Anais - Engenharia de Redes de Comunicação - UnB

4. A Digital Signature with Authorization Requirements
In this section we describe the notion of a creator signature. This is a signature performed
exclusively by the document’s author. We do this by presenting a new signed signature
attribute called Authorization Requirements. This attribute is used to specify identity and
authorization requirements in a creator signature.
A creator signature is technically a normal CAdES or XAdES digital signature.
This signature is applied to an electronic document by its author. The author’s goal for
the signature is to seal the document and bind it to a set of requirements regarding future
signatures applied by other parties. Those parties, however, are not going to sign
the actual document. Instead, they will countersign the author’s signature. Those countersignatures
will then be embedded in the author’s signature as unsigned attributes. Each
countersignature must comply with a corresponding entry in the Authorization Requirements
attribute.
The Authorization Requirements attribute is structured as a list of required countersignatures.
Each entry contains a set of required signatory attributes, a signatory
identity reference or both. The set of required signatory attributes specifies which attributes
shall be present in the signatory’s AC. In a similar way, the signatory identity
reference is a reference to the required signatory’s PKC . Figure 1 presents a possible
ASN.1[ITU-T 2008a] structure for the CAdES version of the proposed attribute.
A u t h o r i z a t i o n R e q u i r e m e n t s : : = SEQUENCE of R e q u i r e d C o u n t e r S i g E n t r y
R e q u i r e d C o u n t e r S i g E n t r y : : = SEQUENCE {
s i g n e r A t t r i b u t e s [ 0 ] SEQUENCE of A t t r i b u t e OPTIONAL ,
s i g n e r I d e n t i t y [ 1 ] S i g n e r I d e n t i t y OPTIONAL
}
S i g n e r I d e n t i t y : : = CHOICE {
s i g n e r I d e n t i t y V 1 [ 0 ] S i g n i n g C e r t i f i c a t e ,
s i g n e r I d e n t i t y V 2 [ 1 ] S i g n i n g C e r t i f i c a t e V 2
}
Figure 1. Authorization Requirements ASN.1 structure
The signerAttributes field in Figure 1 shall be consistent with Section 4.2.7 of RFC
5755 [Farrell et al. 2010]. Attribute types are defined in Section 4.4 of RFC 5755. The
types SigningCertificate and SigningCertificateV2 in figure 1 are defined in RFC 5035
[Schaad 2007]. The signerAttributes and signerIdentity fields are optional, but at least
one of them must be present in a RequiredCounterSigEntry instance.
The validation process of a digital signature that contains an Authorization Requirements
attribute begins precisely with that attribute. First, the presence of all required
countersignatures in the creator’s signature unsigned attributes section is assured. Next,
each countersignature is validated. This includes the signature and Certification Path validation
of both the signatory’s PKC and AC. Then, these certificates are evaluated against
the criteria specified in the requirements. If they all meet the requirements, the signatories’
authorization is acknowledged and the rest of the signature validation proceeds as
usual. It should be noted that if one of the countersignatures is invalid or does not meet
400