CMS Advanced Electronic Signatures (CAdES)
RFC 5126
Document Type RFC - Informational (March 2008; No errata)
Obsoletes RFC 3126
Last updated 2018-12-20
Stream IETF
Formats plain text html pdf htmlized bibtex
Reviews
SECDIR Last Call Review
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state RFC 5126 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Tim Polk
Send notices to (None)
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                          D. Pinkas
Request for Comments: 5126                                      Bull SAS
Obsoletes: 3126                                                  N. Pope
Category: Informational                                 Thales eSecurity
                                                                 J. Ross
                                                  Security and Standards
                                                           February 2008

               CMS Advanced Electronic Signatures (CAdES)

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Abstract

   This document defines the format of an electronic signature that can
   remain valid over long periods.  This includes evidence as to its
   validity even if the signer or verifying party later attempts to deny
   (i.e., repudiates) the validity of the signature.

   The format can be considered as an extension to RFC 3852 and RFC
   2634, where, when appropriate, additional signed and unsigned
   attributes have been defined.

   The contents of this Informational RFC amount to a transposition of
   the ETSI Technical Specification (TS) 101 733 V.1.7.4 (CMS Advanced
   Electronic Signatures -- CAdES) and is technically equivalent to it.

   The technical contents of this specification are maintained by ETSI.
   The ETSI TS and further updates are available free of charge at:
   http://www.etsi.org/WebSite/Standards/StandardsDownload.aspx

Pinkas, et al.               Informational                      [Page 1]
RFC 5126           CMS Advanced Electronic Signatures      February 2008

Table of Contents

   1. Introduction ....................................................6
   2. Scope ...........................................................6
   3. Definitions and Abbreviations ...................................8
      3.1. Definitions ................................................8
      3.2. Abbreviations .............................................11
   4. Overview .......................................................12
      4.1. Major Parties .............................................13
      4.2. Signature Policies ........................................14
      4.3. Electronic Signature Formats ..............................15
           4.3.1. CAdES Basic Electronic Signature (CAdES-BES) .......15
           4.3.2. CAdES Explicit Policy-based Electronic
                  Signatures (CAdES-EPES) ............................18
      4.4. Electronic Signature Formats with Validation Data .........19
           4.4.1. Electronic Signature with Time (CAdES-T) ...........20
           4.4.2. ES with Complete Validation Data References
                  (CAdES-C) ..........................................21
           4.4.3. Extended Electronic Signature Formats ..............23
                  4.4.3.1. EXtended Long Electronic Signature
                           (CAdES-X Long) ............................24
                  4.4.3.2. EXtended Electronic Signature with
                           Time Type 1 ...............................25
                  4.4.3.3. EXtended Electronic Signature with
                           Time Type 2 ...............................26
                  4.4.3.4. EXtended Long Electronic Signature
                           with Time (CAdES-X Long ...................27
           4.4.4. Archival Electronic Signature (CAdES-A) ............27
      4.5. Arbitration ...............................................28
      4.6. Validation Process ........................................29
   5. Electronic Signature Attributes ................................30
      5.1. General Syntax ............................................30
      5.2. Data Content Type .........................................30
      5.3. Signed-data Content Type ..................................30
      5.4. SignedData Type ...........................................31
      5.5. EncapsulatedContentInfo Type ..............................31
      5.6. SignerInfo Type ...........................................31
           5.6.1. Message Digest Calculation Process .................32
           5.6.2. Message Signature Generation Process ...............32
           5.6.3. Message Signature Verification Process .............32
      5.7. Basic ES Mandatory Present Attributes .....................32
           5.7.1. content-type .......................................32
           5.7.2. Message Digest .....................................33
           5.7.3. Signing Certificate Reference Attributes ...........33
                  5.7.3.1. ESS signing-certificate Attribute
                           Definition ................................34
                  5.7.3.2. ESS signing-certificate-v2
                           Attribute Definition ......................34
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools