Signature Verification

Business Needs

As part of moving to a digital signature solution you need to consider two parts of the equation: one is how the digital signatures are produced, and the other, often forgotten, part is how are these digital signatures later verified?

Before relying on digitally signed documents and transactions, it is essential for business applications to verify the trustworthiness of the e-signatures and validity of the signer’s eIDs (aka certificates). The application also need to determine if the certificate issuers can be trusted, what time the signature was created, whether the signer’s certificate chain was valid at that time, if the signer was authorised to sign the data, and so on.

Ascertia provides products that answer these questions and remove the entire complexity of signature verification, certificate validation and trust management from business applications. Ascertia products are used internally with an organisation and by Managed Service Providers offering global verification services to multiple customer organisations.

Signature verification simplified

Ascertia’s flagship ADSS Server product range is based on the industry-accepted concept of delegating security, cryptographic key management, certificate trust building, secure logging and other complex tasks to a trustworthy security server. Such delegation simplifies business applications and improves security through centralised management, policy management controls and auditing features, not to mention much reduced implementation and change costs as a result of this simplified architecture.

Ascertia's ADSS Server is based on industry accepted protocols for communicating with an e-Trust server, including OASIS Digital Signature Specifications (DSS and DSS-X) for server-side signing and verification, W3C XML Key Management Specifications (XKMS) for certificate validation, IETF Online Certificate Status Protocol for real-time revocation status checking, IETF TSP for communicating with a Time Stamping Authority and IETF Long-Term Archive & Notary Service (LTANS) for secure data archiving. Ascertia ADSS Server can verify a wide range of digital signature formats as shown here. It also complies with the latest EU PEPPOL project requirements for online Validation Authorities, see here for more details.

Use case mapping

There are many different digital signature standards and profiles. The situation is complex as there are multiple ways of signing, including enveloping signatures, embedded signatures and detached signatures. Ascertia is a world-leader in digital signature verification products and provides the widest capability for your current and future needs:

  • PDF documents - verification of standard, timestamped and long-term signatures
  • XML documents - verification of XML DSig and XAdES signatures
  • Other file types - verification of PKCS#7, CMS, CAdES and S/MIME signatures

The following table shows the products that are appropriate to meet various business needs:

Use Case Ascertia Product(s)

Centralised Verification & Enhancement

Server-side signature verification of corporate, role-based or end-user signatures applied either internally or by external parties. Supports all popular signature formats, e.g. PAdES, CAdES, XAdES. Basic signatures can be verified and enhanced to long-term formats by embedding timestamps and certificate status info.

ADSS Signing Server

With Verification Service module

Historic Signature Verification

Server-side verification of any signature at some specified earlier date and time. The signature may be an advanced long-term or even basic signatures can be verified historically using an archive of historic CRLs.

ADSS Signing Server

With Verification Service & Historical CRL module

Local language support

For web applications, ADSS Server expects the browser pages to be created by application developers using local language that is suitable for the business purpose and the end-users. ADSS Go>Sign Service Document Viewer GUI is fully multi-lingual. Similarly local language support is available for PDF Sign&Seal by working with our local partners.

Request Info

Submit

Sales Inquiries:
+44 (0)800 772 0 442

15

+
Years of Digital Signature
Innovation