Digital Signing guidelines - NatWest
Digital Signing guidelines - NatWest
Digital Signing guidelines - NatWest
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
3. S/MIME <strong>Digital</strong> Signatures<br />
S/MIME is the standard used to sign files that are sent to the customer. All payment files must also be signed using<br />
S/MIME. <strong>Signing</strong> of all payment files must adhere to the S/MIME standard regardless of whether Smartcards or<br />
HSMs are used to provide the signature. As S/MIME is a complex standard this section is included as a ‘primer’ for<br />
customers who have no familiarity or experience with S/MIME.<br />
It is not meant to cover all areas of the (S)MIME standard. It is meant only to give a high-level overview of how<br />
S/MIME files are constructed, for use with Bankline Direct.<br />
3.1 MIME<br />
Bankline Direct requires that digitally signed files are submitted using the S/MIME format. S/MIME is an extension<br />
of the MIME standard and is used to describe how to deliver signed and encrypted files.<br />
Simply, MIME is formed of the following entities:<br />
<br />
<br />
<br />
MIME Header – description of the MIME file contents<br />
MIME Boundary – text delimiter to separate entities<br />
MIME Part – a MIME file can have one or more MIME parts, each separated by a MIME boundary.<br />
Each part will have headers describing the MIME part content<br />
MIME Header<br />
MIME Boundary<br />
Describes the MIME file<br />
Text delimiter<br />
MIME Part N MIME Part 1<br />
MIME Boundary<br />
Text delimiter<br />
MIME Part N+1 MIME Part 2<br />
MIME Boundary<br />
Text delimiter<br />
MIME Part N+2 MIME Part 3<br />
MIME Boundary<br />
Text delimiter<br />
For files with only one MIME Part, the boundary is not necessary:<br />
MIME Header<br />
Describes the MIME file<br />
MIME Part MIME Part 1<br />
3.2 S/MIME <strong>Digital</strong> Signatures<br />
<strong>Digital</strong>ly signed files can be submitted to Bankline Direct with detached or embedded (opaque) signatures.<br />
Bankline only creates files with detached signatures.<br />
8