tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Glossaries     Architecture     IMS     UICC    |    search     info

RFC 5126

 
 
 

CMS Advanced Electronic Signatures (CAdES)

Part 4 of 7, p. 60 to 85
Prev RFC Part       Next RFC Part

 


prevText      Top      Up      ToC       Page 60 
7.  Other Standard Data Structures

7.1.  Public Key Certificate Format

   The X.509 v3 certificate basis syntax is defined in ITU-T
   Recommendation X.509 [1].  A profile of the X.509 v3 certificate is
   defined in RFC 3280 [2].

7.2.  Certificate Revocation List Format

   The X.509 v2 CRL syntax is defined in ITU-T Recommendation X.509 [1].
   A profile of the X.509 v2 CRL is defined in RFC 3280 [2].

7.3.  OCSP Response Format

   The format of an OCSP token is defined in RFC 2560 [3].

7.4.  Time-Stamp Token Format

   The format of a TimeStampToken type is defined in RFC 3161 [7] and
   profiled in ETSI TS 101 861 [TS101861].

7.5.  Name and Attribute Formats

   The syntax of the naming and other attributes is defined in ITU-T
   Recommendation X.509 [1].

      NOTE: The name used by the signer, held as the subject in the
      signer's certificate, is allocated and verified on registration
      with the Certification Authority, either directly or indirectly
      through a Registration Authority, before being issued with a
      Certificate.

Top      Up      ToC       Page 61 
   The present document places no restrictions on the form of the name.
   The subject's name may be a distinguished name, as defined in ITU-T
   Recommendation X.500 [12], held in the subject field of the
   certificate, or any other name form held in the subjectAltName
   certificate extension field, as defined in ITU-T Recommendation X.509
   [1].  In the case that the subject has no distinguished name, the
   subject name can be an empty sequence and the subjectAltName
   extension shall be critical.

   All Certification Authorities, Attribute Authorities, and
   Time-Stamping Authorities shall use distinguished names in the
   subject field of their certificate.

   The distinguished name shall include identifiers for the organization
   providing the service and the legal jurisdiction (e.g., country)
   under which it operates.

   Where a signer signs as an individual, but wishes to also identify
   him/herself as acting on behalf of an organization, it may be
   necessary to provide two independent forms of identification.  The
   first identity, which is directly associated with the signing key,
   identifies him/her as an individual.  The second, which is managed
   independently, identifies that person acting as part of the
   organization, possibly with a given role.  In this case, one of the
   two identities is carried in the subject/subjectAltName field of the
   signer's certificate as described above.

   The present document does not specify the format of the signer's
   attribute that may be included in public key certificates.

      NOTE: The signer's attribute may be supported by using a claimed
      role in the CMS signed attributes field or by placing an attribute
      certificate containing a certified role in the CMS signed
      attributes field; see Section 7.6.

7.6.  AttributeCertificate

   The syntax of the AttributeCertificate type is defined in RFC 3281
   [13].

8.  Conformance Requirements

   For implementations supporting signature generation, the present
   document defines conformance requirements for the generation of two
   forms of basic electronic signature, one of the two forms must be
   implemented.

Top      Up      ToC       Page 62 
   For implementations supporting signature verification, the present
   document defines conformance requirements for the verification of two
   forms of basic electronic signature, one of the two forms must be
   implemented.

   The present document only defines conformance requirements up to an
   ES with Complete validation data (CAdES-C).  This means that none of
   the extended and archive forms of the electronic signature (CAdES-X,
   CAdES-A) need to be implemented to get conformance to the present
   document.

   On verification the inclusion of optional signed and unsigned
   attributes must be supported only to the extent that the signature is
   verifiable.  The semantics of optional attributes may be unsupported,
   unless specified otherwise by a signature policy.

8.1.  CAdES-Basic Electronic Signature (CAdES-BES)

   A system supporting CAdES-BES signers, according to the present
   document, shall, at a minimum, support generation of an electronic
   signature consisting of the following components:

      - The general CMS syntax and content type, as defined in RFC 3852
        [4] (see Sections 5.1 and 5.2);

      - CMS SignedData, as defined in RFC 3852 [4], with the version set
        to 3 and at least one SignerInfo present (see Sections 5.3 to
        5.6);

         - The following CMS attributes, as defined in RFC 3852 [4]:

         - content-type; this shall always be present (see Section
           5.7.1); and

         - message-digest; this shall always be present (see Section
           5.7.2).

      - One of the following attributes, as defined in the present
        document:

         - signing-certificate: as defined in Section 5.7.3.1; or
         - signing-certificate v2 : as defined in Section 5.7.3.2.

      NOTE: RFC 3126 was using the other signing-certificate attribute
      (see Section 5.7.3.3).  Its use is now deprecated, since the
      structure of the signing-certificate v2 attribute is simpler than
      the other signing-certificate attribute.

Top      Up      ToC       Page 63 
8.2.  CAdES-Explicit Policy-based Electronic Signature

   A system supporting Policy-based signers, according to the present
   document, shall, at a minimum, support the generation of an
   electronic signature consisting of the previous components defined
   for the basic signer, plus:

      - The following attributes, as defined in Section 5.9:

         - signature-policy-identifier; this shall always be present
           (see Section 5.8.1).

8.3.  Verification Using Time-Stamping

   A system supporting verifiers, according to the present document,
   with time-stamping facilities shall, at a minimum, support:

      - verification of the mandated components of an electronic
        signature, as defined in Section 8.1;

      - signature-time-stamp attribute, as defined in Section 6.1.1;

      - complete-certificate-references attribute, as defined in Section
        6.2.1;

      - complete-revocation-references attribute, as defined in Section
        6.2.2;

      - Public Key Certificates, as defined in ITU-T Recommendation
        X.509 [1] (see Section 8.1); and

      - either of:

         - Certificate Revocation Lists, as defined in ITU-T
           Recommendation X.509 [1] (see Section 8.2); or

         - Online Certificate Status Protocol, as defined in RFC 2560
           [3] (see Section 8.3).

8.4.  Verification Using Secure Records

   A system supporting verifiers, according to the present document,
   shall, at a minimum, support:

      - verification of the mandated components of an electronic
        signature, as defined in Section 8.1;

Top      Up      ToC       Page 64 
      - complete-certificate-references attribute, as defined in Section
        6.2.1;

      - complete-revocation-references attribute, as defined in Section
        6.2.2;

      - a record of the electronic signature and the time when the
        signature was first validated, using the referenced certificates
        and revocation information, must be maintained, such that
        records cannot be undetectably modified;

      - Public Key Certificates, as defined in ITU-T Recommendation
        X.509 [1] (see Section 8.1); and

         - either of:

            - Certificate Revocation Lists, as defined in ITU-T
              Recommendation X.509 [1] (see Section 8.2); or

            - online Certificate Status Protocol, as defined in RFC 2560
              [3] (see Section 8.3).

9.  References

9.1.  Normative References

   [1]    ITU-T Recommendation X.509 (2000)/ISO/IEC 9594-8 (2001):
          "Information technology - Open Systems Interconnection - The
          Directory: Public key and Attribute Certificate framework".

   [2]    Housley, R., Polk, W., Ford, W., and D. Solo, "Internet X.509
          Public Key Infrastructure Certificate and Certificate
          Revocation List (CRL) Profile", RFC 3280, April 2002.

   [3]    Myers, M., Ankney, R., Malpani, A., Galperin, S., and C.
          Adams, "X.509 Internet Public Key Infrastructure Online
          Certificate Status Protocol - OCSP", RFC 2560, June 1999.

   [4]    Housley, R., "Cryptographic Message Syntax (CMS)", RFC 3852,
          July 2004.

   [5]    Hoffman, P., Ed., "Enhanced Security Services for S/MIME", RFC
          2634, June 1999.

   [6]    Freed, N. and N. Borenstein, "Multipurpose Internet Mail
          Extensions (MIME) Part One: Format of Internet Message
          Bodies", RFC 2045, November 1996.

Top      Up      ToC       Page 65 
   [7]    Adams, C., Cain, P., Pinkas, D., and R. Zuccherato, "Internet
          X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)",
          RFC 3161, August 2001.

   [8]    ITU-T Recommendation X.680 (1997): "Information technology -
          Abstract Syntax Notation One (ASN.1): Specification of basic
          notation".

   [9]    ITU-T Recommendation X.501 (2000)/ISO/IEC 9594-1 (2001):
          "Information technology - Open Systems Interconnection -
          Directory models".

   [10]   Housley, R., "Cryptographic Message Syntax (CMS) Algorithms",
          RFC 3370, August 2002.

   [11]   ITU-T Recommendation F.1: "Operational provisions for the
          international public telegram service".

   [12]   ITU-T Recommendation X.500: "Information technology - Open
          Systems Interconnection - The Directory: Overview of concepts,
          models and services".

   [13]   Farrell, S. and R. Housley, "An Internet Attribute Certificate
          Profile for Authorization", RFC 3281, April 2002.

   [14]   ITU-T Recommendation X.208 (1988): "Specification of Abstract
          Syntax Notation One (ASN.1)".

   [15]   Schaad, J., "Enhanced Security Services (ESS) Update: Adding
          CertID Algorithm Agility", RFC 5035, August 2007.

   [16]   ITU-T Recommendation X.690 (2002): "Information technology
          ASN.1 encoding rules: Specification of Basic Encoding Rules
          (BER), Canonical Encoding Rules (CER) and Distinguished
          Encoding Rules (DER)".

9.2.  Informative References

   [EUDirective]  Directive 1999/93/EC of the European Parliament and of
                  the Council of 13 December 1999 on a community
                  framework for Electronic Signatures.

   [TS101733]     ETSI Standard TS 101 733 V.1.7.3 (2005-06) Electronic
                  Signature Formats.

   [TS101861]     ETSI TS 101 861: "Time stamping profile".

Top      Up      ToC       Page 66 
   [TS101903]     ETSI TS 101 903: "XML Advanced Electronic Signatures
                  (XAdES)".

   [TR102038]     ETSI TR 102 038: "Electronic Signatures and
                  Infrastructures (ESI); XML format for signature
                  policies".

   [TR102272]     ETSI TR 102 272 V1.1.1 (2003-12). "Electronic
                  Signatures and Infrastructures (ESI); ASN.1 format for
                  signature policies".

   [RFC2479]      Adams, C., "Independent Data Unit Protection Generic
                  Security Service Application Program Interface (IDUP-
                  GSS-API)", RFC 2479, December 1998.

   [RFC2743]      Linn, J., "Generic Security Service Application
                  Program Interface Version 2, Update 1", RFC 2743,
                  January 2000.

   [RFC3125]      Ross, J., Pinkas, D., and N. Pope, "Electronic
                  Signature Policies", RFC 3125, September 2001.

   [RFC3447]      Jonsson, J. and B. Kaliski, "Public-Key Cryptography
                  Standards (PKCS) #1: RSA Cryptography Specifications
                  Version 2.1", RFC 3447, February 2003.

   [RFC3494]      Zeilenga, K., "Lightweight Directory Access Protocol
                  version 2 (LDAPv2) to Historic Status", RFC 3494,
                  March 2003.

   [RFC3851]      Ramsdell, B., Ed., "Secure/Multipurpose Internet Mail
                  Extensions (S/MIME) Version 3.1 Message
                  Specification", RFC 3851, July 2004.

   [RFC4210]      Adams, C., Farrell, S., Kause, T., and T. Mononen,
                  "Internet X.509 Public Key Infrastructure Certificate
                  Management Protocol (CMP)", RFC 4210, September 2005.

   [RFC4346]      Dierks, T. and E. Rescorla, "The Transport Layer
                  Security (TLS) Protocol Version 1.1", RFC 4346, April
                  2006.

   [RFC4523]      Zeilenga, K., "Lightweight Directory Access Protocol
                  (LDAP) Schema Definitions for X.509 Certificates", RFC
                  4523, June 2006.

Top      Up      ToC       Page 67 
   [ISO7498-2]    ISO 7498-2 (1989): "Information processing systems -
                  Open Systems Interconnection - Basic Reference Model -
                  Part 2: Security Architecture".

   [ISO9796-2]    ISO/IEC 9796-2 (2002): "Information technology -
                  Security techniques - Digital signature schemes giving
                  message recovery - Part 2: Integer factorization based
                  mechanisms".

   [ISO9796-4]    ISO/IEC 9796-4 (1998): "Digital signature schemes
                  giving message recovery - Part 4: Discrete logarithm
                  based mechanisms".

   [ISO10118-1]   ISO/IEC 10118-1 (2000): "Information technology -
                  Security techniques - Hash-functions - Part 1:
                  General".

   [ISO10118-2]   ISO/IEC 10118-2 (2000): "Information technology -
                  Security techniques - Hash-functions - Part 2:
                  Hash-functions using an n-bit block cipher algorithm".

   [ISO10118-3]   ISO/IEC 10118-3 (2004): "Information technology -
                  Security techniques - Hash-functions - Part 3:
                  Dedicated hash-functions".

   [ISO10118-4]   ISO/IEC 10118-4 (1998): "Information technology -
                  Security techniques - Hash-functions - Part 4: Hash-
                  functions using modular arithmetic".

   [ISO10181-5]   ISO/IEC 10181-5:  Security Frameworks in Open Systems.
                  Non-Repudiation Framework.  April 1997.

   [ISO13888-1]   ISO/IEC 13888-1 (2004): "IT security techniques -
                  Non-repudiation - Part 1: General".

   [ISO14888-1]   ISO/IEC 14888-1 (1998): "Information technology -
                  Security techniques - Digital signatures with appendix
                  - Part 1: General".

   [ISO14888-2]   ISO/IEC 14888-2 (1999): "Information technology -
                  Security techniques - Digital signatures with appendix
                  - Part 2: Identity-based mechanisms".

   [ISO14888-3]   ISO/IEC 14888-3 (1998): "Information technology -
                  Security techniques - Digital signatures with appendix
                  - Part 3: Certificate-based mechanisms".

Top      Up      ToC       Page 68 
   [ISO15946-2]   ISO/IEC 15946-2 (2002): "Information technology -
                  Security techniques - Cryptographic techniques based
                  on elliptic curves - Part 2: Digital signatures".

   [CWA14171]     CWA 14171 CEN Workshop Agreement: "General Guidelines
                  for Electronic Signature Verification".

   [XMLDSIG]      XMLDSIG: W3C/IETF Recommendation (February 2002):
                  "XML-Signature Syntax and Processing".

   [X9.30-1]      ANSI X9.30-1 (1997): "Public Key Cryptography for the
                  Financial Services Industry - Part 1: The Digital
                  Signature Algorithm (DSA)".

   [X9.30-2]      ANSI X9.30-2 (1997): "Public Key Cryptography for the
                  Financial Services Industry - Part 2: The Secure Hash
                  Algorithm (SHA-1)".

   [X9.31-1]      ANSI X9.31-1 (1997): "Public Key Cryptography Using
                  Reversible Algorithms for the Financial Services
                  Industry - Part 1: The RSA Signature Algorithm".

   [X9.31-2]      ANSI X9.31-2 (1996): "Public Key Cryptography Using
                  Reversible Algorithms for the Financial Services
                  Industry - Part 2: Hash Algorithms".

   [X9.62]        ANSI X9.62 (1998): "Public Key Cryptography for the
                  Financial Services Industry - The Elliptic Curve
                  Digital Signature Algorithm (ECDSA)".

   [P1363]        IEEE P1363 (2000): "Standard Specifications for
                  Public-Key Cryptography".

   ETSI technical specifications can be downloaded free of charge via
   the Services and Products Download Area at:
   http://www.etsi.org/WebSite/Standards/StandardsDownload.aspx

Top      Up      ToC       Page 69 
Annex A (Normative): ASN.1 Definitions

   This annex provides a summary of all the ASN.1 syntax definitions for
   new syntax defined in the present document.

A.1.  Signature Format Definitions Using X.208 ASN.1 Syntax

      NOTE: The ASN.1 module defined in Annex A.1 using syntax defined
      in ITU-T Recommendation X.208 [14] has precedence over that
      defined in Annex A.2 in the case of any conflict.

ETS-ElectronicSignatureFormats-ExplicitSyntax88 { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-mod(0)
eSignature-explicit88(28)}

DEFINITIONS EXPLICIT TAGS ::=

BEGIN

-- EXPORTS All

IMPORTS

-- Cryptographic Message Syntax (CMS): RFC 3852

   ContentInfo, ContentType, id-data, id-signedData, SignedData,
   EncapsulatedContentInfo, SignerInfo, id-contentType,
   id-messageDigest, MessageDigest, id-signingTime, SigningTime,
   id-countersignature, Countersignature
      FROM CryptographicMessageSyntax2004
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
      smime(16) modules(0) cms-2004(24) }

-- ESS Defined attributes: ESS Update
-- RFC 5035 (Adding CertID Algorithm Agility)

   id-aa-signingCertificate, SigningCertificate, IssuerSerial,
   id-aa-contentReference, ContentReference, id-aa-contentIdentifier,
   ContentIdentifier, id-aa-signingCertificateV2
      FROM ExtendedSecurityServices-2006
        { iso(1) member-body(2) us(840) rsadsi(113549)
          pkcs(1) pkcs-9(9) smime(16) modules(0) id-mod-ess-2006(30) }

-- Internet X.509 Public Key Infrastructure - Certificate and CRL
-- Profile: RFC 3280

   Certificate, AlgorithmIdentifier, CertificateList, Name,
   DirectoryString, Attribute, BMPString, UTF8String

Top      Up      ToC       Page 70 
      FROM PKIX1Explicit88
      {iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit(18)}

   GeneralNames, GeneralName, PolicyInformation
      FROM PKIX1Implicit88
      {iso(1) identified-organization(3) dod(6) internet(1) security(5)
       mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit (19)}

-- Internet Attribute Certificate Profile for Authorization - RFC 3281

   AttributeCertificate
      FROM PKIXAttributeCertificate {iso(1) identified-organization(3)
                dod(6) internet(1) security(5) mechanisms(5) pkix(7)
                id-mod(0) id-mod-attribute-cert(12)}

-- OCSP - RFC 2560

   BasicOCSPResponse, ResponderID
      FROM OCSP {iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-ocsp(14)}

-- Time Stamp Protocol RFC 3161

   TimeStampToken
      FROM PKIXTSP
      {iso(1) identified-organization(3) dod(6) internet(1) security(5)
      mechanisms(5) pkix(7) id-mod(0) id-mod-tsp(13)}

;


-- Definitions of Object Identifier arcs used in the present document
-- ==================================================================

-- OID used referencing electronic signature mechanisms based on
-- the present document for use with the Independent Data Unit
-- Protection (IDUP) API (see Annex D)

   id-etsi-es-IDUP-Mechanism-v1 OBJECT IDENTIFIER ::=
   { itu-t(0) identified-organization(4) etsi(0)
     electronic-signature-standard (1733) part1 (1) idupMechanism (4)
     etsiESv1(1) }


-- Basic ES CMS Attributes Defined in the present document
-- =======================================================

Top      Up      ToC       Page 71 
-- OtherSigningCertificate - deprecated

    id-aa-ets-otherSigCert OBJECT IDENTIFIER ::=
    { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
    smime(16) id-aa(2) 19 }

   OtherSigningCertificate ::=  SEQUENCE {
      certs        SEQUENCE OF OtherCertID,
      policies     SEQUENCE OF PolicyInformation OPTIONAL
                   -- NOT USED IN THE PRESENT DOCUMENT
   }

   OtherCertID ::= SEQUENCE {
      otherCertHash            OtherHash,
      issuerSerial             IssuerSerial OPTIONAL }

   OtherHash ::= CHOICE {
       sha1Hash     OtherHashValue,
       -- This contains a SHA-1 hash
       otherHash    OtherHashAlgAndValue}


-- Policy ES Attributes Defined in the present document
-- ====================================================

-- Mandatory Basic Electronic Signature Attributes as above,
-- plus in addition.

-- Signature-policy-identifier attribute

   id-aa-ets-sigPolicyId OBJECT IDENTIFIER ::=
   { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
   smime(16) id-aa(2) 15 }

   SignaturePolicy ::= CHOICE {
      signaturePolicyId          SignaturePolicyId,
      signaturePolicyImplied     SignaturePolicyImplied
                                 --  not used in this version
   }

   SignaturePolicyId ::= SEQUENCE {
      sigPolicyId        SigPolicyId,
      sigPolicyHash      SigPolicyHash,
      sigPolicyQualifiers   SEQUENCE SIZE (1..MAX) OF
                                   SigPolicyQualifierInfo OPTIONAL
   }

   SignaturePolicyImplied ::= NULL

Top      Up      ToC       Page 72 
   SigPolicyId ::= OBJECT IDENTIFIER

   SigPolicyHash ::= OtherHashAlgAndValue

   OtherHashAlgAndValue ::= SEQUENCE {
      hashAlgorithm   AlgorithmIdentifier,
      hashValue       OtherHashValue }

   OtherHashValue ::= OCTET STRING

   SigPolicyQualifierInfo ::= SEQUENCE {
      sigPolicyQualifierId  SigPolicyQualifierId,
      sigQualifier          ANY DEFINED BY sigPolicyQualifierId }

   SigPolicyQualifierId ::=   OBJECT IDENTIFIER

   id-spq-ets-uri OBJECT IDENTIFIER ::=
   { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
   smime(16) id-spq(5) 1 }

   SPuri ::= IA5String

   id-spq-ets-unotice OBJECT IDENTIFIER ::=
   { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
   smime(16) id-spq(5) 2 }

   SPUserNotice ::= SEQUENCE {
       noticeRef        NoticeReference OPTIONAL,
       explicitText     DisplayText OPTIONAL}

   NoticeReference ::= SEQUENCE {
      organization     DisplayText,
      noticeNumbers    SEQUENCE OF INTEGER }

   DisplayText ::= CHOICE {
      visibleString    VisibleString  (SIZE (1..200)),
      bmpString        BMPString      (SIZE (1..200)),

      utf8String       UTF8String     (SIZE (1..200)) }

-- Optional Electronic Signature Attributes

-- Commitment-type attribute

id-aa-ets-commitmentType OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 16}

   CommitmentTypeIndication ::= SEQUENCE {

Top      Up      ToC       Page 73 
     commitmentTypeId CommitmentTypeIdentifier,
     commitmentTypeQualifier SEQUENCE SIZE (1..MAX) OF
            CommitmentTypeQualifier OPTIONAL}

   CommitmentTypeIdentifier ::= OBJECT IDENTIFIER

   CommitmentTypeQualifier ::= SEQUENCE {
      commitmentTypeIdentifier CommitmentTypeIdentifier,
      qualifier   ANY DEFINED BY commitmentTypeIdentifier }

id-cti-ets-proofOfOrigin OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) cti(6) 1}

id-cti-ets-proofOfReceipt OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) cti(6) 2}

id-cti-ets-proofOfDelivery OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) cti(6) 3}

id-cti-ets-proofOfSender OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) cti(6) 4}

id-cti-ets-proofOfApproval OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) cti(6) 5}

id-cti-ets-proofOfCreation OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) cti(6) 6}

-- Signer-location attribute

id-aa-ets-signerLocation OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 17}

   SignerLocation ::= SEQUENCE {
       -- at least one of the following shall be present
       countryName    [0]   DirectoryString OPTIONAL,
          -- As used to name a Country in X.500
       localityName   [1]   DirectoryString OPTIONAL,
           -- As used to name a locality in X.500
       postalAdddress [2]   PostalAddress OPTIONAL }

   PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString

-- Signer-attributes attribute

Top      Up      ToC       Page 74 
id-aa-ets-signerAttr OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 18}

   SignerAttribute ::= SEQUENCE OF CHOICE {
      claimedAttributes   [0] ClaimedAttributes,
      certifiedAttributes [1] CertifiedAttributes }

   ClaimedAttributes ::= SEQUENCE OF Attribute

   CertifiedAttributes ::= AttributeCertificate
   -- as defined in RFC 3281: see Section 4.1

-- Content-time-stamp attribute

id-aa-ets-contentTimestamp OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 20}

   ContentTimestamp ::= TimeStampToken

-- Signature-time-stamp attribute

id-aa-signatureTimeStampToken OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 14}

SignatureTimeStampToken ::= TimeStampToken

-- Complete-certificate-references attribute

id-aa-ets-certificateRefs OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 21}

CompleteCertificateRefs ::=  SEQUENCE OF OtherCertID

-- Complete-revocation-references attribute

id-aa-ets-revocationRefs OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 22}

   CompleteRevocationRefs ::=  SEQUENCE OF CrlOcspRef

   CrlOcspRef ::= SEQUENCE {
      crlids          [0] CRLListID   OPTIONAL,
      ocspids         [1] OcspListID  OPTIONAL,
      otherRev        [2] OtherRevRefs OPTIONAL
   }

Top      Up      ToC       Page 75 
   CRLListID ::=  SEQUENCE {
      crls        SEQUENCE OF CrlValidatedID}

   CrlValidatedID ::=  SEQUENCE {
      crlHash                   OtherHash,
      crlIdentifier             CrlIdentifier OPTIONAL}

   CrlIdentifier ::= SEQUENCE {
      crlissuer                 Name,
      crlIssuedTime             UTCTime,
      crlNumber                 INTEGER OPTIONAL }

   OcspListID ::=  SEQUENCE {
       ocspResponses        SEQUENCE OF OcspResponsesID}

   OcspResponsesID ::=  SEQUENCE {
       ocspIdentifier              OcspIdentifier,
       ocspRepHash                 OtherHash    OPTIONAL
   }

   OcspIdentifier ::= SEQUENCE {
      ocspResponderID      ResponderID,
      -- As in OCSP response data
      producedAt           GeneralizedTime
      -- As in OCSP response data
   }

   OtherRevRefs ::= SEQUENCE {
       otherRevRefType   OtherRevRefType,
       otherRevRefs      ANY DEFINED BY otherRevRefType
    }

   OtherRevRefType ::= OBJECT IDENTIFIER

-- Certificate-values attribute

id-aa-ets-certValues OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 23}

   CertificateValues ::=  SEQUENCE OF Certificate

-- Certificate-revocation-values attribute

id-aa-ets-revocationValues OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 24}

   RevocationValues ::=  SEQUENCE {

Top      Up      ToC       Page 76 
      crlVals           [0] SEQUENCE OF CertificateList OPTIONAL,
      ocspVals          [1] SEQUENCE OF BasicOCSPResponse OPTIONAL,
      otherRevVals      [2] OtherRevVals OPTIONAL}

   OtherRevVals ::= SEQUENCE {
       otherRevValType   OtherRevValType,
       otherRevVals      ANY DEFINED BY otherRevValType
   }

   OtherRevValType ::= OBJECT IDENTIFIER

-- CAdES-C time-stamp attribute

id-aa-ets-escTimeStamp OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 25}

ESCTimeStampToken ::= TimeStampToken

-- Time-Stamped Certificates and CRLs

id-aa-ets-certCRLTimestamp OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 26}

TimestampedCertsCRLs ::= TimeStampToken

-- Archive time-stamp attribute
id-aa-ets-archiveTimestampV2  OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 48}

ArchiveTimeStampToken ::= TimeStampToken

-- Attribute-certificate-references attribute

id-aa-ets-attrCertificateRefs OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 44}

AttributeCertificateRefs ::=  SEQUENCE OF OtherCertID

-- Attribute-revocation-references attribute

id-aa-ets-attrRevocationRefs OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 45}

AttributeRevocationRefs ::=  SEQUENCE OF CrlOcspRef

Top      Up      ToC       Page 77 
END

A.2.  Signature Format Definitions Using X.680 ASN.1 Syntax

      NOTE: The ASN.1 module defined in Annex A.1 has precedence over
      that defined in Annex A.2 using syntax defined in ITU-T
      Recommendation X.680 (1997) [8] in the case of any conflict.

ETS-ElectronicSignatureFormats-ExplicitSyntax97 { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-mod(0)
eSignature-explicit97(29)}

DEFINITIONS EXPLICIT TAGS ::=

BEGIN

-- EXPORTS All -

IMPORTS

-- Cryptographic Message Syntax (CMS): RFC 3852

   ContentInfo, ContentType, id-data, id-signedData, SignedData,
   EncapsulatedContentInfo, SignerInfo,
   id-contentType, id-messageDigest, MessageDigest, id-signingTime,
   SigningTime, id-countersignature, Countersignature
      FROM CryptographicMessageSyntax2004
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
       smime(16) modules(0) cms-2004(24) }

-- ESS Defined attributes: ESS Update
-- RFC 5035 (Adding CertID Algorithm Agility)

   id-aa-signingCertificate, SigningCertificate, IssuerSerial,
   id-aa-contentReference, ContentReference, id-aa-contentIdentifier,
   ContentIdentifier, id-aa-signingCertificateV2
      FROM ExtendedSecurityServices-2006
        { iso(1) member-body(2) us(840) rsadsi(113549)
          pkcs(1) pkcs-9(9) smime(16) modules(0) id-mod-ess-2006(30) }

-- Internet X.509 Public Key Infrastructure
-- Certificate and CRL Profile: RFC 3280

   Certificate, AlgorithmIdentifier, CertificateList, Name,
   Attribute

      FROM PKIX1Explicit88
      {iso(1) identified-organization(3) dod(6) internet(1)

Top      Up      ToC       Page 78 
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-pkix1-explicit(18)}

   GeneralNames, GeneralName, PolicyInformation
      FROM PKIX1Implicit88 {iso(1) identified-organization(3) dod(6)
      internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
      id-pkix1-implicit(19)}

-- Internet Attribute Certificate Profile for Authorization - RFC 3281

   AttributeCertificate
      FROM PKIXAttributeCertificate {iso(1) identified-organization(3)
      dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-attribute-cert(12)}

-- OCSP RFC 2560

   BasicOCSPResponse, ResponderID
      FROM OCSP {iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-ocsp(14)}

-- RFC 3161 Internet X.509 Public Key Infrastructure
-- Time-Stamp Protocol

   TimeStampToken
      FROM PKIXTSP {iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-tsp(13)}

-- X.520

    DirectoryString {}
        FROM SelectedAttributeTypes
         {joint-iso-itu-t ds(5) module(1) selectedAttributeTypes(5) 4}

;

-- Definitions of Object Identifier arcs used in the present document
-- ==================================================================

-- OID used referencing electronic signature mechanisms based
-- on the present document for use with the IDUP API (see Annex D)

id-etsi-es-IDUP-Mechanism-v1 OBJECT IDENTIFIER ::=
{ itu-t(0) identified-organization(4) etsi(0)
electronic-signature-standard (1733) part1 (1) idupMechanism (4)
etsiESv1(1) }

Top      Up      ToC       Page 79 
-- Basic ES Attributes Defined in the present document
-- ===================================================

-- CMS Attributes defined in the present document

-- OtherSigningCertificate - deprecated

id-aa-ets-otherSigCert OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
smime(16) id-aa(2) 19 }


   OtherSigningCertificate ::=  SEQUENCE {
      certs        SEQUENCE OF OtherCertID,
      policies     SEQUENCE OF PolicyInformation OPTIONAL
                   -- NOT USED IN THE PRESENT DOCUMENT
   }

   OtherCertID ::= SEQUENCE {
      otherCertHash            OtherHash,
      issuerSerial             IssuerSerial OPTIONAL }

   OtherHash ::= CHOICE {
      sha1Hash OtherHashValue,
      -- This contains a SHA-1 hash
      otherHash OtherHashAlgAndValue}

-- Policy ES Attributes Defined in the present document
-- ====================================================

-- Mandatory Basic Electronic Signature Attributes, plus in addition.
-- Signature Policy Identifier

id-aa-ets-sigPolicyId OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
smime(16) id-aa(2) 15 }

   SignaturePolicy ::= CHOICE {
      signaturePolicyId          SignaturePolicyId,
      signaturePolicyImplied     SignaturePolicyImplied
                              -- not used in this version
   }

   SignaturePolicyId ::= SEQUENCE {
      sigPolicyId           SigPolicyId,
      sigPolicyHash         SigPolicyHash,
      sigPolicyQualifiers   SEQUENCE SIZE (1..MAX) OF
                                 SigPolicyQualifierInfo OPTIONAL

Top      Up      ToC       Page 80 
   }

   SignaturePolicyImplied ::= NULL

   SigPolicyId ::= OBJECT IDENTIFIER

   SigPolicyHash ::= OtherHashAlgAndValue

   OtherHashAlgAndValue ::= SEQUENCE {
      hashAlgorithm   AlgorithmIdentifier,
      hashValue       OtherHashValue
   }

   OtherHashValue ::= OCTET STRING

   SigPolicyQualifierInfo ::= SEQUENCE {
      sigPolicyQualifierId       SIG-POLICY-QUALIFIER.&id
      ({SupportedSigPolicyQualifiers}),
      qualifier               SIG-POLICY-QUALIFIER.&Qualifier
                                ({SupportedSigPolicyQualifiers}
                                    {@sigPolicyQualifierId})OPTIONAL }

   SupportedSigPolicyQualifiers SIG-POLICY-QUALIFIER ::=
       { noticeToUser | pointerToSigPolSpec }

   SIG-POLICY-QUALIFIER ::= CLASS {
      &id             OBJECT IDENTIFIER UNIQUE,
      &Qualifier      OPTIONAL }
   WITH SYNTAX {
      SIG-POLICY-QUALIFIER-ID     &id
      [SIG-QUALIFIER-TYPE &Qualifier] }

   noticeToUser SIG-POLICY-QUALIFIER ::= {
      SIG-POLICY-QUALIFIER-ID id-spq-ets-unotice SIG-QUALIFIER-TYPE
      SPUserNotice }

   pointerToSigPolSpec SIG-POLICY-QUALIFIER ::= {
      SIG-POLICY-QUALIFIER-ID id-spq-ets-uri SIG-QUALIFIER-TYPE SPuri }

   id-spq-ets-uri OBJECT IDENTIFIER ::= { iso(1)
    member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
    smime(16) id-spq(5) 1 }

   SPuri ::= IA5String

   id-spq-ets-unotice OBJECT IDENTIFIER ::= { iso(1)
   member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
   smime(16) id-spq(5) 2 }

Top      Up      ToC       Page 81 
   SPUserNotice ::= SEQUENCE {
        noticeRef        NoticeReference OPTIONAL,
        explicitText     DisplayText OPTIONAL}

   NoticeReference ::= SEQUENCE {
        organization     DisplayText,
        noticeNumbers    SEQUENCE OF INTEGER }

   DisplayText ::= CHOICE {
        visibleString    VisibleString  (SIZE (1..200)),
        bmpString        BMPString      (SIZE (1..200)),
        utf8String       UTF8String     (SIZE (1..200)) }

-- Optional Electronic Signature Attributes

-- Commitment Type

  id-aa-ets-commitmentType OBJECT IDENTIFIER ::= { iso(1) member-body(2)
    us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 16}

   CommitmentTypeIndication ::= SEQUENCE {
      commitmentTypeId CommitmentTypeIdentifier,
      commitmentTypeQualifier SEQUENCE SIZE (1..MAX) OF
         CommitmentTypeQualifier OPTIONAL}

   CommitmentTypeIdentifier ::= OBJECT IDENTIFIER

   CommitmentTypeQualifier ::= SEQUENCE {
      commitmentQualifierId   COMMITMENT-QUALIFIER.&id,
      qualifier               COMMITMENT-QUALIFIER.&Qualifier OPTIONAL }

   COMMITMENT-QUALIFIER ::= CLASS {
      &id             OBJECT IDENTIFIER UNIQUE,
      &Qualifier      OPTIONAL }
   WITH SYNTAX {
      COMMITMENT-QUALIFIER-ID     &id
      [COMMITMENT-TYPE &Qualifier] }

id-cti-ets-proofOfOrigin OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) cti(6) 1}

id-cti-ets-proofOfReceipt OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) cti(6) 2}

id-cti-ets-proofOfDelivery OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16)
cti(6) 3}

Top      Up      ToC       Page 82 
id-cti-ets-proofOfSender OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) cti(6) 4}

id-cti-ets-proofOfApproval OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) cti(6) 5}

id-cti-ets-proofOfCreation OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) cti(6) 6}

-- Signer Location

id-aa-ets-signerLocation OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 17}

   SignerLocation ::= SEQUENCE {
   -- at least one of the following shall be present
      countryName [0] DirectoryString{maxSize} OPTIONAL,
         -- as used to name a Country in X.520
      localityName [1] DirectoryString{maxSize} OPTIONAL,
         -- as used to name a locality in X.520
      postalAdddress [2] PostalAddress OPTIONAL }

   PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString{maxSize}
                    -- maxSize parametrization as specified in X.683

-- Signer Attributes

id-aa-ets-signerAttr OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 18}

   SignerAttribute ::= SEQUENCE OF CHOICE {
      claimedAttributes   [0] ClaimedAttributes,
      certifiedAttributes [1] CertifiedAttributes }

   ClaimedAttributes ::= SEQUENCE OF Attribute

   CertifiedAttributes ::= AttributeCertificate
   -- as defined in RFC 3281: see Section 4.1

-- Content Timestamp

id-aa-ets-contentTimestamp OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 20}
   ContentTimestamp ::= TimeStampToken

Top      Up      ToC       Page 83 
-- Signature Timestamp

id-aa-signatureTimeStampToken OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 14}

   SignatureTimeStampToken ::= TimeStampToken

-- Complete Certificate Refs.

id-aa-ets-certificateRefs OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 21}

CompleteCertificateRefs ::=  SEQUENCE OF OtherCertID

-- Complete Revocation Refs

id-aa-ets-revocationRefs OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 22}

   CompleteRevocationRefs ::=  SEQUENCE OF CrlOcspRef

   CrlOcspRef ::= SEQUENCE {
      crlids          [0] CRLListID   OPTIONAL,
      ocspids         [1] OcspListID  OPTIONAL,
      otherRev        [2] OtherRevRefs OPTIONAL
   }

   CRLListID ::=  SEQUENCE {
      crls        SEQUENCE OF CrlValidatedID
   }

   CrlValidatedID ::=  SEQUENCE {
      crlHash                   OtherHash,
      crlIdentifier             CrlIdentifier OPTIONAL   }

   CrlIdentifier ::= SEQUENCE {
       crlissuer                 Name,
       crlIssuedTime             UTCTime,
       crlNumber                 INTEGER OPTIONAL
   }

   OcspListID ::=  SEQUENCE {
       ocspResponses        SEQUENCE OF OcspResponsesID
   }

   OcspResponsesID ::=  SEQUENCE {
       ocspIdentifier              OcspIdentifier,

Top      Up      ToC       Page 84 
       ocspRepHash                 OtherHash    OPTIONAL
   }

   OcspIdentifier ::= SEQUENCE {
      ocspResponderID      ResponderID,
      -- As in OCSP response data
      producedAt           GeneralizedTime
      -- As in OCSP response data
   }

   OtherRevRefs ::= SEQUENCE {
      otherRevRefType   OTHER-REVOCATION-REF.&id,
      otherRevRefs      SEQUENCE OF OTHER-REVOCATION-REF.&Type
   }

OTHER-REVOCATION-REF ::= CLASS {
      &Type,
      &id   OBJECT IDENTIFIER UNIQUE }
   WITH SYNTAX {
      WITH SYNTAX &Type ID &id }

-- Certificate Values

id-aa-ets-certValues OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 23}

CertificateValues ::=  SEQUENCE OF Certificate

-- Certificate Revocation Values

id-aa-ets-revocationValues OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 24}

   RevocationValues ::=  SEQUENCE {
     crlVals           [0] SEQUENCE OF CertificateList OPTIONAL,
     ocspVals          [1] SEQUENCE OF BasicOCSPResponse OPTIONAL,

     otherRevVals      [2] OtherRevVals OPTIONAL
   }

   OtherRevVals ::= SEQUENCE {
      otherRevValType   OTHER-REVOCATION-VAL.&id,
      otherRevVals      SEQUENCE OF OTHER-REVOCATION-REF.&Type
   }

  OTHER-REVOCATION-VAL ::= CLASS {
      &Type,

Top      Up      ToC       Page 85 
      &id   OBJECT IDENTIFIER UNIQUE }
   WITH SYNTAX {
      WITH SYNTAX &Type ID &id }

-- CAdES-C Timestamp
id-aa-ets-escTimeStamp OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-aa(2) 25}

   ESCTimeStampToken ::= TimeStampToken

-- Time-Stamped Certificates and CRLs

id-aa-ets-certCRLTimestamp OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 26}

   TimestampedCertsCRLs ::= TimeStampToken

-- Archive Timestamp

id-aa-ets-archiveTimestampV2  OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 48}

   ArchiveTimeStampToken ::= TimeStampToken

-- Attribute certificate references

id-aa-ets-attrCertificateRefs OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 44}

   AttributeCertificateRefs ::=  SEQUENCE OF OtherCertID

-- Attribute revocation references

id-aa-ets-attrRevocationRefs OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) id-aa(2) 45}

   AttributeRevocationRefs ::=  SEQUENCE OF CrlOcspRef

END


Next RFC Part