Set of advanced electronic signatures based on XML formats. Unlike an embedded system such as PDF-Signature, it’s designed to “discuss among machines”; that is, the XML format is designed for the exchange of information between automated systems. Within this signature format different extensions have evolved meeting different needs and scenarios; the extensions described below aren’t classified by degree of robustness, reliability or security, but should be considered as evolutions of the format that respond to different scenarios and therefore do not compete with each other.
- XAdES-BES. Basic Electronic Signature just satisfying Directive legal requirements for advanced signature
- XAdES-EPES. It is a XAdES-BES but including information about the signature policy, such as information about the certificate used and from the Issuing Authority.
- XAdES-T (timestamp). It is a XAdES-EPES when we include a second signature , but in this case it must be a signature performed by a TSA (Time Stamp Authority). This second signature covers information about the date and exact time of the signature.
- XAdES-C (complete). Adding references to verification data (certificates and revocation lists) to validate the certificate used for the signature. For example : signed by CCC Certificate issued by CA AAA and CRL RRRR was consulted during the validation process.
- XAdES-X (extended). It’s basically a XAdES-C but adding information about the time and date of the entered data for the C extension.
- XAdES-XL (extended long-term). It is an XAdES-X when certificates (public key only) and validation sources used are incorporated. Unlike -C, where only one reference (one pointer) is included, all that information is embedded in this format. For example, in the case of a CRL, the signed list of revoked certificates that was consulted at the time is incorporated. This is used to ensure validation years after the signature was implemented even in the event that the Issuing Authority or the validation source (CRL) consulted are not reachable anymore. In other words, it ensures long term off-line validation.
- XAdES-A (archival). Includes the all above information including meta-information related to resignaturing policies. A resignaturing policy sets an expiry date for the digital signature, and after this period, the resignature begins. The best-case scenario for this signature format are for documents with long validity periods : mortgages, unversity degrees , scriptures, etc. 15, 20, 50 years, etc.