9.7     Signature formats

Formats of electronic signatures

A signature, see chapter 9.5, can exist in different formats. Governikus DATA Boreum supports various formats of electronic signatures. These formats are internationally standardised signature and file formats. The supported formats are:

CAdES

This is an acronym for CMS Advanced Electronic Signatures. An advantage of this CMS enhancement is that the validity of documents signed with CAdES is extended in comparison to CMS-only signatures, independent of underlying encryption algorithms. The main document that describes this format is to be found in ETSI TS 101 733 of the European Telecommunications Standards Institute. CAdES complies with the EU's requirements for electronic signatures.

PDF with embedded CAdES signatures

This format is a variant of the above described CAdES format. Here the PDF file remains displayable by every PDF reader program because the signature is listed in an own tab of the reader.

Special PDF signature formats

·     PDF: Two methods for signing PDF files are supported:

-      PAdES: This acronym stands for PDF Advanced Electronic Signatures and denotes the standard TS 102 778, released by the European Telecommunications Standards Institute, ETSI for short. This standard is based on known PDF signatures that comply with the standards defined in ISO 32000 and ISO 19905 and conform to the PDF inline signature format. PAdES exceeds the simple PDF inline signature format and enables future proof validation of signed PDF documents. PAdES complies with the EU requirements for electronic signatures.

-      PDF inline: This signature format is defined in the standards ISO 32000 and ISO 19905 and is implemented in almost all PDF software products.

Associated Signature Containers (ASiC)

The European Telecommunications Standards Institute (ETSI) has approved a new European standard for a signed container structure (ASiC). As container structure the ZIP file format is used. Signature formats are CAdES or XAdES. Thus, ASiC offers overcoming the typical separation of detached signatures and to encapsulate documents in the container. This is especially important for XAdES signatures since here an arbitrary number of files can be signed by one single XAdES signature. Optionally timestamps can be contained. Signed ASiC files have the suffix scs or asics.