HOME

TheInfoList



Click Here for Items Related To - DigiDoc
OR:
DigiDoc on:   [Wikipedia]   [Google]   [Amazon]

DigiDoc (''Digital Document'') is a family of digital signature- and
cryptographic Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or '' -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adversarial behavior. More gen ...
computing file formats utilizing a
public key infrastructure A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to fac ...
. It currently has three generations of sub formats, ''DDOC''- , a later binary based ''BDOC'' and currently used ''ASiC-E'' format that is supposed to replace the previous generation formats. DigiDoc was created and is developed and maintained by RIA (''Riigi Infosüsteemi Amet'', ''Information System Authority of Estonia''). The format is used to legally sign and optionally encrypt file(s) like text documents as part of electronic transactions. All operations are done using a national id-card, a hardware token, that has a chip with digital PKI certificates to verify a person's signature mathematically. Signed file is a
container A container is any receptacle or enclosure for holding a product used in storage, packaging, and transportation, including shipping. Things kept inside of a container are protected on several sides by being inside of its structure. The term ...
holding actual signed, unmodified files and hence operation does not require any support from software that created those files. Format container and its signatures can be created using application like qDigiDoc or a
web service A web service (WS) is either: * a service offered by an electronic device to another electronic device, communicating with each other via the Internet, or * a server running on a computer device, listening for requests at a particular port over a n ...
with user's web browser with signing extension. When an application is used, container is typically exchanged between signing parties as an email attachment until everyone has signed it and have their own complete copy. Web services also utilize identity cards for session authentication using an authentication certificate which is also stored on the id-card.


Technical description

DigiDoc container contains actual files and
metadata Metadata (or metainformation) is "data that provides information about other data", but not the content of the data itself, such as the text of a message or the image itself. There are many distinct types of metadata, including: * Descriptive ...
, including a hash that represents those files. When signing, software sends content hash using standardised PKCS 11 interface to the user's id-card. After verifying the user's PIN, id-card signs the hash internally and returns a signature which is then stored into DigiDoc container. During the signing, the certificate validity of each signing party is checked, and a signed timestamp is retrieved, using an OCSP service. The signed timestamp makes it possible to prove later at what time a document was signed (as the timestamp is derived from the document hash) and that each signing certificate was not in
certificate revocation list In cryptography, a certificate revocation list (CRL) is "a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their scheduled expiration date and should no longer be trusted". Publicly trusted C ...
at the time of signing. Any signatures prior to the revocation are still valid (therefore, documents do not have to be resigned when the user receives new certificates).


ASiC-E

ASiC-E ('' Associated Signature Containers'') and its extended variant is the latest DigiDoc container format. Used
file extension File or filing may refer to: Mechanical tools and processes * File (tool), a tool used to remove fine amounts of material from a workpiece. ** Filing (metalworking), a material removal process in manufacturing ** Nail file, a tool used to gen ...
is .asice.


BDOC

BDOC (''Binary Document''), of which the latest version is 2.1, is based on
ETSI The European Telecommunications Standards Institute (ETSI) is an independent, not-for-profit, standardization organization operating in the field of Information and communications technology, information and communications. ETSI supports the de ...
's ASiC signature container standards. It is official Estonian national standard ''EVS 821:2014''. Files use the .bdoc file extension.


DDOC

DDOC (''Digical document'') is the first generation DigiDoc format. Files use the .ddoc file extension.


Software

The most widely used application is the qDigiDoc graphical desktop software that runs on
Microsoft Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...
, Apple Mac OSX and on various
Linux distributions A Linux distribution, often abbreviated as distro, is an operating system that includes the Linux kernel for its kernel (operating system), kernel functionality. Although the name does not imply distribution (marketing), product distribution pe ...
. qDigiDoc is
Open Source Software Open-source software (OSS) is Software, computer software that is released under a Open-source license, license in which the copyright holder grants users the rights to use, study, change, and Software distribution, distribute the software an ...
that can be freely downloaded and installed. Applications also exist for Apple iPad tablet devices and Windows phones. Currently
Estonia Estonia, officially the Republic of Estonia, is a country in Northern Europe. It is bordered to the north by the Gulf of Finland across from Finland, to the west by the Baltic Sea across from Sweden, to the south by Latvia, and to the east by Ru ...
n- and Finnish government issued cards work with qDigiDoc 3.x and later versions.
installer.id.ee
qDigiDoc home page.
itunes.apple.com - DigiDoc for Apple iPad tablets

windowsphone.com - DigiDoc for Windows phone


Software libraries

Multiple programming languages are supported to create applications and services utilizing DigiDoc-format, including C++, C, Java,
.NET The .NET platform (pronounced as "''dot net"'') is a free and open-source, managed code, managed computer software framework for Microsoft Windows, Windows, Linux, and macOS operating systems. The project is mainly developed by Microsoft emplo ...
,
libdigidocpp
c++ library
libdigidoc
C library
digidoc4j
Java library


See also

* Estonian identity card ** Digital signature in Estonia * Associated Signature Containers * Finnish identity card


References

{{Reflist


External links


id.ee - The World of DigiDoc

id.ee - BDOC2.1 – new Estonian national standard on digital signatures

id.ee - DigiDoc libraries

installer.id.ee
qDigiDoc home page. Cryptography standards Public-key cryptography Computer file formats Economy of Estonia Standards