Skip to content
This repository has been archived by the owner on Mar 25, 2021. It is now read-only.

LTV Support

Latest
Latest
Compare
Choose a tag to compare
@phaupt phaupt released this 17 Jul 05:56
· 53 commits to master since this release
1.0.3
48ec2b9

Release note

New Features

AIS supports the concept of long-term signature validation (LTV). LTV enables the successful verification of a signature, when the CA will have no obligations to publish revocation information anymore. To achieve long-term validation, all revocation information for signature validation has to be embedded in the signed document or stored with the detached signature.

To support LTV the option AddRevocationInformation has been included in the API.

The element may be added to the signature request to include revocation information (RI) in the signature response. The attribute ‘type’ supports the following values.

TYPE    DESCRIPTION
CAdES   RI will be embedded as an unsigned attribute with OID 1.2.840.113549.1.9.16.2.24
PAdES   For CMS Signatures: RI will be embedded in the signature as a signed attribute with OID 1.2.840.113583.1.1.8
      For Timestamps: RI will be provided in the response as Base64 encoded OCSP responses or CRLs  within the <OptionalOutputs>-Element
BOTH    Both types (CAdES,PAdES) will be requested

For further information please refer to the attached “Reference Guide All-in Signing Service” (5.1.5.4 Add Revocation Information).

Depreciated Features

The option “AddRevocationInformation” makes the option “Add OCSP Response” redundant. Therefore the option “Add OCSP Response” will be depreciated by 31. January 2015.

Assets 2
Loading