ETSI vs Adobe PadES B-B Level conformance

New Here ,
Feb 10, 2017 Feb 10, 2017

Copy link to clipboard

Copied

I am working on implementing PAdES signature generation and validation and i am testing using the Reader DC and also the ETSI online conformance checker tool.

In one of my tests i add the adbe-revocationInfoArchival attribute to the signature content and Reader DC happily validates the file and reports that it is PAdES B-B Level but the ETSI online checker reports an error. I verified with ETSI to inquire if they were interpreting the specification correctly and they directed me to ETSI EN 319 142 V1.1.1 (2016-04) page 21 item i) which says that whatever is mentioned in ISO 32000-1 12.8.3.3 shall not be used (and that includes the adbe-revocationInfoArchival attribute).

So is this a bug from Adobe or are they interpreting the spec differently? Please help me  understand this mystery.

Thank you, Normand

TOPICS
Security digital signatures and esignatures

Views

584

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
Dec 09, 2019 Dec 09, 2019

Copy link to clipboard

Copied

Normand, I just sumbled over the same issue. How did you dealt with it?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 25, 2020 May 25, 2020

Copy link to clipboard

Copied

Unfortunately, I have never received an answer from Adobe. So we decided to go with ETSI's answer and not to include the adbe-revocationInfoArchival attribute in any PAdES. Sorry for the late reply.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Mar 19, 2021 Mar 19, 2021

Copy link to clipboard

Copied

LATEST

adbe-revocationInfoArchival should not be present in PAdES. Moreover, the current implementation in Adobe is useless, since the timestamp in revocation info is older than signature timestamp and thus not usable for validation.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines