Настройка URL-адреса TSA в клиенте DigiDoc4 и мобильном приложении RIA DigiDoc

TSA или служба отметки времени - это решение, которое доказывает, что определенные данные существовали в данный момент времени.

В настройках DigiDoc4 клиенте и мобильном приложении RIA DigiDoc можно установить доступ к услуге метки времени. Настройка доступа к сервису временных меток необходима в тех случаях, когда в месяц используется больше подписей, чем предназначено для личного использования.

При установке программного обеспечения через услугу посредничества RIA автоматически настраивается доступ к услуге метки времени, которая предусмотрена только для обычного использования. В коммерческих целях:

  • следует использовать метки времени поставщиков услуги метки времени, соответствующих требованиям eIDAS (обзор поставщиков услуги). Одним из поставщиков услуги в Эстонии, например, является предприятие SK ID Solutions AS;
  • для учреждений правительственного сектора (EE) посредником в услуге метки времени является RIA, для использования услуги необходимо заключить с RIA соглашение о сотрудничестве. Для этого отправьте электронное письмо по адресу [email protected].

Чтобы указать URL-адрес, необходимый для доступа к услуге метки времени, необходимо:

  • Known ID-software defects

    No software is perfect: technical possibilities and necessities change over time. With every new ID-software version, we attempt to resolve as many known defects as possible; however, the priority is always to ensure the safety of the user and their data as well as the stability of the software.

    If you are interested, you can read more about changes in the earlier versions of ID-software.

    Below are some known shortcomings in the latest version of ID-software at 24.4 Windows/Linux and macOS:

    DigiDoc4 Client

    • DigiDoc4 does not use system proxy settings under Ubuntu and macOS. (IB-5533)
    • If Ubuntu has three DigiDoc4 windows open, it will ask for the PIN and display an error message in the wrong window. (IB-5808)
    • The cryptographic destination search in the LDAP directory fails if a Proxy server is used. (IB-7077)
    • Some Ubuntu 22.04 users fail to use ID-card on the DigiDoc4 client and Web eID due to an error in the pcscd service. Instructions for restarting the pcscd service can be found here.

    RIA DigiDoc mobile application

    • Android devices can't open files with a .DDOC or .CDOC extension through the Google Drive environment. (MOPPIOS-603)
    • Some Android smart devices fail to sign with RIA DigiDoc app when using Knox antivirus. (MOPPAND-723)
    • Some RIA DigiDoc users may experience mobile-ID signature failures when using the Russian language and need to change the application language. (MOPPAND-942)
    • On iOS smart devices, it is not possible to add attachments to the GMAIL application through the RIA DigiDoc application. (MOPPIOS-1413)

    Web browsers

    • The data of the card isn't displayed, when pressing the "Cancel" button during Safari authentication. Resolving the issue requires to remove the smart card reader. (IB-5726)
    • Ubuntu authentication fails if the smart card is removed from a reader in the middle of the process. Resolving issues requires to restart the web browser. (IB-6085)
    • The OpenSC PKCS11 Module will remain under Firefox security devices after the PKCS11 loader extension is removed. To remove a module, open Security Devices in Firefox Settings, make the OpenSC PKCS11 module active and click Remove.

    Screen readers

    • When opening the signature details, the screen reader reads the text several times. (IB-5948)
    • JAWS screen reader reads the mouse and keyboard user behavior when attaching a file. (IB-6073)

    Card readers

    • The Firefox web browser does not display an error message on the computer screen when entering the wrong code when using the PinPad card reader. The error message is displayed (briefly) on the pin pad reader screen. (Firefox bug report)
    • The PinPad Reader screen will say "Enter PIN" instead of "Enter PUK". (IB-5815)
  • EC LOTL trust anchors are changing

    EC changed the LOTL (List of Possible Signers Certificates) trust anchors. Please note that those who have adopted the DigiDoc4j library must trust the corresponding trust anchors when using earlier versions (earlier than 5.0.0).

    Manual update is necessary in two cases:

    1. a version older than 5.X.X is in use
    2. lotl-truststore was previously manually modified and no longer contains the original trust anchors (https://ec.europa.eu/digital-building-blocks/DSS/webapp-demo/oj-certificates)

    For instructions on how to update manually, refer to: https://github.com/open-eid/digidoc4j/wiki/Questions-&-Answers#how-to-add-trust-for-new-eu-tsl-signing-certificates.