Download presentation
Presentation is loading. Please wait.
Published byCatherine Harrell Modified over 8 years ago
1
Presented by : Piero Milani ( InfoCamere - Italy)Piero Milani InfoCamere - Italy VCD Signature & VCD Verification strategy as seen by InfoCamere ( WP1 member ) Malmö 2010 February 10 th
2
Short introduction of the VCD The Virtual Company Dossier builds over four physical levels The VCD Archive = The physical container The VCD Package = The Master (XML) document The VCD = the metadata collector The attestations = the information and content base (any electronic document) Digital Signatures can be found or applied at any level
3
Virtual Company Dossier use-case
4
VCD physical configuration
5
Sign VCD & VCDPackage
6
Verify operations
7
InfoCamere for Italy participation InfoCamere will establish the necessary infrastructure to run the WP1 phases 2, 3 and 4. They include: XKMS Client application the activation of the PEPPOL XKMS Responder and the presence within the PEPPOL Public Registry Service (PPRS) InfoCamere will also set up a specific use case for test purposes. The case will serve to the WP1 infrastructure a specific business document created within Peppol WP2, i.e. The “VCD – Virtual Company Dossier” carrying on board a large set of “digital signatures” conforming to the standards CAdES, XAdES, PAdES. The case gets better description on following slides.
8
XKMS: InfoCamere implementation XKMS Client application: invokes remote validation to the Central XKMS Responder XKMS Request preparation, Submission into the Central XKMS Responder, preparation for receiving and interpreting the reply from the server Activation and handling of the synchronous operation mode Activation of SOAP protocol 1.2 Signed Message The X509 must be in the Message Making of a JAVA Library (web interface / java-application) for reuse by organizations interested into the validation system Local activation of a XKMS Responder system, that can be invoke by the Central XKMS ( in phase#2)
9
InfoCamere’s Use Case goal 1 Assuring the integrity for all the documents present or referenced by the Virtual Company Dossier, ( the whole process depicted on previous images ) And it will be achieved if: Every signed document can be verified when conformant to : CAdES-XAdES-PAdES [Ref: S 101 703 – TS 101 903 –TS 102 778] Every document is hashed before sending and the hash verified by the receiver
10
InfoCamere’s Use Case goal 2 Assuring The integrity, the autenticity, the paternity of the Virtual Company Dossier metadata, And it will be achieved if: The VCD istance is signed after the compilation
11
Signing the VCD Metadata file 1.The VCD MetaData file is an UBL document; 2.The signature format is conformant with ”UBL XAdES Profile Version 1.0” with the benefits describe below 1. Compliance with EC Directives 2. A signed UBL document should be parsed correctly by an UBL parser (not XAdES aware) and by a XAdES verification software (not UBL aware) 3.No change required for UBL nor XAdES. 4.Support any XAdES form leaving to the specific user context the choice and avoiding any overlap with the work of other body: i.e. CEN CWA’s, Service Directive,… (from the draft….)
12
Human readable VCD Instance The visual representation of a VCD instance is a prerequisite to a signing activity bearing legal effect, we propose three initial options: transformation into an XHTML representation by using a specific stylesheet; transformation into a PDF document that’s embedding the original VCD(XML) transformation into a PDF document (no embedding). The VCD(XML) and the PDF document exists as separated documents and get separated signatures.
13
VCD validation service A web based service ( implementing the VerifyVCD ) to: Verify the VCD signature and validate it according to the signature profile: Open service to all qualified users, i.e., the economic operators, the service providers and the contracting authorities; Perform integrity check: On documents hosted in a VCD instance by comparing the evidence hash with corresponding binary strings, i.e., the “EvidenceHash” stored on metadata files
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.