Qualified validation service for qualified electronic signatures and seals

OBELISK Validator QTS ensures the correct and complete validation process of an electronically signed document in accordance with eIDAS.

Service certification

On 6 August 2019, the Ministry of the Interior of the Czech Republic, as the supervisory body for trust service providers pursuant to Article 17 of the eIDAS Regulation, granted SEFIRA spol. s r.o. qualified trust service provider and OBELISK Validator QTS qualified trust service status.

Qualified status of the OBELISK Validator QTS service has been published in the Czech Trusted List (https://tsl.gov.cz/publ/TSL_CZ.xtsl)

OBELISK Validator QTS supports processing of all formats declared by eIDAS (CAdES, PAdES, XAdES, ASiC). The process of electronic signature validation is precisely defined in terms of the scope of the facts to be verified.

Scope of validation

  • Is the document created in a recognized format?

  • Do electronic signatures meet the required policies and restrictions?

  • Has the document (or signed data) been changed after signature?

  • Is it possible to clearly and demonstrably identify signature certificates?

  • Are all the used cryptographic algorithms safe?

  • Does the document have a trusted timestamp?

  • Were the signing certificates issued by trusted authority?

  • Are the certificates qualified?

  • Were the certificates used for electronic signature valid and not revoked?

  • Were electronic signatures created by a qualified signature creation device?

Complete verification is performed in the environment of the service. The output of the performed electronic signature validation is a detailed validation report in PDF or XML format, which contains the result of verification of all the attributes and signature properties required by ETSI specifications. The output also includes validation data collected as part of the verification process.

Benefits of OBELISK Validator QTS

Ensures compliance of the organization’s processes with eIDAS in the area of e-signing

Comprehensive validation of electronically signed documents in all recognized formats

Validation of used certificates issued by all trusted service providers listed on TSL

Easy integration into other IS using web services

Supported standards

Validated el. signature formats CAdES, PAdES, XAdES, ASiC, PKCS#7, XMLDSig, S/MIME, MS Office, OpenDocument, ZFO
Validated signature classes Basic Signature, Signature with Time, Signature with Long-Term Validation Material, Signature providing Long Term Availability and Integrity of Validation Material
Validated signature levels Baseline profile: B-B, B-T, B-LT, B-LTA
Validation data formats CRL, IETF’s OCSP protokol
ETSI standards Electronic Signatures and Infrastructures (ESI) – ETSI / CEN standards:
ETSI EN 319 102 – Procedures for Creation and Validation of AdES Digital Signatures
ETSI EN 319 122 – CAdES digital signatures
ETSI EN 319 132 – XAdES digital signatures
ETSI EN 319 142 – PAdES digital signatures
ETSI EN 319 162 – Associated Signature Containers (ASiC)
ETSI EN 319 172 – Signature Policies
ETSI EN 319 312 – Cryptographic Suites
ETSI EN 319 412 – Certificate Profiles
ETSI TS 119 612 – Trusted Lists
Service API Web

OBELISK Validator QTS policy

The policy describes the conditions and procedures relating to the OBELISK Validator QTS service, taking into account the applicable standards of the European Union and the law of the Czech Republic in this area. Compliance with the procedures and conditions set out in the Policy ensures that relying parties receive the outcome of the validation procedure in an automated manner that is reliable, efficient and bears the electronic seal of the provider of the qualified signature and seal validation service.

Download current Policy

The planned changes to the rules for the provision of the qualified service OBELISK Validation QTS will take place on 15 June 2020. A new version of the service policy is available HERE.

Would you like to know more about OBELISK Validator QTS?

Contact us