What is the validator of electronic signatures and stamps?
The validator checks the authenticity of electronic signatures and stamps. The type of signature, the validity of the certificates accompanying the signature, the signatory's details and whether the document has not been changed after signing is verified. In the case of a stamp, the validator checks the authenticity and integrity of the data and indicates the legal person who has affixed the stamp.
What is the Validation Attestation?
The Validation Attestation is a detailed report issued by Autenti with the results of the verification of signatures and electronic seals, which can be downloaded at the end of the process. The report is secured with Autenti's stamp in a way that allows it to be used in disputes, e.g. in court proceedings.
What types of electronic signatures do we validate?
The service allows the validation of qualified and non-qualified electronic signatures submitted in the XAdES, PAdES, CAdES format, including the validation of trusted signatures, personal signatures and electronic signatures submitted via Autenti, regardless of their type.
How to interpret the overall validation results for the whole document and what does each status mean?
The following overall validation results are possible for the whole document:
- Validation of the document has a positive status (green) when all signatures and electronic stamps in the document have been verified as correct and the document has not been changed;
- the document validation has a negative status (red) when the document contains at least one incorrect signature;
- general status is not assigned when it is not possible to unambiguously verify all signatures - the validation results of individual signatures should be checked (more information below) to see why.
How to interpret the detailed validation results for specific electronic signatures and stamps and what does each status mean?
There are three possible validation results for specific electronic signatures and stamps:
- positive validation (green) - authenticity of signature and validity of certificates has been confirmed;
- negative validation (red) - the signature is incorrect, and the reason is given in the detailed results of the validation (see below);
- indeterminate validation (yellow) - the authenticity of the signature cannot be unambiguously verified, and the reason is given in the detailed validation results (see below).
What does the positive validation of the electronic signature mean in practice?
Validation is positive when the cryptographic verification of the signature has been successful and the identity of the signatory and the validity of the signature at the time of submission have been confirmed.
What may be the reasons for negative validation of the electronic signature?
According to the technical standards, the reasons for recognising the signature as incorrect may be:
- inability to verify the cryptographic signature
- incorrect cryptographic verification of the signature
- lack of possibility to confirm the integrity of the document
- certificate revoked at the time of signature
- certificate expired at the time of signature
- certificate was not valid at the time of signature
Validation results indicate the specific reasons why the signature was considered incorrect.
What could be the reason for validation not specified in the qualified validator?
A qualified validator (such as Webnotarius from Asseco) detects only qualified signatures on a document. If a signature of another type (e.g., non-qualified or advanced) has been used for the signature, the qualified validator will issue an “Unspecified” result. The Autenti validator has a broader scope of operation and also recognizes other types of electronic signatures. Therefore, there may be a situation when the same document in the Autenti validator will be validated with a positive result, while in the qualified validator with an unspecified result.
What may be the reasons for indeterminate validation of the electronic signature?
Validation results in an unspecified status if the signature cannot be unambiguously validated positively or negatively.
Among the reasons for not being able to confirm the validity of the signature are:
- no chain of trust can be established for the certificate
- the algorithm used is not recommended by the standards
- incorrect order of time stamps
- lack of evidence that the signature was affixed during the period of validity of the certificate
- data confirming the validity of the certificate cannot be accessed at this moment
Validation results indicate specific reasons why the signature could not be unambiguously verified.