This article will give recommendations on datafile formats used for digital signing when the recipient is an end user. These recommendations are not valid for files exchanged between different information systems.
Recommendations are based on following requirements:
- Digitally signed containers (including signed datafiles) have to retain a long-term proof of validity.
- Digitally signed datafiles should be usable/viewable long time after document creation, i.e. they should not be dependant on specific software (version) that was used for creating and viewing the document at that time.
- The datafile (information to be signed) should look the same for the user during intial signing and when viewed in the future.
Based on these requirements we recommend (in accordance with National Archive's guidelines: http://www.ra.ee/public/Juhised/digidok_arhiveerimine.pdf, chapter 3.1) that you use these datafile formats for digital signing:
- Picture formats: TIFF ja PNG
- Plain text (extension .txt)
- Video formats: WAVE (.wav), MPEG-1, MPEG-2, MPEG-4
These formats are preferably not recommended:
- HTML - there are no guarantees that when datafile is opened in the future it will display the same content as during initial signing.
- XML - for the end user it is difficult to examine the data in XML format which is more suitable for data exchange between information systems.