|
CAdES (computing)
CAdES (''CMS Advanced Electronic Signatures'') is a set of extensions to Cryptographic Message Syntax (CMS) signed data making it suitable for advanced electronic signatures. Description CMS is a general framework for electronic signatures for various kinds of transactions like purchase requisition, contracts or invoices. CAdES specifies precise profiles of CMS signed data making it compliant with the European eIDAS regulation (Regulation on electronic identification and trust services for electronic transactions in the internal market). The eIDAS regulation enhances and repeals the Electronic Signatures Directive 1999/93/EC. EIDAS is legally binding in all EU member states since July 2014. An electronic signature that has been created in compliance with eIDAS has the same legal value as a handwritten signature. An electronic signature, technically implemented based on CAdES has the status of an advanced electronic signature. This means that * it is uniquely linked to the signato ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptographic Message Syntax
The Cryptographic Message Syntax (CMS) is the IETF's standard for cryptographically protected messages. It can be used by cryptographic schemes and protocols to digitally sign, digest, authenticate or encrypt any form of digital data. CMS is based on the syntax of PKCS #7, which in turn is based on the Privacy-Enhanced Mail standard. The newest version of CMS () is specified in (but see also for updated ASN.1 modules conforming to ASN.1 2002). The architecture of CMS is built around certificate-based key management, such as the profile defined by the PKIX working group. CMS is used as the key cryptographic component of many other cryptographic standards, such as S/MIME, PKCS #12 and the digital timestamping protocol. OpenSSL is open source software that can encrypt, decrypt, sign and verify, compress and uncompress CMS documents. See also * CAdES - CMS Advanced Electronic Signatures * S/MIME S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for publ ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Advanced Electronic Signature
An advanced electronic signature (AdES) is an electronic signature that has met the requirements set forth under EU Regulation No 910/2014 (eIDAS-regulation) on electronic identification and trust services for electronic transactions in the European Single Market. Description eIDAS created standards for the use of electronic signatures so that they could be used in a secure manner when conducting business online, such as an electronic fund transfer or official business across borders with EU Member States. The advanced electronic signature is one of the standards outlined in eIDAS. For an electronic signature to be considered as advanced, it must meet several requirements: # The signatory can be uniquely identified and linked to the signature # The signatory must have sole control of the signature creation data (typically a private key) that was used to create the electronic signature # The signature must be capable of identifying if its accompanying data has been tampered with a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Electronic Signature
An electronic signature, or e-signature, is data that is logically associated with other data and which is used by the signatory to sign the associated data. This type of signature has the same legal standing as a handwritten signature as long as it adheres to the requirements of the specific regulation under which it was created (e.g., eIDAS in the European Union, NIST-DSS in the USA or ZertES in Switzerland). Electronic signatures are a legal concept distinct from digital signatures, a cryptographic mechanism often used to implement electronic signatures. While an electronic signature can be as simple as a name entered in an electronic document, digital signatures are increasingly used in e-commerce and in regulatory filings to implement electronic signatures in a cryptographically protected way. Standardization agencies like NIST or ETSI provide standards for their implementation (e.g., NIST-DSS, XAdES or PAdES). The concept itself is not new, with common law jurisdictions h ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
EIDAS
eIDAS (electronic IDentification, Authentication and trust Services) is an EU regulation on electronic identification and trust services for electronic transactions in the European Single Market. It was established in EU Regulation 910/2014 of 23 July 2014 on electronic identification and repeals 1999/93/EC from 13 December 1999. It entered into force on 17 September 2014 and applies from 1 July 2016 except for certain articles, which are listed in its Article 52. All organizations delivering public digital services in an EU member state must recognize electronic identification from all EU member states from September 29, 2018. Description eIDAS oversees electronic identification and trust services for electronic transactions in the European Union's internal market. It regulates electronic signatures, electronic transactions, involved bodies, and their embedding processes to provide a safe way for users to conduct business online like electronic funds transfer or transac ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Electronic Signatures Directive
The Electronic Signatures Directive 1999/93/EC was a European Union directive on the use of electronic signatures (e-signatures) in electronic contracts within the European Union (EU). It was repealed by the eIDAS regulation on 1 July 2016. Contents The central provision of the directive is article 5, which requires that electronic signatures are regarded as equivalent to written signatures. Related acts *Communication from the Commission to the Council, the European Parliament, the European Economic and Social Committee and the Committee of the Regions “Action Plan on e-signatures and e-identification to facilitate the provision of cross-border public services in the Single Market” OM(2008) 798 final – Not published in the Official Journal*Commission report of 15 March 2006 on the operation of Directive 1999/93/EC on a Community framework for electronic signatures OM(2006) 120 final – not published in the Official Journal *Commission Decision 2003/511/EC of 14 J ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Relevance (law)
Relevance, in the common law of evidence, is the tendency of a given item of evidence to prove or disprove one of the legal elements of the case, or to have probative value to make one of the elements of the case likelier or not. Probative is a term used in law to signify "tending to prove". Probative evidence "seeks the truth". Generally in law, evidence that is not probative (doesn't tend to prove the proposition for which it is proffered) is inadmissible and the rules of evidence permit it to be excluded from a proceeding or stricken from the record "if objected to by opposing counsel". A balancing test may come into the picture if the value of the evidence needs to be weighed versus its prejudicial nature. Under the Federal Rules of Evidence (United States) Until the Federal Rules of Evidence were restyled in 2011, Rule 401 defined relevance as follows: This definition incorporates the requirement that evidence be both material ("of consequence to the determination of the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Non-repudiation
Non-repudiation refers to a situation where a statement's author cannot successfully dispute its authorship or the validity of an associated contract. The term is often seen in a legal setting when the authenticity of a signature is being challenged. In such an instance, the authenticity is being "repudiated". For example, Mallory buys a cell phone for $100, writes a paper cheque as payment, and signs the cheque with a pen. Later, she finds that she can't afford it, and claims that the cheque is a forgery. The signature guarantees that only Mallory could have signed the cheque, and so Mallory's bank must pay the cheque. This is non-repudiation; Mallory cannot repudiate the cheque. In practice, pen-and-paper signatures aren't hard to forge, but digital signatures can be very hard to break. In security In general, ''non-repudiation'' involves associating actions or changes with a unique individual. For example, a secure area may use a key card access system where non-repudiation ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ETSI
The European Telecommunications Standards Institute (ETSI) is an independent, not-for-profit, standardization organization in the field of information and communications. ETSI supports the development and testing of global technical standards for ICT-enabled systems, applications and services. Overview ETSI was set up in 1988 by the European Conference of Postal and Telecommunications Administrations ( CEPT) following a proposal from the European Commission. ETSI is the officially recognized body with a responsibility for the standardization of Information and Communication Technologies (ICT). It is one of the three bodies, the others being CEN and CENELEC, officially recognized by the European Union as a European Standards Organization (ESO). The role of the European Standards Organizations is to support EU regulation and policies through the production of Harmonised European Standards and other deliverables. The standards developed by ESOs are the only ones that can be rec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
XAdES
XAdES (short for XML Advanced Electronic Signatures) is a set of extensions to XML Signature, XML-DSig W3C recommendation, recommendation making it suitable for advanced electronic signatures. W3C and ETSI maintain and update XAdES together. Description While XML Signature, XML-DSig is a general framework for digitally signing documents, XAdES specifies precise profiles of XML Signature, XML-DSig making it compliant with the European eIDAS regulation (''Regulation on electronic identification and trust services for electronic transactions in the internal market''). The eIDAS regulation enhances and repeals the Electronic Signatures Directive 1999/93/EC. EIDAS is legally binding in all EU member states since July 2014. An electronic signature that has been created in compliance with eIDAS has the same legal value as a handwritten signature. An electronic signature, technically implemented based on XAdES has the status of an advanced electronic signature. This means that * it is uniqu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
PAdES
PAdES (''PDF Advanced Electronic Signatures'') is a set of restrictions and extensions to PDF and ISO 32000-1 making it suitable for advanced electronic signatures. This is published by ETSI as EN 319 142. Description While PDF and ISO 32000-1 provide a framework for digitally signing their documents, PAdES specifies precise profiles making it compliant with ETSI standards for digital signatures (Advanced Electronic Signature - AES and Qualified Electronic Signature - QES). ETSI (European Technical Standards Institute) has the function of issuing technical standards by delegation in the EU eIDAS Regulation (European Union Regulation on electronic identification and trust services for electronic transactions in the internal market). The eIDAS regulation enhances and repeals the Electronic Signatures Directive 1999/93/EC. EIDAS is legally binding and in all EU member states since July 2014 and unlike the Directive it replaces, the eIDAS as a Regulation is directly applicable with ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Associated Signature Containers
Associated Signature Containers (ASiC) specifies the use of container structures to bind together one or more signed objects with either advanced electronic signatures or timestamp Security token, tokens into one single digital container. Regulatory context Under the eIDAS-regulation, an associated signature container (ASiC) for eIDAS is a data container that is used to hold a group of file objects and digital signatures and/or time assertions that are associated to those objects. This data is stored in the ASiC in a ZIP format. European Commission Implementing Decision 2015/1506 of 8 September 2015 laid down specifications relating to formats of advanced electronic signatures and advanced seals to be recognised by public sector bodies pursuant to Articles 27 and 37 of the eIDAS-regulation. EU Member States requiring an advanced electronic signature or an advanced electronic signature based on a qualified certificate, shall recognise XML, Cryptographic Message Syntax, CMS or PD ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Trusted Timestamping
Trusted timestamping is the process of securely keeping track of the creation and modification time of a document. Security here means that no one—not even the owner of the document—should be able to change it once it has been recorded provided that the timestamper's integrity is never compromised. The administrative aspect involves setting up a publicly available, trusted timestamp management infrastructure to collect, process and renew timestamps. History The idea of timestamping information is centuries old. For example, when Robert Hooke discovered Hooke's law in 1660, he did not want to publish it yet, but wanted to be able to claim priority. So he published the anagram ''ceiiinosssttuv'' and later published the translation ''ut tensio sic vis'' (Latin for "as is the extension, so is the force"). Similarly, Galileo first published his discovery of the phases of Venus in the anagram form. Sir Isaac Newton, in responding to questions from Leibniz in a letter in 1677, co ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
