593:"Commission Implementing Decision (EU) 2015/1506 of 8 September 2015 laying down specifications relating to formats of advanced electronic signatures and advanced seals to be recognised by public sector bodies pursuant to Articles 27(5) and 37(5) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (Text with EEA relevance)"
572:"COMMISSION IMPLEMENTING DECISION (EU) 2015/1506 of 8 September 2015 laying down specifications relating to formats of advanced electronic signatures and advanced seals to be recognised by public sector bodies pursuant to Articles 27(5) and 37(5) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market"
383:
re-associate the signature with its data. It can be advantageous to use detached signatures because it prevents unauthorized modifications to the original data objects. However, by doing this, there is the risk that the detached signature will become separated from its associated data. If this were to happen, the association would be lost and therefore, the data would become inaccessible.
382:
One of the purposes of an electronic signature is to secure the data that it is attached to it from being modified. This can be done by creating a dataset that combines the signature with its signed data or to store the detached signature to a separate resource and then utilize an external process to
423:
Both of these ASiC containers are capable of maintaining long-term availability and integrity when storing XAdES or CAdES signatures through the use of time-stamp tokens or evidence record manifest files that are contained within the containers. ASiC containers must comply with the ZIP specification
419:
deals with signature files, while ASiC-E with CAdES deals with time assertions. The files within these ASiC containers apply to their own file object sets. Each file object might have additional metadata or information that is associated with it that can also be protected by the signature. An ASiC-E
406:
With this container, a single file object is associated with a signature or time assertion file. A “mimetype” file that specifies the media type might also be included in this container. When a mimetype file is included, it is required to be the first file in the ASiC container. This container type
457:
The use of ASiC reduces the risk of an electronic signature becoming separated from its data by combining the signature and its signed data in a container. With both elements secured within an ASiC, it is easier to distribute a signature and guarantee that the correct signature and its metadata is
287:
European
Commission Implementing Decision 2015/1506 of 8 September 2015 laid down specifications relating to formats of advanced electronic signatures and advanced seals to be recognised by public sector bodies pursuant to Articles 27 and 37 of the eIDAS-regulation. EU Member States requiring an
432:
This container operates under the baseline requirements of the ASiC Simple (ASiC-S) container but it also provides additional time assertion requirements. Additional elements may be within its META-INF folder and requires the use of “SignedData” variable to include certificate and revocation
284:-regulation, an associated signature container (ASiC) for eIDAS is a data container that is used to hold a group of file objects and digital signatures and/or time assertions that are associated to those objects. This data is stored in the ASiC in a ZIP format.
407:
will allow additional signatures to be added in the future to be used to sign stored file objects. When long-term time-stamp tokens are used, ASiC Archive
Manifest files are used to protect long-term time-stamp tokens from tampering.
546:"Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC"
374:
signatures. A time assertion file would either contain a one timestamp token that will conform to IETF RFC 3161, whereas a single evidence record would conform to IETF RFC 4998 or IETF RFC6283.
300:
advanced electronic signature at conformance level B, T or LT level or using an associated signature container, where those signatures comply with the following technical specifications:
487:"Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC); Part 1: Building blocks and ASiC baseline containers (ETSI EN 319 162-1 V1.1.1 (2016-04)"
362:
A “META-INF” folder that resides in the root folder and contains files that hold metadata about the content, including its associated signature and/or time assertion files.
458:
being used during validation. This process can also be used when associating time assertions, including evidence records or time-stamp tokens to their associated data.
340:
615:"Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC); Part 2: Additional ASiC containers (ETSI EN 319 162-2 V1.1.1 (2016-04)"
398:
Using the correct tool for each job is always important. Using the correct type of ASiC container for the job at hand is also important:
703:
614:
486:
347:(ETSI EN 319 162-1 V1.1.1 (2016-04), but this updated standard is not required by the European Commission Implementing Decision.
738:
728:
523:
420:
container could be designed to prevent this modification or allow its inclusion without causing damage to previous signatures.
359:
A root folder that stores all the container's content, which might include folders that reflect the structure of that content.
333:
327:
318:
308:
545:
262:
387:
293:
571:
288:
advanced electronic signature or an advanced electronic signature based on a qualified certificate, shall recognise
449:
This container complies with ASiC-E baseline requirements along with additional requirements and restrictions.
205:
84:
592:
704:
DSS : A free and open-source Java library for creating/manipulating PAdES/CAdES/XAdES/ASiC Signatures
261:(ASiC) specifies the use of container structures to bind together one or more signed objects with either
733:
597:
Material has been copied from this source. Reuse is authorised, provided the source is acknowledged.
748:
753:
143:
22:
441:
This container has the same baselines as an ASiC-E container, but with additional restrictions.
367:
314:
229:
214:
108:
93:
390:
system with the use of multiplatform (Windows, Linux, MacOS (OSX)) software called DigiDoc.
339:
Technical specification of ASiCs have been updated and standardized since April 2016 by the
245:
124:
415:
This type of container can hold one or more signature or time assertion files. ASiC-E with
269:
743:
722:
233:
112:
177:
56:
161:
40:
266:
218:
97:
182:
50 4B 03 04 (the container media type is present starting at offset 38)
61:
50 4B 03 04 (the container media type is present starting at offset 38)
678:
655:
633:"Internet X.509 Public Key Infrastructure - Time-Stamp Protocol (TSP)"
632:
386:
One of the most widespread deployments of the ASiC standard is the
416:
371:
323:
304:
281:
210:
89:
713:
237:
190:
116:
69:
552:. The European Parliament and the Council of the European Union
708:
297:
289:
679:"Extensible Markup Language Evidence Record Syntax (XMLERS)"
366:
Such an electronic signature file would contain a single
355:
The internal structure of an ASiC includes two folders:
517:
515:
513:
511:
509:
507:
505:
503:
501:
499:
243:
225:
204:
196:
186:
176:
160:
153:
149:
142:
122:
104:
83:
75:
65:
55:
39:
32:
28:
21:
620:. European Telecommunications Standards Institute.
524:"ASiC - Associated Signature Containers for eIDAS"
492:. European Telecommunications Standards Institute.
332:Associated Signature Container Baseline Profile -
609:
607:
605:
603:
481:
479:
477:
475:
473:
471:
631:Adams, C.; Cain, P.; Pinkas, D.; Zuccherato, R.
17:Associated Signature Container Extended (ASiC-E)
341:European Telecommunications Standards Institute
138:Associated Signature Container Simple (ASiC-S)
8:
453:Reduced risk of loss of electronic signature
137:
16:
677:Jerman Blazic, A.; Saljic, S.; Gondrom, T.
445:ASiC-E time assertion additional container
428:ASiC-S time assertion additional container
424:and limitations that are applied to ZIP.
681:. Internet Engineering Task Force (IETF)
654:Gondrom, T.; Brander, R.; Pordesch, U.
467:
345:Associated Signature Containers (ASiC)
136:
15:
7:
272:into one single digital container.
14:
437:ASiC-E CAdES additional container
259:Associated Signature Containers
656:"Evidence Record Syntax (ERS)"
263:advanced electronic signatures
1:
709:DSS : GitHub repository
595:. EUR-Lex. 9 September 2015.
770:
388:Estonian digital signature
394:Types of ASiC containers
162:Internet media type
41:Internet media type
658:. Network Working Group
635:. Network Working Group
328:ETSI TS 103172 v.2.2.2.
319:ETSI TS 103173 v.2.2.1.
739:Cryptography standards
729:Authentication methods
411:ASiC Extended (ASiC-E)
370:object or one or more
334:ETSI TS 103174 v.2.2.1
309:ETSI TS 103171 v.2.1.1
402:ASiC Simple (ASiC-S)
326:Baseline Profile -
317:Baseline Profile -
307:Baseline Profile -
139:
18:
276:Regulatory context
226:Extended from
206:Container for
144:Filename extension
105:Extended from
85:Container for
23:Filename extension
256:
255:
230:Zip (file format)
187:Developed by
135:
134:
109:Zip (file format)
66:Developed by
761:
714:The AdES toolset
691:
690:
688:
686:
674:
668:
667:
665:
663:
651:
645:
644:
642:
640:
628:
622:
621:
619:
611:
598:
596:
589:
583:
582:
580:
578:
568:
562:
561:
559:
557:
542:
536:
535:
533:
531:
522:Turner, Dawn M.
519:
494:
493:
491:
483:
378:How ASiC is used
343:in the standard
249:
171:
168:application/vnd.
155:
151:
140:
128:
100:, signed objects
50:
47:application/vnd.
34:
30:
19:
769:
768:
764:
763:
762:
760:
759:
758:
719:
718:
700:
695:
694:
684:
682:
676:
675:
671:
661:
659:
653:
652:
648:
638:
636:
630:
629:
625:
617:
613:
612:
601:
591:
590:
586:
576:
574:
570:
569:
565:
555:
553:
544:
543:
539:
529:
527:
521:
520:
497:
489:
485:
484:
469:
464:
455:
447:
439:
430:
413:
404:
396:
380:
353:
278:
244:
221:, signed object
197:Initial release
172:
170:etsi.asic-s+zip
169:
167:
156:
123:
76:Initial release
51:
49:etsi.asic-e+zip
48:
46:
35:
12:
11:
5:
767:
765:
757:
756:
751:
746:
741:
736:
731:
721:
720:
717:
716:
711:
706:
699:
698:External links
696:
693:
692:
669:
646:
623:
599:
584:
563:
537:
526:. Cryptomathic
495:
466:
465:
463:
460:
454:
451:
446:
443:
438:
435:
429:
426:
412:
409:
403:
400:
395:
392:
379:
376:
364:
363:
360:
352:
349:
337:
336:
330:
321:
312:
277:
274:
254:
253:
250:
241:
240:
227:
223:
222:
208:
202:
201:
198:
194:
193:
188:
184:
183:
180:
174:
173:
166:
164:
158:
157:
148:
146:
133:
132:
129:
120:
119:
106:
102:
101:
87:
81:
80:
77:
73:
72:
67:
63:
62:
59:
53:
52:
45:
43:
37:
36:
27:
25:
13:
10:
9:
6:
4:
3:
2:
766:
755:
752:
750:
747:
745:
742:
740:
737:
735:
732:
730:
727:
726:
724:
715:
712:
710:
707:
705:
702:
701:
697:
680:
673:
670:
657:
650:
647:
634:
627:
624:
616:
610:
608:
606:
604:
600:
594:
588:
585:
573:
567:
564:
551:
547:
541:
538:
525:
518:
516:
514:
512:
510:
508:
506:
504:
502:
500:
496:
488:
482:
480:
478:
476:
474:
472:
468:
461:
459:
452:
450:
444:
442:
436:
434:
433:information.
427:
425:
421:
418:
410:
408:
401:
399:
393:
391:
389:
384:
377:
375:
373:
369:
361:
358:
357:
356:
350:
348:
346:
342:
335:
331:
329:
325:
322:
320:
316:
313:
310:
306:
303:
302:
301:
299:
295:
291:
285:
283:
275:
273:
271:
268:
264:
260:
251:
247:
242:
239:
235:
231:
228:
224:
220:
216:
212:
209:
207:
203:
199:
195:
192:
189:
185:
181:
179:
175:
165:
163:
159:
147:
145:
141:
130:
126:
121:
118:
114:
110:
107:
103:
99:
95:
91:
88:
86:
82:
78:
74:
71:
68:
64:
60:
58:
54:
44:
42:
38:
26:
24:
20:
734:Computer law
683:. Retrieved
672:
660:. Retrieved
649:
637:. Retrieved
626:
587:
575:. Retrieved
566:
554:. Retrieved
549:
540:
528:. Retrieved
456:
448:
440:
431:
422:
414:
405:
397:
385:
381:
365:
354:
344:
338:
286:
279:
258:
257:
234:OpenDocument
178:Magic number
113:OpenDocument
57:Magic number
246:Open format
125:Open format
749:Regulation
723:Categories
462:References
280:Under the
754:Signature
351:Structure
267:timestamp
219:timestamp
98:timestamp
577:18 March
556:18 March
685:13 June
662:13 June
639:13 June
550:EUR-Lex
530:13 June
270:tokens
150:.asics
29:.asice
618:(PDF)
490:(PDF)
417:XAdES
372:XAdES
368:CAdES
324:PAdES
315:CAdES
305:XAdES
282:eIDAS
215:CAdES
211:XAdES
94:CAdES
90:XAdES
744:ETSI
687:2017
664:2017
641:2017
579:2018
558:2016
532:2017
238:EPUB
200:2011
191:ETSI
154:.scs
117:EPUB
79:2011
70:ETSI
33:.sce
298:PDF
296:or
294:CMS
290:XML
265:or
252:Yes
131:Yes
725::
602:^
548:.
498:^
470:^
292:,
236:,
232:,
217:,
213:,
152:,
115:,
111:,
96:,
92:,
31:,
689:.
666:.
643:.
581:.
560:.
534:.
311:.
248:?
127:?
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.