CMS Advanced Electronic Signatures (CAdES)

Target Category: Informational

Intended to update and replace : RFC 3126

IETF Meeting Paris - August 2005

Denis Pinkas (Denis.Pinkas@bull.net)

2

Historic• RFC 3126, issued in September 2001, as an S-MIME WG

document, is a transposition of ETSI TS 101 733 v.1.2.2., called :

« Electronic Signature Formats for long term electronic signatures »

It describes electronic signature formats using CMS (Cryptographic Message Syntax).

• ETSI has issued a companion document describing electronic signature formats using XML (Extensible Markup Language), ETSI TS 101 903, called :

« XML Advanced Electronic Signatures (XAdES)  »

ETSI = European Telecommunications Standards Institute.

3

CAdES and XAdES

• In order to easily make the difference between the two electronic signature formats, ETSI TC ESI has decided to use two acronyms:

• « CAdES » for CMS Advanced Electronic Signatures, and

• « XAdES » for XML Advanced Electronic Signatures.

.. and hence to change the title of the Technical Standard.

• ETSI is in the process of issuing TS 101 733 v.1.6.3. In order to promote the knowledge of the document, ETSI is proposing to update and replace RFC 3126.

4

Major changes (see annex J)• The non-mandatory to support formats have been placed

in informative annexes : they allow for very long term conservation.

• The title and the vocabulary have been aligned with XAdES.• In the previous ETSI version of TS 101 733 (i.e. v1.5.1)

sigPolicyHash was mandatory. Implementations requiring to be backward compatible with version 1.5.1 and previous versions of the current document MUST include SigPolicyHash.

• The OIDs from the ASN.1 modules have been updated.• The new ASN.1 modules have been fully checked,

... since the publication of the I-D, and … the I-D will need to be updated to correct a few “typos”.

5

The document is available at:

• http://www.ietf.org/internet-drafts/draft-pinkas-smime-cades-00.txt

• For more information, contact one of the co-editors.