More on digital signatures for graduate documents

The specific standards of importance in signing documents are:


 * 1) XAdES-BES/EPES, basic form just satisfying Directive legal requirements for advanced signature;
 * 2) XAdES-T (timestamp), adding timestamp field to protect against repudiation;
 * 3) XAdES-C (complete), adding references to verification data (certificates and revocation lists) to the signed documents to allow off-line verification and verification in future (but does not store the actual data);
 * 4) XAdES-X (extended), adding timestamps on the references introduced by XAdES-C to protect against possible compromise of certificates in chain in future;
 * 5) XAdES-X-L (extended long-term), adding actual certificates and revocation lists to the signed document to allow verification in future even if their original source is not available;
 * 6) XAdES-A (archival), adding possibility for periodical timestamping (e.g. each year) of the archived document to prevent compromise caused by weakening signature during long-time storage period.

The diagram below is reproduced from Digitary, a company specialising in secure graduate documents, and shows each of the steps needed and the standards complied with in their solution. The approach used by Digitary combines the use of XAdES-BES, XAdES-T and XAdES-A to ensure long-term legal validity of documents.