conf.test_constraint.xml Maven / Gradle / Ivy
<ConstraintsParameters Name="QES AdESQC TL based" xmlns="http://dss.esig.europa.eu/validation/policy">
<Description>RIA customized validation policy
</Description>
<SignatureConstraints>
<AcceptablePolicies Level="FAIL">
<Id>ANY_POLICY</Id>
<Id>NO_POLICY</Id>
</AcceptablePolicies>
<PolicyAvailable Level="FAIL"/>
<PolicyHashMatch Level="INFORM"/>
<AcceptableFormats Level="FAIL">
<Id>*</Id> <!-- ALL -->
</AcceptableFormats>
<BasicSignatureConstraints>
<ReferenceDataExistence Level="FAIL"/>
<ReferenceDataIntact Level="FAIL"/>
<SignatureIntact Level="FAIL"/>
<ProspectiveCertificateChain Level="FAIL"/>
<TrustedServiceTypeIdentifier Level="WARN">
<Id>http://uri.etsi.org/TrstSvc/Svctype/CA/QC</Id>
</TrustedServiceTypeIdentifier>
<TrustedServiceStatus Level="FAIL">
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/undersupervision</Id>
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/accredited</Id>
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/supervisionincessation</Id>
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted</Id>
</TrustedServiceStatus>
<SigningCertificate>
<Recognition Level="FAIL"/>
<Signature Level="FAIL"/>
<NotExpired Level="INFORM"/>
<RevocationDataAvailable Level="FAIL"/>
<RevocationDataNextUpdatePresent Level="WARN"/>
<RevocationDataFreshness Level="FAIL"/>
<KeyUsage Level="WARN">
<Id>nonRepudiation</Id>
</KeyUsage>
<NotRevoked Level="FAIL"/>
<NotOnHold Level="FAIL"/>
<Qualification Level="WARN"/>
<SupportedByQSCD Level="WARN"/>
<IssuedToLegalPerson Level="INFORM"/>
<Cryptographic Level="FAIL">
<AcceptableEncryptionAlgo>
<Algo>RSA</Algo>
<Algo>DSA</Algo>
<Algo>ECDSA</Algo>
</AcceptableEncryptionAlgo>
<MiniPublicKeySize>
<Algo Size="1024">RSA</Algo>
<Algo Size="128">DSA</Algo>
<Algo Size="192">ECDSA</Algo>
</MiniPublicKeySize>
<AcceptableDigestAlgo>
<Algo>SHA1</Algo>
<Algo>SHA224</Algo>
<Algo>SHA256</Algo>
<Algo>SHA384</Algo>
<Algo>SHA512</Algo>
<Algo>RIPEMD160</Algo>
</AcceptableDigestAlgo>
</Cryptographic>
</SigningCertificate>
<CACertificate>
<Signature Level="FAIL"/>
<NotExpired Level="FAIL"/>
<RevocationDataAvailable Level="FAIL"/>
<RevocationDataNextUpdatePresent Level="WARN"/>
<RevocationDataFreshness Level="FAIL"/>
<NotRevoked Level="FAIL"/>
<NotOnHold Level="FAIL"/>
<Cryptographic Level="FAIL">
<AcceptableEncryptionAlgo>
<Algo>RSA</Algo>
<Algo>DSA</Algo>
<Algo>ECDSA</Algo>
</AcceptableEncryptionAlgo>
<MiniPublicKeySize>
<Algo Size="1024">RSA</Algo>
<Algo Size="128">DSA</Algo>
<Algo Size="192">ECDSA</Algo>
</MiniPublicKeySize>
<AcceptableDigestAlgo>
<Algo>SHA1</Algo>
<Algo>SHA224</Algo>
<Algo>SHA256</Algo>
<Algo>SHA384</Algo>
<Algo>SHA512</Algo>
<Algo>RIPEMD160</Algo>
</AcceptableDigestAlgo>
</Cryptographic>
</CACertificate>
<Cryptographic Level="FAIL">
<AcceptableEncryptionAlgo>
<Algo>RSA</Algo>
<Algo>DSA</Algo>
<Algo>ECDSA</Algo>
</AcceptableEncryptionAlgo>
<MiniPublicKeySize>
<Algo Size="1024">RSA</Algo>
<Algo Size="128">DSA</Algo>
<Algo Size="192">ECDSA</Algo>
</MiniPublicKeySize>
<AcceptableDigestAlgo>
<Algo>SHA1</Algo>
<Algo>SHA224</Algo>
<Algo>SHA256</Algo>
<Algo>SHA384</Algo>
<Algo>SHA512</Algo>
<Algo>RIPEMD160</Algo>
</AcceptableDigestAlgo>
</Cryptographic>
</BasicSignatureConstraints>
<SignedAttributes>
<SigningCertificatePresent Level="FAIL"/>
<SigningCertificateSigned Level="FAIL"/>
<CertDigestPresent Level="FAIL"/>
<CertDigestMatch Level="FAIL"/>
<IssuerSerialMatch Level="WARN"/>
<SigningTime Level="FAIL"/>
<!--<ContentType Level="FAIL" value="1.2.840.113549.1.7.1" />
<ContentHints Level="FAIL" value="*" />
<CommitmentTypeIndication Level="FAIL">
<Id>1.2.840.113549.1.9.16.6.1</Id>
<Id>1.2.840.113549.1.9.16.6.4</Id>
<Id>1.2.840.113549.1.9.16.6.5</Id>
<Id>1.2.840.113549.1.9.16.6.6</Id>
</CommitmentTypeIndication>
<SignerLocation Level="FAIL" />
<ContentTimeStamp Level="FAIL" /> -->
</SignedAttributes>
<UnsignedAttributes>
<!-- <CounterSignature Level="IGNORE" /> check presence -->
</UnsignedAttributes>
</SignatureConstraints>
<Timestamp>
<TimestampDelay Level="FAIL" Unit="DAYS" Value="0"/>
<MessageImprintDataFound Level="FAIL"/>
<MessageImprintDataIntact Level="FAIL"/>
<RevocationTimeAgainstBestSignatureTime Level="FAIL"/>
<BestSignatureTimeBeforeIssuanceDateOfSigningCertificate Level="FAIL"/>
<SigningCertificateValidityAtBestSignatureTime Level="FAIL"/>
<AlgorithmReliableAtBestSignatureTime Level="FAIL"/>
<Coherence Level="FAIL"/>
<BasicSignatureConstraints>
<ReferenceDataExistence Level="FAIL"/>
<ReferenceDataIntact Level="FAIL"/>
<SignatureIntact Level="FAIL"/>
<ProspectiveCertificateChain Level="FAIL"/>
<TrustedServiceTypeIdentifier Level="WARN">
<Id>http://uri.etsi.org/TrstSvc/Svctype/TSA</Id>
<Id>http://uri.etsi.org/TrstSvc/Svctype/TSA/QTST</Id>
<Id>http://uri.etsi.org/TrstSvc/Svctype/TSA/TSS-QC</Id>
<Id>http://uri.etsi.org/TrstSvc/Svctype/TSA/TSS-AdESQCandQES</Id>
</TrustedServiceTypeIdentifier>
<TrustedServiceStatus Level="WARN">
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/undersupervision</Id>
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/accredited</Id>
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/supervisionincessation</Id>
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted</Id>
</TrustedServiceStatus>
<SigningCertificate>
<Recognition Level="FAIL"/>
<Signature Level="FAIL"/>
<NotExpired Level="FAIL"/>
<RevocationDataAvailable Level="FAIL"/>
<RevocationDataNextUpdatePresent Level="WARN"/>
<RevocationDataFreshness Level="FAIL"/>
<NotRevoked Level="FAIL"/>
<NotOnHold Level="FAIL"/>
<Cryptographic Level="FAIL">
<AcceptableEncryptionAlgo>
<Algo>RSA</Algo>
<Algo>DSA</Algo>
<Algo>ECDSA</Algo>
</AcceptableEncryptionAlgo>
<MiniPublicKeySize>
<Algo Size="1024">RSA</Algo>
<Algo Size="128">DSA</Algo>
<Algo Size="256">ECDSA</Algo>
</MiniPublicKeySize>
<AcceptableDigestAlgo>
<Algo>SHA1</Algo>
<Algo>SHA224</Algo>
<Algo>SHA256</Algo>
<Algo>SHA384</Algo>
<Algo>SHA512</Algo>
<Algo>RIPEMD160</Algo>
</AcceptableDigestAlgo>
</Cryptographic>
</SigningCertificate>
<CACertificate>
<Signature Level="FAIL"/>
<NotExpired Level="FAIL"/>
<RevocationDataAvailable Level="FAIL"/>
<RevocationDataNextUpdatePresent Level="WARN"/>
<RevocationDataFreshness Level="FAIL"/>
<NotRevoked Level="FAIL"/>
<NotOnHold Level="FAIL"/>
<Cryptographic Level="FAIL">
<AcceptableEncryptionAlgo>
<Algo>RSA</Algo>
<Algo>DSA</Algo>
<Algo>ECDSA</Algo>
</AcceptableEncryptionAlgo>
<MiniPublicKeySize>
<Algo Size="1024">RSA</Algo>
<Algo Size="128">DSA</Algo>
<Algo Size="256">ECDSA</Algo>
</MiniPublicKeySize>
<AcceptableDigestAlgo>
<Algo>SHA1</Algo>
<Algo>SHA224</Algo>
<Algo>SHA256</Algo>
<Algo>SHA384</Algo>
<Algo>SHA512</Algo>
<Algo>RIPEMD160</Algo>
</AcceptableDigestAlgo>
</Cryptographic>
</CACertificate>
<Cryptographic Level="FAIL">
<AcceptableEncryptionAlgo>
<Algo>RSA</Algo>
<Algo>DSA</Algo>
<Algo>ECDSA</Algo>
</AcceptableEncryptionAlgo>
<MiniPublicKeySize>
<Algo Size="128">DSA</Algo>
<Algo Size="1024">RSA</Algo>
<Algo Size="192">ECDSA</Algo>
</MiniPublicKeySize>
<AcceptableDigestAlgo>
<Algo>SHA1</Algo>
<Algo>SHA224</Algo>
<Algo>SHA256</Algo>
<Algo>SHA384</Algo>
<Algo>SHA512</Algo>
<Algo>RIPEMD160</Algo>
</AcceptableDigestAlgo>
</Cryptographic>
</BasicSignatureConstraints>
</Timestamp>
<Revocation>
<RevocationFreshness Level="FAIL" Unit="DAYS" Value="0"/>
<BasicSignatureConstraints>
<ReferenceDataExistence Level="FAIL"/>
<ReferenceDataIntact Level="FAIL"/>
<SignatureIntact Level="FAIL"/>
<ProspectiveCertificateChain Level="FAIL"/>
<TrustedServiceTypeIdentifier Level="FAIL">
<Id>http://uri.etsi.org/TrstSvc/Svctype/CA/QC</Id>
<Id>http://uri.etsi.org/TrstSvc/Svctype/Certstatus/OCSP</Id>
<Id>http://uri.etsi.org/TrstSvc/Svctype/Certstatus/OCSP/QC</Id>
</TrustedServiceTypeIdentifier>
<TrustedServiceStatus Level="FAIL">
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/undersupervision</Id>
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/accredited</Id>
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/supervisionincessation</Id>
<Id>http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted</Id>
</TrustedServiceStatus>
<SigningCertificate>
<Recognition Level="FAIL"/>
<Signature Level="FAIL"/>
<NotExpired Level="FAIL"/>
<RevocationDataAvailable Level="FAIL"/>
<RevocationDataNextUpdatePresent Level="WARN"/>
<RevocationDataFreshness Level="FAIL"/>
<NotRevoked Level="FAIL"/>
<NotOnHold Level="FAIL"/>
<Cryptographic Level="WARN">
<AcceptableEncryptionAlgo>
<Algo>RSA</Algo>
<Algo>DSA</Algo>
<Algo>ECDSA</Algo>
</AcceptableEncryptionAlgo>
<MiniPublicKeySize>
<Algo Size="1024">RSA</Algo>
<Algo Size="128">DSA</Algo>
<Algo Size="256">ECDSA</Algo>
</MiniPublicKeySize>
<AcceptableDigestAlgo>
<Algo>SHA1</Algo>
<Algo>SHA224</Algo>
<Algo>SHA256</Algo>
<Algo>SHA384</Algo>
<Algo>SHA512</Algo>
<Algo>RIPEMD160</Algo>
</AcceptableDigestAlgo>
</Cryptographic>
</SigningCertificate>
<CACertificate>
<Signature Level="FAIL"/>
<NotExpired Level="FAIL"/>
<RevocationDataAvailable Level="FAIL"/>
<RevocationDataNextUpdatePresent Level="WARN"/>
<RevocationDataFreshness Level="FAIL"/>
<NotRevoked Level="FAIL"/>
<NotOnHold Level="FAIL"/>
<Cryptographic Level="FAIL">
<AcceptableEncryptionAlgo>
<Algo>RSA</Algo>
<Algo>DSA</Algo>
<Algo>ECDSA</Algo>
</AcceptableEncryptionAlgo>
<MiniPublicKeySize>
<Algo Size="1024">RSA</Algo>
<Algo Size="128">DSA</Algo>
<Algo Size="256">ECDSA</Algo>
</MiniPublicKeySize>
<AcceptableDigestAlgo>
<Algo>SHA1</Algo>
<Algo>SHA224</Algo>
<Algo>SHA256</Algo>
<Algo>SHA384</Algo>
<Algo>SHA512</Algo>
<Algo>RIPEMD160</Algo>
</AcceptableDigestAlgo>
</Cryptographic>
</CACertificate>
<Cryptographic Level="FAIL">
<AcceptableEncryptionAlgo>
<Algo>RSA</Algo>
<Algo>DSA</Algo>
<Algo>ECDSA</Algo>
</AcceptableEncryptionAlgo>
<MiniPublicKeySize>
<Algo Size="128">DSA</Algo>
<Algo Size="1024">RSA</Algo>
<Algo Size="192">ECDSA</Algo>
</MiniPublicKeySize>
<AcceptableDigestAlgo>
<Algo>SHA1</Algo>
<Algo>SHA224</Algo>
<Algo>SHA256</Algo>
<Algo>SHA384</Algo>
<Algo>SHA512</Algo>
<Algo>RIPEMD160</Algo>
</AcceptableDigestAlgo>
</Cryptographic>
</BasicSignatureConstraints>
</Revocation>
<Cryptographic>
<AlgoExpirationDate Format="yyyy-MM-dd">
<Algo Date="2017-02-24">SHA1</Algo>
<Algo Date="2035-02-24">SHA224</Algo>
<Algo Date="2035-02-24">SHA256</Algo>
<Algo Date="2035-02-24">SHA384</Algo>
<Algo Date="2035-02-24">SHA512</Algo>
<Algo Date="2017-02-24">DSA128</Algo>
<Algo Date="2017-02-24">RIPEMD160</Algo>
<Algo Date="2018-02-24">RSA1024</Algo>
<Algo Date="2018-02-24">RSA1536</Algo>
<Algo Date="2030-02-24">RSA2047</Algo>
<Algo Date="2030-02-24">RSA2048</Algo>
<Algo Date="2030-02-24">RSA3072</Algo>
<Algo Date="2035-02-24">RSA4096</Algo>
<Algo Date="2035-02-24">ECDSA192</Algo>
<Algo Date="2035-02-24">ECDSA256</Algo>
</AlgoExpirationDate>
</Cryptographic>
</ConstraintsParameters>
© 2015 - 2025 Weber Informatics LLC | Privacy Policy