This website has been translated by machine translation software and has not been subsequently revised by translators. Further information at: link. Hide

Hace transparente para las aplicaciones el uso de diferentes formatos de firma electrónica como PKCSHace transparente para las aplicaciones el uso de diferentes formatos de firma electrónica como PKCS

PAe - CTT - Additional Information - platform of electronic signature validation @firma
the accesskey _ mod _ content
-

Validation platform of electronic signature @firma

  • Start date Production:

    16/03/2006

    RoadMap:
    • Deployment of @firma 6.4 with improvements signature validation and management validation policies.
    • New version of the module for monitoring the platform (Monitoriz@) that will allow agencies to complete monitoring services and @firma time-stamping (TS@).
    • The signature broker FIRe will integrate with signature in the cloud offered by the FNMT.
    • The Platform of self-management of agencies (PAO) will form delegate agencies to manage their own certificates of connection to the different applications common SGAD.
    Indicators:

     

    Functional description

    @firma es un sistema que determina la validez y vigencia de los certificados digitales de múltiples infraestructuras de clave pública (PKI), entre ellas la del DNI electrónico, empleados en operaciones de autenticación y firma electrónica de cualquier aplicación del ámbito de las Administraciones Públicas que se conecte a sus servicios.

    When the citizen interacts with the administration, to complete a formality staff, it is necessary to know its identity, which viewed is done via the DNI electronic or an electronic certificate. The Administration check the status of the certificate or DNIe with which the citizen is identifying or signing the application. For this check is used the platform of validation @firma, delegating in her the verification of the credentials of certificate or DNIe used.

    The services offered to agencies can be catalogue in:.

    1- Validation Services:

    • of web services validation of signatures in multiple formats digital
    • of web services validate certificates electronic different profiles and providers.
    • OCSP multiprestador
    • Longeva validation of signatures.

    2- Services of electronic signature:

    • Through the service DSSAfirmaVerify enables updating or upgrade electronic signatures from a basic format to a more advanced format. you can specify the format to which you want to extend the signature. The different values can be: BES ARRIVING, EPES, T, C, X, X-1, X-2, X-L. X-L-1, X-L-2 and A. Supports hash algorithms SHA1 and SHA2 algorithms and signature RSA and elliptic curves.
    • Únicamente para el modelo federado (instalación propia del organismo de la plataforma @firma’, se ofrece una funcionalidad de firma en servidor.

    3- For signing automated processing, provides a API ( Integr@ ) which provides functions of creation of signatures in different formats, as well as facilitates the integration with the advanced Web Services @firma. The API can be downloaded from the download area of this page.

    4-Para signature of citizens in local, independent of the validation platform but as part of the ‘ Suite @firma ’ provides a component which integrates with the browsers of users, to facilitate the incorporation of signature in computerized procedures. Allows signatures from desktop environments and from mobile devices. You can find more information of this component in the specifies page @firma client.

    5- Services of time-stamping. You can find more information of this service in the page TS@  

    6- Other components of the Suite. You can consult the rest of services and products of the ‘ Suite @firma ’ in the page of the Suite

    7- Support to the operation: through support services to integration, support for the shift towards new standards of electronic signature.

     

    Requirements:

    To integrate into @firma is necessary to continue some simple steps:

    1. To be connected to the network SARA.
    2. Contact the customer support through the form enabled the effect and facilitate your contact details.
    3. El equipo de soporte le informará de los prerrequisitos y le facilitará el formulario para el control de acceso que el organismo debe cumplimentar. En el área de descargas del Portal de Administración Electrónica, el Organismo encontrará a su disposición documentación técnica de los servicios así como ejemplos para la integración. Dicha información es accesible únicamente para usuarios de las administraciones públicas registrados en el PAE.
    4. The agency should connect applications of electronic administration services to access the platform via web services.

    Advantages:

    The benefits that the platform facilitates to agencies are:

    • The recognition of multiple certificates.
    • Independent certification service providers as it supports various protocols for validation of certificates (OCSP, HTTP, LDAP).
    • El uso de Políticas de Seguridad para garantizar la confidencialidad, autenticidad e integridad de todas las transacciones realizadas.
    • Greater efficiency and lower cost in the use of the electronic signature in the telematic services rendered.
    • La interoperabilidad con los servicios proporcionados por las Administraciones Públicas. Se hace extensible la interoperabilidad al ámbito Europeo y al de sus organismos e instituciones al ser contempladas las especificaciones de compatibilidad con la Unión Europea.
    • Cost reduction: the service allows you to optimize the cost of the services of validation of certificates for each application.
    • Innovación: la plataforma de la validación multi-PKI se ha convertido en el primer servicio centralizado principal que proporciona servicios electrónicos horizontales a todas las      Administraciones Públicas del país gratuitamente.

    Technical Description

    The services offered are:

    Validate certificates X.509 according to the RFC 3280, of certification authorities included in the platform. Between the validation features include:

    • Recognition and validation of the electronic DNI issued by the General direction of the police, and multiple providers.
    • Validate certificates X.509 according to the RFC 3280, all certification authorities recognized in the country by the ministry of industry
    • Multilevel validation of certificates (in the case of structure of certification of more than two levels).
    • Obtención mediante un parseo en XML, de la información correspondiente a los campos del certificado, según la Política de Confianza definida para el tipo de certificado de que se trate.
    • Caché de validación configurable en tiempo, para evitar tener que acceder al PSC ante validaciones de un mismo certificado en un corto período de tiempo.


    Signature validation :

    • Signature validation via web services (WS) of an element signed, indicating if the signature is correct and validity, dated time, etc. Also takes place the interpretation of the fields of certificates to a XML homogeneous.

    Generation of Signature :

    • Through the service DSSAfirmaVerify allows the upgrade of electronic signatures to a more advanced format, for it is possible to specify the format to which you want to extend the signature. The different values can be: BES ARRIVING, EPES, T, C, X, X-1, X-2, X-L. X-L-1, X-L-2 and A.
    • The currently supported hash algorithms are SHA1 and SHA2 (the rest are obsolete).
    • At the moment the algorithms of digital signature supported are RSA and elliptic curves.

    Management and administration

    La plataforma realiza la gestión y administración de los Prestadores de Servicios de Certificación adheridos. Todas las operaciones realizadas en la plataforma son registradas para la auditoria y trazabilidad del sistema.

     

    @Firma demonstrator:

    @Firma demonstrator : Direct access to services of @firma (Validation tool).

General access point
General access point
Maintainer