Estándares de firma electrónica

Aunque ya he tratado estos temas en algunos artículos anteriores, he pensado que merece la pena tener en un solo lugar una lista de los estándares de uso frecuente en relación con la firma electrónica.

• CAdES (CMS Advanced Electronic Signatures). ETSI TS 101 733 CAdES version 1.7.4 from Jul, 2008
• XAdES (XML Advanced Electronic Signatures). ETSI TS 101 903 XAdES version 1.4.1 from 2009-06-15
• PAdES (PDF Advanced Electronic Signatures). ETSI TS 102778  (PAdES FAQ) Noticia
• RFC 2560 «Online Certificate Status Protocol – OCSP»
• RFC 3126 “Electronic Signature Formats for long term electronic signatures”
• RFC 2630 «Cryptographic Message Syntax»
• RFC 2634 «Enhanced Security Services for S/MIME»
• RFC 5126 “CMS Advanced Electronic Signatures (CAdES)”
• RFC 3280 «Certificate and Certificate Revocation List (CRL) Profile»
• RFC 3275  «(Extensible Markup Language) XML-Signature Syntax and Processing «
• RFC 2797  «Certificate Management Messages over CMS»
• RFC 2585  «Operational Protocols: FTP and HTTP»
• RFC 3161  «Time-Stamp Protocol (TSP)»
• RFC 3029 «Data Validation and Certification Server Protocols»
• RFC 3852  «Cryptographic Message Syntax» (deja obsoletos los RFC3369, RFC 3211, RFC 2630, RFC 2315-PKCS #7 version 1.5-)
• RFC 4853 – (Actualización Marzo 2008) «Cryptographic Message Syntax – Multiple Signer Clarification»
• CWA 15579  E-invoices and digital signatures
• ETSI TS 102 042 Policy requirements for CA issuing PKC
• ETSI TS 102 023 Policy Requirements for Time Stamping Authorities Certificates for Electronic Signatures – Part 1: System Security Requirements
• ETSI TS 102 231 Provision of harmonized Trust Service Provider status information (TSL)
• ETSI TS 102 280 X.509 V.3 Certificate Profile for Certificates Issued to Natural Persons
• ETSI TS 102 158 Policy requirements for Certification Service Providers issuing attribute certificates usable with Qualified certificates
• ETSI TS 101 861 V1.2.1  Time stamping profile
• CEN / ISSS CWA 14167-2 Cryptographic module for CSP signing operations with backup – Protection profile – CMCSOB PP
• CEN / ISSS CWA 14167-3 Cryptographic module for CSP key generation services protection profile CMCKG-PP
• CEN / ISSS CWA 14167-4 Cryptographic module for CSP signing operations – Protection profile – CMCSO PP
• CEN / ISSS CWA 14169 Secure signature-creation devices «EAL 4+»
• CEN / ISSS CWA 14170 Security requirements for signature creation applications
• CEN / ISSS CWA 14171 General Guidelines for Electronic Signature Verification
• CEN / ISSS CWA 14172 EESSI Conformity Assessment Guidance (8 parts)
• CEN / ISSS CWA 14355 Guidelines for the implementation of Secure Signature-Creation Devices
• CEN / ISSS CWA 14365-1 Guide on the Use of Electronic Signatures – Part 1: Legal and Technical Aspects
• CEN / ISSS CWA 14365-2 Guide on the Use of Electronic Signatures – Part 2: Protection Profile for Software Signature Creation Devices
• CEN / ISSS CWA 14167-1 Security Requirements for Trustworthy Systems Managing
• CEN / ISSS CWA 14890-1 Application Interface for smart cards used as Secure Signature Creation Devices – Part 1: Basic requirements
• CEN / ISSS CWA 14890-2 Application Interface for smart cards used as Secure Signature Creation Devices – Part 2: Additional Services
• TR 102 047 (International Harmonization of Electronic Signature Formats)
• FIPS PUB 180-1 (Secure Hash Standard)
• ISO 32000

Artículos anteriores:

• RFC 3126 Formatos de firma electrónica para firmas logevas
• Variantes de firma electrónica
• Firmas avanzadas en PDF (PAdES) TS 102 778
• TS 101 903 XAdES
• Firmas XAdES en Office 2010
• Comprobación de firma electrónica XAdES-XL
• Como comprobar firmas XAdES-XL
• SDK de Firma Electrónica
• XAdES/CAdES ETSI Plugtest
• XAdES Plugtest en ETSI
• Interoperabilidad de los Prestadores de Servicios de Certificación
• DSS + XAdES-XL + z/OS + Websphere
• BackTrust en las pruebas de compatibilidad de firma electrónica XAdES en ETSI