4.1. Furthermore the <Details>-element within each <IndividualReport> 1673 MUST contain exactly one object-specific element, which documents the detailed verification results for 1674 the signatures or validation data under consideration. While it is REQUIRED in this conformance level 1675 that certificate values and revocation values are included into the verification report if requested by the 1676 IncludeCertificateValues- and IncludeRevocationValues-element within the 1677 ReturnVerifcationReport-element (cf. Section 3.1), it is NOT REQUIRED in this conformance level 1678 to expand those values and other relevant validation data to XML-structures if requested by the 1679 ExpandBinaryValues-element. 1680

The object-specific detail elements defined in this specification are given as follows: 1681 • <DetailedSignatureReport> (cf. Section 3.5) - is used for the verification of (advanced) 1682

electronic signatures. 1683 • <IndividualTimeStampReport> (cf. Section 3.5.5) – is used for the verification of individual time 1684

stamps according to [RFC3161], which are not included in a signature. 1685 • <IndividualCertificateReport> (cf. Section 3.5.6) – is used for the verification of individual 1686

certificates according to [RFC5280], which are not included in a signature. 1687 • <IndividualAttributeCertificateReport> (cf. Section 3.5.7) - is used for the verification 1688

of individual attribute certificates according to [RFC3281], which are not included in a signature. 1689 • <IndividualCRLReport> (cf. Section 3.5.8) - is used for the verification of individual CRLs 1690

according to [RFC5280], which are not included in a signature. 1691 • <IndividualOCSPReport> (cf. Section 3.5.9) - is used for the verification of individual OCSP-1692

responses according to [RFC2560], which are not included in a signature. 1693 • <EvidenceRecordReport> (cf. Section 3.5.10) – is used for the verification of evidence records 1694

according to [RFC4998]. 1695 Other object-specific detail elements MAY be defined in other profiles. 1696


4.3 Level 3 – “Convenient” 1697

The conformance Level 3 (“Convenient”) comprises all requirements of the conformance Level 2 1698 (“Comprehensive”), as explained in Section 4.2. Furthermore the binary values of the validation data 1699 MUST be expanded to the corresponding XML-structures, if this is requested by the 1700 ExpandBinaryValues-element within the ReturnVerificationReport-element (cf. Section 3.1). 1701


A. Acknowledgements 1702

The following individuals have participated in the creation of this specification and are gratefully 1703 acknowledged: 1704 Participants: 1705 • Juan-Carlos Cruellas 1706 • Andreas Kühne 1707 • Ingo Henkel 1708 • Ezer Farhi 1709 • Stefan Drees 1710 • Pim van der Eijk 1711 • Clemens Orthacker 1712 • Marta Cruellas 1713 • Konrad Lanz 1714 1715


B. Revision History 1716

1717

Revision Date Editor Changes Made

R1 19.07.2009 Detlef Hühnlein CD1 version on current OASIS template

R2 15.03.2010 Detlef Hühnlein Draft of CS1 version, which includes a clarifying footnote and minor editing

R3 16.06.2010 Detlef Hühnlein Potential CS1 version, which uses TSLValidity-element of dss:AnyType and drops the previously used TrustStatusListValidityType in order to support different TSL-versions.

R4 15.07.2010 Detlef Hühnlein Potential CS1 version, which provides textual recommendations for filling the TSLValidity-element.

R5 27.09.2010 Detlef Hühnlein Editorial correction of references section

1718 1719

OASIS DSS v1.0 Profile for Comprehensive Multi-Signature...

Documents

Transcript of OASIS DSS v1.0 Profile for Comprehensive Multi-Signature...