ETSI EN 319 122-1 V1.3.1 (2023-06) requires signing-time attribute to be always present in all CAdES levels (CAdES-B-B, CAdES-B-T, CAdES-B-LT and CAdES-B-LTA). Does anyone know why? This seemingly unwarranted requirement has some strong implications.
Suppose you want to validate PAdES signature with external validator (e.g. https://ec.europa.eu/digital-building-blocks/DSS/webapp-demo/validation). The document contains sensitive data, so it cannot be sent to the validator. One solution is to extract CMS and send hash+CMS for validation. But since PAdES forbids signing-time attribute in CMS, the validation will fail even if CMS contains qualified timestamp as an unsigned attribute. It’s absurd: validation of signature with trusted time from timestamping authority fails because the CMS doesn’t contain untrusted time from signer’s computer.
Note: If PDF contains any other data needed for validation (such as OCSP, CRLs, CA certificates), then such objects can be extracted and provided separately to the validator. However, if such objects are covered by a timestamp which covers signature field in CMS, then validator cannot check that the objects are also covered by the timestamp without having access to the full document. Thus only levels PAdES-B and and PAdES-B-T with signature-time-stamp can be verified without complete document.
You need to sign in to view this answers
Leave feedback about this