Business professionals often find themselves in a familiar situation: an important contract arrives in Microsoft Word format requiring an immediate signature. The traditional process of printing, signing, scanning, and emailing back isn't just time-consuming—it's an unnecessary obstacle in today's digital world.
Before diving into ASIC and XAdES format, lets recap what is a digital signature.
A digital signature is a mathematical technique for validating the authenticity and integrity of a message, piece of software, or digital document. It's the digital equivalent of a handwritten signature or a stamped seal, but it's far more secure. A digital signature is designed to prevent tampering and impersonation in digital communications.
Digital signatures (whether they are in XAdES format or actually in PAdES format) can be used to verify the origin, identity, and status of electronic documents, transactions, or digital messages. They can also be used by signers to acknowledge informed consent.
Digital signatures are legally binding in many countries, including the United States, in the same way that traditional handwritten document signatures are.
Public key cryptography, also known as asymmetric cryptography, underpins digital signatures. Two keys are generated using a public key algorithm, such as RSA (Rivest-Shamir-Adleman), resulting in a mathematically linked pair of keys, one private and one public.
Digital signatures are created using two mutually authenticating cryptographic keys in public key cryptography. The person who creates the digital signature encrypts signature-related data with a private key, and the only way to decrypt that data is with the signer's public key.
If the recipient is unable to open the document using the signer's public key, there is a problem with the document or the signature. Digital signatures are authenticated in this manner.
ASiC containers conforming to ETSI EN 319 162-1 bind together to form a ZIP archive:
Agrello associates signed file objects (e.g., documents, spreadsheets, multimedia content, XML structured data) with detached digital signatures.
All ASiC containers have the following internal structure:
Multiple signature (and time assertion) formats are supported by the European Standard (EN) 319 162-1 developed by the European Telecommunications Standards Institute (ETSI) Technical Committee Electronic Signatures and Infrastructures (ESI). Agrello only employs XML advanced electronic signatures (XAdES).
Without taking into account time assertions or non-XAdES signatures, the standard specifies two types of containers: ASiC Simple (ASiC-S), which associates a single file object (which can be a ZIP archive) in a ZIP archive with one or more XAdES signatures present in a single signature file; and ASiC Extended (ASiC-E), which associates a single file object (which can be a ZIP archive) in a ZIP archive with one or more XAdES signatures present in one or more signature files.
Combining a detached signature with signed objects in a container allows for easy distribution and ensures that the correct signature and any relevant metadata is used when validating. Associated signature containers also provide a simple and secure mechanism for creating point-in-time snapshots of groups of documents, such as during a negotiation or for general audit and compliance purposes.
XAdES (XML Advanced Electronic Signature) is a set of extensions to XML-DSig electronic signature format, making it suitable for advanced electronic signatures that remain valid over long periods and comply with European regulations like eIDAS.
XAdES builds upon the XML-DSig standard by adding qualifying properties to the signature. These properties include timestamps, certificate validation data, and other elements that enhance the signature's legal validity and long-term verification capabilities.
XAdES comes in several forms, each offering increasing levels of security and long-term validation capabilities:
XAdES signatures offer several advantages for digital document signing:
While ASiC and XAdES are often mentioned together, they serve different but complementary purposes in the digital signature ecosystem. The following table highlights their key differences and how they work together:
How ASiC and XAdES Work Together
ASiC containers can include XAdES signatures as part of their structure. In fact, when using ASiC-E containers with Agrello, XAdES is the signature format used within the container. This combination provides both the packaging benefits of ASiC and the advanced signature capabilities of XAdES.
In many countries around the world, electronic signatures are legal, trusted, and enforceable. While laws differ, Agrello provides the most flexibility in a single global e-signature solution. You can choose the right type for each use case ranging from simple e-signatures to e-signatures with strong identification to highly secure, regulated digital signatures in the cloud.
Many countries around the world accept e-signature as evidence in court. Certain highly secure, regulated digital signatures are frequently regarded as equivalent to an ink signature.
In the United States, the E-Sign Act and the Uniform Electronic Transactions Act (UETA) established the legal framework for the use of e-signature across all states.
The Electronic Identification and Trust Services Regulation (eIDAS) created legislation in the European Union that helped standardize e-signature status across national borders.
Agrello has made significant investments in cyber security and complies with US, EU, and international security practices.
ASiC is a container format that packages documents and signatures together, while XAdES is a signature format based on XML. ASiC can actually contain XAdES signatures, making them complementary technologies rather than competing ones.
Yes, ASiC containers are recognized under the eIDAS regulation in the European Union as a valid format for electronic signatures. They provide a standardized way to package signed documents and their signatures.
While ASiC containers are based on the ZIP format, specialized software is recommended to properly validate the signatures within. However, you can rename the file extension to .zip and extract the contents to view the documents, though this won't verify the signatures.
XAdES offers advanced features like timestamp integration, certificate validation references, and long-term validation support. It's specifically designed for XML documents and provides a standardized approach to electronic signatures that complies with European regulations.
A XAdES-compliant signature will contain specific XML elements that extend the basic XML-DSig format. Validation software can verify if a signature meets the XAdES standards and determine which level of XAdES it complies with.
Yes, ASiC-E (Extended) containers can contain multiple documents with multiple signatures. This makes them ideal for complex signing scenarios where multiple parties need to sign different documents within a single package.
Both ASiC and XAdES are recognized throughout the European Union under the eIDAS regulation. They are particularly common in Estonia, Lithuania, Latvia, and other European countries that have advanced digital signature infrastructures.