In order to configure DGCG (Digital Green Certificate Gateway) participating countries need to deliver information regarding CSCA (Certificate Signing Certificate Authority), and specifically Public Key of the certificate of the CA used to sign the DSC (Document Signing Certificate) of every Body in charge of issuing DGC (Digital Green Certificates) . Remember that Health CSCA is different from CSCA used in Passports although both environments use similar terminology.
The ECC p-256 Public Key of Spain CSCA to be used for European Digital Green Certificates is
—–BEGIN PUBLIC KEY—–MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1rjpdfCTyXE8RdrbW8rbLagURmGQerDBqh0WEaRCaJpqDuqKy0Zs1fXBhSPJQ4334X0TdMAWBIoLnLBC2up9Lg==
—–END PUBLIC KEY—–
Principles regarding validity
- Rule 0: A certificate needs to be valid when it is used to sign/seal.
- Rule 1: The DSC needs to be valid longer than anything it signs. So, the DSC expiry date must be >= than expiration date of the document it signs.
- Rule 2: The CSCA needs to be valid longer than any DSC it signs.
- Rule 3: If any certificate has a shorter ‘key usage period’ – then the signature has to be created in that period.
More info:
- Technical documents of Digital Green Certificates – COVID-19 in eHealth Section of European Commission web site.
Para más información: +34 91716055
Pingback: Los certificados DSC de España con los que se firman los pasaportes COVID | Todo es electrónico