CAdES (computing)
CAdES stands for CMS Advanced Electronic Signatures and is an extension of the Cryptographic Message Syntax (CMS) for an advanced electronic signature. CMS is a general framework for electronic signatures digital documents, such as S / MIME for e-mails or PDF files. CAdES defines specific profiles for advanced electronic signature in accordance with EU directive 1999/93/EC. One advantage of CAdES is that electronically signed documents for a long time remain valid even when the underlying algorithms are broken.
The format is in ETSI TS 101 733 Electronic Signature and Infrastructure (ESI ) - described CMS Advanced Electronic Signature ( CAdES ). The last version of the document is v1.8.3 from November 2011.
Profiles
CAdES defines six profiles which differ in the offered protection profile. Each profile extends the previous:
- Specifies CAdES, basic form, the only legal requirements for the extended signature
- CAdES T (timestamp ), adds a trusted timestamp to protect against deniability
- CAdES -C ( complete), adds references added to verified data (certificates and revocation lists ) to allow off-line verification and verification in the future
- CAdES -X (extended) adds a time stamp to the references that were introduced in CAdES -C. This is to protect against the compromise of the certificate chain in the future.
- CAdES -XL (extended long -term), adds current certificates and revocation lists to the signed document to, in order to allow the verification in the future, even if the original is not available
- CAdES -A ( archival ), adds the possibility of a periodic time stamp for an archived document, to protect against compromised by weak signature algorithms.