Which certificates are needed for digital signature verification

To verify digitally signed (digitally stamped) files a system has to have configured all used root certificates, all CA certificates and also all OCSP responder certificates (expired certificates included)

The tables below should give an overview of different CA and OCSP responder combinations over time.

These are the possible combinations of CA and OCSP responder certificates for files signed using ID-card or Mobiil-ID.

 
 
CA certificate CN
ESTEID-SK 2015 ESTEID-SK 2011 ESTEID-SK 2007 ESTEID-SK EID-SK 2016 EID-SK 2011 EID-SK 2007 EID-SK 
SK OCSP RESPONDER 2011     N/A N/A     N/A N/A
ESTEID-SK 2007 OCSP RESPONDER 2010 N/A N/A   N/A N/A N/A N/A N/A
ESTEID-SK 2007 RESPONDER N/A N/A   N/A N/A N/A N/A N/A
ESTEID-SK OCSP RESPONDER 2005 N/A N/A N/A   N/A N/A N/A N/A
ESTEID-SK OCSP RESPONDER N/A N/A N/A   N/A N/A N/A N/A
EID-SK 2007 OCSP RESPONDER 2010 N/A N/A N/A N/A N/A N/A   N/A
EID-SK 2007 OCSP RESPONDER N/A N/A N/A N/A N/A N/A   N/A
EID-SK OCSP RESPONDER N/A N/A N/A N/A N/A N/A N/A  

 *N/A - not available

Digitally stamped files can have these CA / OCSP responder combinations. 



 
CA certificate CN
KLASS3-SK 2016 KLASS3-SK 2010
(valid since 2015)
KLASS3-SK 2010
(valid since 2011)
KLASS3-SK 2010
(valid since 2010)
KLASS3-SK
SK OCSP RESPONDER 2011 (active since 15.08.16)          
KLASS3-SK 2010 OCSP RESPONDER  N/A       N/A
KLASS3-SK OCSP RESPONDER 2009  N/A  N/A N/A N/A  
KLASS3-SK OCSP RESPONDER (valid since 2006 )  N/A  N/A N/A N/A  
KLASS3-SK OCSP RESPONDER (valid since 2003)  N/A  N/A N/A N/A  

 *N/A - not available

All these certificates could be downloaded from www.sk.ee/certs.

 

 


ПОЛУЧИТЬ ПОМОЩЬ

Если Вы не нашли ответа на свой вопрос, свяжитесь с нашей командой.



  • Смотреть руководство
  • Оцените свой уровень владения компьютером, чтобы мы могли предложить Вам более качественные руководства

         

  • Проверка не удалось

Как мы можем улучшить эту cтатью?
Отправить Закрывать