Signing is the usage scenario in which the signer initiates a request for remote signature of data and, using and activating a suitable signature key, has the remote signature executed, with the result that the signer then receives the remote signature data back as a response.
The starting point of this scenario is that the signer initiates a request to perform a remote signature from the business application he or she is using. The Signer Interaction Component (SIC) for the communication between signer and SSA as remote peer to be addressed in the remote environment can be provided conceptually and depending on the usage scenario both on the side of the signer and on the remote side of the TW4S. The request for remote signing is sent to the Signature Activation Module (SAM) via the Server Signing Application (SSA). This verifies the request and the requester. If the verification is successful, the signature key assigned to the signature process via Signature Activation Data (SAD) is activated and the remote signature is triggered. The request information must be created in the local environment before the request is sent to the SAM via the SSA. Before the signature process is triggered, the signer must also confirm his intention to perform the remote signature. Authentication of the signer requires that the signer has previously identified himself to an identity provider and that the identity provider has issued him an identity token.
To ensure that the signer has sole control over his signature keys, the signature process must be authorized. This task is performed by the Signature Activation Module (SAM), which can verify SAD and activate the signature key within a cryptographic module. SAD verification here means that the SAM verifies the binding between the three SAD elements as well as the authentication of the signer. This binding of the SAD components is ensured, among other things, by the signer using a temporary key created in its environment, which is introduced into the data for signer authentication in the form of an ID token on the one hand and is used to sign the SAD on the other.
The flow of the remote signing process is basically as follows:
-
Authentication of the signer
-
Authentication of the signer to an identity provider Issuance of ID token for the signer by the identity provider
-
-
Selection of signature information
-
Requesting a list of key IDs suitable for remote signing together with the associated certificate
-
Selection of the key ID/assigned certificate to be used for the upcoming remote signature
-
-
SAD creation
-
Creation of the temporary key in the signer's environment
-
Extension of the ID token with the public part of the temporary key and the remote signature scope
-
Verification of the document to be signed
-
Initiation of remote signature using extended ID token
-
Generation and signature of the SAD
-
Transfer of SAD or the SAD components bound by SAD signature to the remote signature process
-
-
Activation of the signature key
-
Verification of signer authentication
-
Checking the validity of the declaration of intent for remote signature
-
Request of the wrapped key matching the key ID
-
Verification that key ID and user ID match (SAD vs. wrapped key vs. ID token)
-
Activation of the signature key
-
-
Creation of the signature value
-
Creation of the signature value by the cryptographic module
-
Verification of the signature value and the signer certificate
-
Creation of the signature container for embedding the signature value
-
Return of the document signature to the signer
-
The actual process and the actions that take place are explained in detail in the chapter about the signing process, including a sequence diagram and step-by-step description.