Information

The purpose of this section is to make available the technical documentation and legal aspects related to electronic signatures and Viafirma.

Viafirma is constantly evolving so we offer consultation with our news and developments such as the incorporation of new CAs, new browsers and devices supported market, etc ...

If you are looking for specific information and it is not found in this section, get involved and let us know your queries via our contact form .

 

 

 

 

Support Certification Authorities (CA's)

Today, VIAFIRMA can be used with digital certificates issued by the following certification authorities:

In Spain

Recognized Authorities Support
eID Supported
FNMT (Spanish Royal Mint) Supported
Proffesional Signature Supported
Camerfirma (Chamber of Commerce) Supported
Ancert (Notarial Certification Agency) Supported
Izenpe (Basque Government) Supported
ACA (Certification Authority of Lawyers) Supported
ANF AC (National Association of Manufacturers) Supported
CATCert (Catalan Certification Agency) Supported
ACCV (Certification Authority of the Valencian Community) Supported

In other countries

Recognized Authorities Support
Avansi (first CA in Dominican Republic) Supported
Chamber of commerce and production of Santo Domingo - Dominican Republic Supported
Digital Signature (National System of Digital Certification of Costa Rica) Supported
SINPE (Interbank trading system and electronic payment) - Costa Rica Supported
Security Data - Ecuador Supported

Others

Recognized Authorities Support
VeriSign (Class 2 Public Primary CA – G2) Supported

If you are a certified service provider and are interested in your certificates to be supported by VIAFIRMA, contact with us.

Signature formats

Depending on the needs and preferences your may have, we offer the following types of advanced signature:

XML Signature

It is a specification developed under the aegis of the W3C (http://www.w3.org/Signature/) that allows the sing (full or partial) of XML documents using a standard XML notation. XML Signatures offers some advantages over the traditional signature thanks to its structure based on human readable plain text.

PDF-Signature

Signature embedded in PDF documents in line with ISO-32001, making this sing format the most "accessible" to the ordinary citizen. That is, a signature embedded in a PDF could be viewed by a user with any standard PDF reader like Acrobat Reader may be. They are used for scenarios in which the final user or users involved in the process are natural persons.

CMS (Cryptographic Message Syntax) / PKCS#7

Signed binary format used for the signature, authentication, encryption and summary documents. This format was designed primarily for the exchange of information from emails. Use the standard PKCS # 7. This format also incorporates time-stamping information obtained by a TSA (TimeStamp Authority).

XAdES - XML Advanced Electronic Signature

Family of advanced signatures, based on XML formats. Unlike a format that could be embedded, as PDF-Signature quoted above, is a language designed to "talk between machines", i.e. the exchange of information between automated systems is the purpose of using an XML-based format. Within this signing format, various extensions have been evolved to respond to different needs and scenarios, the extensions described below do not have to be considered less than the degree of robustness, reliability or security, but should be regarded as format changes that respond to different scenarios, and therefore not in competition.

XAdES-BES Basic form that simply meets the legal requirements of the Directive for advanced electronic signature
XAdES-EPES XAdES-BES is one to which we add information about the signature policy, as it could be that information about the certificate used and the CA that issued it.
XAdES-T (timestamp) XAdES-EPES is one to which is added a second signature, but this time, a signature performed by a TSA (Time Stamp Authority). This second signature provides specific information about the exact date and time of signing.
XAdES-C (complete) XAdES-T is one to which are added references to the certificates and revocation lists used to validate the certificate used in the signature. For example, it was signed by CCC Certificate issued by CA AAA RRRR whose CRL was consulted at the time of validation.
XAdES-X (extended) XAdES-C is one to which are added information about the date and time of data entered for the extension C.
XAdES-XL (extended long-term) XAdES-X is one to which are incorporated certificates (public key only) and the validation sources that were used. Unlike the-C, where there was only included a reference (a pointer), in this format is embedded all the information. For example, in the case of a CRL, joins the list of revoked certificates signed that was consulted at that time. This is used to ensure validation for many years after the signature even if the CA that issued the certificate, or the source of validation (CRL) to be consulted, is no longer available (published for instance). In other words, validation ensures off-line long-term.
XAdES-A (archivado) This format includes all the above information but includes meta-information associated with re-signed policies. A re-signed policy establishes an expiration period of the digital signature, and this time passed, we proceed to a re-signed. The ideal scenario for this signing format are those documents whose validity is very high: mortgages, college degrees, deeds, etc.. 15, 20, 50, and so on.

Long-Lived firms

Both formats -XL and -A formats are considered long-lived signature formats. With this re-signed we get to ensure that the algorithms used at the time of the first signs are not expired. For example, in 15 years, probably the signature algorithms used will be obsolete and new ones will may be used. If We reaffirm our document with the new algorithm, we ensure that in the coming years will remain reliable.

This form of signature is the hand of a complex system of policy-based re-signed to define at least how often we re-sign all our documents, what algorithms are used in each case, or where such documents shall be kept.

Further information

For more details on the formats and versions of supported signatures, visit our website developers. Para obtener más detalles sobre los formatos y versiones de firmas soportados, puede visitar nuestro website developers.

Signing Procedures

Depending on the needs and preferences you may have, we offer the following types of advanced signature:

Signing Procedures Support Description
Unattended signature Supported Automatic signature without human intervention.
Attended sugnature Supported Most common procedure for signing which requires user intervention / web
Batch signature Supported Single signature transaction for multiple documents
Multi-signature Supported Signing a document by several signers.
Firma Emails Supported Automated signature process in emails.
Batch Multi-signature (single transaction, multiple documents, multiple signers) Supported Signature on a single transaction from multiple documents signed by several signers
Centralized Signature Supported Store and manage in a repository with centrally HSM and secure digital certificates for users in your organization.

 

Regulatory framework for electronic signatures Spain

Documentation relating to the regulatory framework in Spain for the Electronic Signature:

Laws

Orders

  • Order HAC/1181/AEAT.
       Description: laying down specific rules on the use of electronic signatures in electronic tax relations, computer and communication with the State Tax Administration Agency.
       Date: May 12, 2003.

News (Sindicación)

Java SDK update

18 Apr 2013

This time we update our Java SDK. We enhance specially the hash methods and the policies.

New version (minor) of our PHP client

12 Mar 2013

A new version (minor) of the free viafirma's PHP client for developers. It has been added the support for loop signing.

More News