jccruellas
commented
3 years ago First of all, thanks a lot for using XAdESCC.
Below follows a short explanation, which is an historical one.
XAdES specs started time ago. In fact the first version was published as ETSI TS 101 903 v1.1.1 TS stands for Technical Specification. An ETSI TS is a document that needs to be approved by the so-called Technical Body which has produced it (Electronic Signatures and Infrastructures in this case). ETSI put in place an infrastructure for allowing conducting remote interoperability tests (Plugtests(C) in ETSI's terminology). As a result of these events, comments were raised by implementers and participants which made the specification to evolve until the version v1.4.2.
Then the eIDAS European Regulation was published, and ETSI and CEN took the responsibility of defining a new framework of standards for giving technical support to the legal terms established in that regulation. As part of this process, ETSI and CEN were requested to generate, no Technical Specifications, but European Standards, i.e. documents that needed to be approved by the National Standardization Organizations of the European Union Member States. As a result of that, new ETSI ENs (EN, stands for European Norm, which in ETSI's terminology is the name for an European Standard), were defined for the different digital signature formats defined by ESI, among which XAdES. Then ESI published the ETSI EN 319 132-1 and -2. These documents introduced a number of new elements which superseeded some of the elements defined in former TS 101 903.
Therefore, TS 101 903 is an old document which was approved by ETSI ESI, wereas ETSI EN 319 132-1, -2 is an European Standard approved by ETSI ESI and the EU Member States' National Standardization Organizations.
Now, regarding XAdESCC, it is able to check conformance against both specifications. If you look at the user interface you are offered a number of options for selecting the spec the XAdESCC will perform the checks against.
Below follows the list.
ETSI pre EN 319 132-1 v1.0.0 Building Blocks and Baseline. This is the part 1 of EN 319 132. It defines all the components of XAdES signatures and defines a baseline profile for leveraging interoperability
ETSI pre EN 319 132-2 v1.0.0 extended XAdES. Second part of EN 319 132, where more profiles are defined with a higher degree of optionality
NOTE: Actually the legend should be changed to state that it checks against ETSI EN 319 132-1 v1.1.1 and ETSI EN 319 132-2 v1.1.1
ETSI TS 101 903 v1.4.2. This the document that contained the definition of the XAdES components and defines a number of combinations of components with a high degree of optionality
ETSI TS 103 171 v2.1.1 Baseline Profile. This defined a number of profiles for leveraging interoperability
As you may observe, for building ETSI EN 319 132-1 part of the material of ETSI TS 101 903 (definition of components) and ETSI TS 103 171 (definition of combinations of components for defininig baseline profiles) were used, and for building ETSI EN 319 132-2, parts of the ETSI TS 101 903 (the combinations of components with high degree of optionality) were taken, so in the pass of TSs to ENs, also a re-distribution of material was done.
Hope this helps to clarify the history of XAdES and the capabilities of XAdESCC
Juan Carlos Cruellas
bseddon
HI
It will be great if you are able to point me to any documentation that helps to explain why there seems to be two different documents that both describe XAdES syntax.
One is TS 101 903 - V1.4.2 dated 2010-12. It references the schemas http://uri.etsi.org/01903/v1.3.2/XAdES.xsd and http://uri.etsi.org/01903/v1.4.1/XAdESv141.xsd.
The other is EN 319 132-1 V1.1.1 dated 2016-04. This one references the schema https://uri.etsi.org/01903/v1.3.2/XAdES01903v132-201601.xsd.
Both refer to a version 1.3.2 but the second document also implies a namespace that includes the version 1.4.2. This later version deprecates a number of elements in 1.3.2 in favour of a 'V2' successor. An example is SigningCertificateV2 instead of SigningCertificate. Annex D of the second document lists all the deprecated elements.
The signature conformance checker seems to apply the rules of http://uri.etsi.org/01903/v1.3.2/XAdES.xsd so is this still the current XAdES version?
When I use the ETSI search tool for information about EN 319 132-1 V1.1.1 and click on the details link I think it's your name that appears as the 'Rapporteur'.
My apologies in advance if I've missed something and, as a result, failed to realize a simple explanation.
Thanks