It is thanks to the European Directive 1999/93 EC, in which electronic signatures are legally equal compared to written signatures, that electronic signatures play an important role in the commercial transactions security and other web applications. The digital signature allows the verification of the origin and integrity of messages exchanged.

In order to get ready to face this scenario EADTrust has designed an advanced Digital Signature Service according to the specification defined by OASIS DSS.

DSS (Digital Signature Services) specification reached the level of OASIS Standard in June 2007, version 1.0. This specification simplifies the management of electronic signatures in organizations, allowing the definition of management models focused on servers with the most advanced system architectures. Private keys can be managed safely in centralized environments avoiding dissemination of cryptographic data in computer users. As a result it is possible to get a more robust security policy while taking advantage of the many features of the electronic signature.

Using DSS EADTrust services a client can send documents to the server and get the document signed electronically, or send a signed document to the server for getting data verification of electronic signatures. Two protocols are used in the services with the request/response methods based on XML. One protocol is used to generate electronic signatures and the other one for verifying signatures.

EADTrust offers a secure, fast and simple Electronic Signature Service which makes possible the following operations:

  • Documents Signing.
  • Extending existing signatures
  • Verification of the signatures authenticity on documents already signed.

A simple electronic signature is a hash encrypted with the signer`s private key. That key must be secret and known only to the signatory and is uniquely related to its public key used to verify the signature.

Nowadays, an advanced electronic signature that lasts forever contains more elements such as timestamping and certificate validation token. These elements provide valuable information and guarantees to the signature, making easy the validation process of this to its receptors.

EADTrust fulfills the requirements of the following standards: CAdES (ETSI TS 101 733), PADES (ETSI TS 102 778) and XAdES (ETSI TS 101 903) which define different types of signature on the basis of the elements and the guarantees they offer.