An advanced electronic signature (AdES) is an

electronic signature An electronic signature, or e-signature, is data that is logically associated with other data and which is used by the signatory to sign the associated data. This type of signature has the same legal standing as a handwritten signature as long as ...

that has met the requirements set forth under

EU Regulation A regulation is a legal act of the European Union that becomes immediately enforceable as law in all member states simultaneously. Regulations can be distinguished from directives which, at least in principle, need to be transposed into nation ...

No 910/2014 (

eIDAS eIDAS (electronic IDentification, Authentication and trust Services) is an EU regulation on electronic identification and trust services for electronic transactions in the European Single Market. It was established in EU Regulation 910/2014 ...

-regulation) on electronic identification and trust services for electronic transactions in the European Single Market.

Description

eIDAS created standards for the use of

s so that they could be used in a secure manner when conducting

business Business is the practice of making one's living or making money by producing or buying and selling products (such as goods and services). It is also "any activity or enterprise entered into for profit." Having a business name does not separ ...

online, such as an

electronic fund transfer Electronic funds transfer (EFT) is the electronic transfer of money from one bank account to another, either within a single financial institution or across multiple institutions, via computer-based systems, without the direct intervention of ...

or official business across borders with

EU Member States The European Union (EU) is a supranational political and economic union of member states that are located primarily in Europe. The union has a total area of and an estimated total population of about 447million. The EU has often been de ...

. The advanced electronic signature is one of the standards outlined in eIDAS. For an electronic signature to be considered as advanced, it must meet several requirements: # The

signatory A signature (; from la, signare, "to sign") is a handwritten (and often stylized) depiction of someone's name, nickname, or even a simple "X" or other mark that a person writes on documents as a proof of identity and intent. The writer of a ...

can be uniquely identified and linked to the signature # The signatory must have sole control of the signature creation data (typically a

private key Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...

) that was used to create the electronic signature # The signature must be capable of identifying if its accompanying data has been tampered with after the message was signed # In the event that the accompanying data has been changed, the signature must be invalidated Advanced electronic signatures that are compliant with eIDAS may be technically implemented through the Ades Baseline Profiles that have been developed by the

European Telecommunications Standards Institute The European Telecommunications Standards Institute (ETSI) is an independent, not-for-profit, standardization organization in the field of information and communications. ETSI supports the development and testing of global technical standard ...

(ETSI): *

XAdES XAdES (short for XML Advanced Electronic Signatures) is a set of extensions to XML-DSig recommendation making it suitable for advanced electronic signatures. W3C and ETSI maintain and update XAdES together. Description While XML-DSig is a gene ...

, XML Advanced Electronic Signatures is a set of extensions to XML-DSig recommendation making it suitable for Advanced Electronic Signatures. *

PAdES PAdES (''PDF Advanced Electronic Signatures'') is a set of restrictions and extensions to PDF and ISO 32000-1 making it suitable for advanced electronic signatures. This is published by ETSI as EN 319 142. Description While PDF and ISO 32000- ...

, PDF Advanced Electronic Signatures is a set of restrictions and extensions to PDF and

ISO 32000 Portable Document Format (PDF), standardized as ISO 32000, is a file format developed by Adobe in 1992 to present documents, including text formatting and images, in a manner independent of application software, hardware, and operating systems. ...

-1 making it suitable for Advanced Electronic Signature. * CAdES, CMS Advanced Electronic Signatures is a set of extensions to

Cryptographic Message Syntax The Cryptographic Message Syntax (CMS) is the IETF's standard for cryptographically protected messages. It can be used by cryptographic schemes and protocols to digitally sign, digest, authenticate or encrypt any form of digital data. CMS is b ...

(CMS) signed data making it suitable for advanced electronic signatures. * ASiC Baseline Profile. ASiC (

Associated Signature Containers Associated Signature Containers (ASiC) specifies the use of container structures to bind together one or more signed objects with either advanced electronic signatures or timestamp tokens into one single digital container. Regulatory context U ...

) specifies the use of container structures to bind together one or more signed objects with either advanced electronic signatures or time-stamp tokens into one single digital ( zip) container.

Vision

The implementation of advanced electronic signatures under the specification of eIDAS serves several purposes. Business and

public service A public service is any service intended to address specific needs pertaining to the aggregate members of a community. Public services are available to people within a government jurisdiction as provided directly through public sector agencies ...

s processes, even those that go across borders can be safely expedited by using electronic signing. With eIDAS, EU States are required to establish “points of single contact” (PSCs) for trust services that ensure the electronic ID schemes can be used in public sector transactions that occur cross-borders, including access to healthcare information across borders. In the past, when signing a document or message, the signatory would sign it and then return it to its intended recipient through the postal service, via

facsimile A facsimile (from Latin ''fac simile'', "to make alike") is a copy or reproduction of an old book, manuscript, map, art print, or other item of historical value that is as true to the original source as possible. It differs from other forms of ...

service, or by scanning and attaching it to an email. This could lead to delays and of course, the possibility that signatures could be forged and documents altered, especially when multiple signatures from different people located in different locations are required. The process of using an advanced electronic signature saves time, is legally binding and assures a high level of technical security.

Legal implications

Following Article 25 (1) of the eIDAS regulation, an advanced electronic signature shall "not be denied legal effect and admissibility as evidence in legal proceedings". However it will reach a higher

probative value Relevance, in the common law of evidence, is the tendency of a given item of evidence to prove or disprove one of the legal elements of the case, or to have probative value to make one of the elements of the case likelier or not. Probative is a te ...

when enhanced to the level of a

qualified electronic signature A qualified electronic signature is an electronic signature that is compliant with EU Regulation No 910/2014 ( eIDAS Regulation) for electronic transactions within the internal European market. It enables to verify the authorship of a declaration ...

. By adding a certificate that has been issued by a qualified

trust service provider A trust service provider (TSP) is a person or legal entity providing and preserving digital certificates to create and validate electronic signatures and to authenticate their signatories as well as websites in general. Trust service providers are q ...

that attests to the authenticity of the qualified signature, the upgraded advanced signature then carries according to Article 24 (2) of the eIDAS Regulation the same legal value as a handwritten signature. However, this is only regulated in the European Union and similarly through

ZertES ZertES is a Swiss Federal law that regulates the conditions under which trust service providers may use certification services with electronic signatures. Additionally, this law provides a framework that outlines the provider’s obligations and ...

Switzerland ). Swiss law does not designate a ''capital'' as such, but the federal parliament and government are installed in Bern, while other federal institutions, such as the federal courts, are in other cities (Bellinzona, Lausanne, Luzern, Neuchâtel ...

. A qualified electronic signature is not defined in the United States.

References

{{reflist Cryptography standards XML-based standards Regulation

Description

Vision

Legal implications

See also

References