teservices.messages.certservice-messages-jakarta.2408.1.source-code.eid-dss-extensions-1.1.xsd Maven / Gradle / Ivy
The newest version!
Extension to an OASIS DSS SignRequest, providing additional
information about a sign request. This element extends the
dss:OptionalInputs element of a dss:SignRequest.
Extension to an OASIS DSS SignResponse, providing
additional information
about a sign response. This element extends the dss:OptionalOutput element
of a dss:SignResponse.
Time when the request was
created
The identity of the signer expressed as a sequence
of SAML attributes
using the AttributesType complex type.
The SAML EntityID of the Identity Provider that
MUST be used to
authenticate the signer before signing. The EntitID val
ue is specified
using the saml:NameIDType complex type and MUST include a Format
attribute with the value urn:oasis:names:tc:SAML:2.0:nameid
-
format:entity.
The SAML EntityID of the service that sends this
request to the signing service.
The EntityID value is specified using the saml:NameIDType complex type and MUST
include a Form
at attribute with the value
urn:oasis:names:tc:SAML:2.0:nameid-format:entity.
Th
e SAML EntityID of the service to which this Sign
Request is sent.
The EntityID value is specified using the saml:NameIDType complex type
and MUST include a Format attribute with the value
urn:oasis:names:tc:SAML:2.0:nameid
-
format:entity.
An identifier of the signature algorithm the
requesting service prefers
when
generating the requested signature.
The requested properties of the signature
certificate being issued by the
signature service.
An optional set of requested attributes that the
requesting service prefers
or requires in the subject name of the generated signing
certificate.
Sign message included as a choice of a Base64
encoded string or an ecrypted sign messa
ge.
Any additional inputs to the request
extension.
The time when the sign response was
created.
An element
of type EncodedRequestType with
base64Binary base type, holding
a representation of a complete and signed dss:SignRequest element that is
related to this sign response. This element MUST be present if signing was
successful.
An element of type SignerAssertionInfoType holding
information about how
the signer wa
s authenticated by the sign service as well as information
about subject attribute values present in the SAML assertion authenticating
the signer, which was incorporated into the signer certificate. This element
MUST be present if signing was successful
.
An element of type CertificateChainType holding the
signer certificate as
well as other certificates that may be used to va
lidate the signature. This
element MUST be present if signing was successful and MUST contain all
certificate that are necessary to compile a complete and functional signed
document.
Optional sign response elements of type
AnyType.
The octets that are hashed and signed when
generating the signture. For
PDF and common modes of CMS this is the DER encoded SignedAttributess field.
For XML this is the ca
nonicalized SignedInfo octets.
Information in support of AdES signature
creati
on
Result signature bytes
Conditions that MUST be evaluated when
assessing the validity of and/or
when using the Sign Request. See Section 2.5 of [SAML2.0]for additional
information on how to evaluate condition
s.
This element MUST include the attributes NotBefore and NotOnOrAfter and
MUST include the element saml:AudienceRestriction which in turn MUST
contain one saml:Audience element, specifying the return URL for any
resulting Sign Response message.
The versio
n of this specification. If absent,
the version value defaults to "1.0".
This attribute provide means for the receiving service to determine the
expected syntax of the response based on protocol version.
The version of this specification. If absent,
the version value defaults to "1.0".
This attribute provide means for the receiving service to determine
the
expected syntax of the response based on protocol version.
A distinguishing id of this sign task which is
used to distinguish between
multiple sign tasks in the same request
Enumeration of the type of signature the
canonical signed information is
associated with.
Specifies the type of AdES signature. BES
means
that the signing certificate
hash must be covered by the signature. EPES means that the signing
certificate hash and a signature policy identifier must be covered by
the signature.
An identifier for processing rules that must be
executed by the
signature
service when processing data in this element.
The a URI reference to the requested level
of assurance with which the
certificate subject should be authenticated.