Electronic Signatures
Remote Testing
ETSI via the it testing unit CTI ( Centre for Testing and Interoperability) has been very active since many years in support of the ETSI TC ESI (Electronic Signatures and Infrastructure), especially by organizing Interoperability events conducted remotely, using a dedicated portal developed by ETSI.
The Electronic Signature Plugtests portal is located at https://signature-plugtests.etsi.org/.
For each event, the portal is specially tailored to provide to the participants all the information and tools for conducting the testing, including the test scenarios, the cryptographic materials and PKI-related online services needed for creating or verifying the electronic signatures. Using the portal, the participants have so the possibility to perform interoperability testing by exchanging electronic signatures created following dedicated test cases.
It has been demonstrated among the years it is an effective way to reduce costs for participants avoiding to travel to a physical event. Moreover, as the testing is not tied to real time, the companies from different time zones can participate more effectively.
In addition to the appreciated benefit for implementers to debug their products, ETSI has provided after each Plugtests event a technical report to TC ESI, gathering the issues discovered in the Signatures Base specifications and also a summary of open technical discussions raised during the Plugtests and that could lead to improvement of the standards.
Conducting Electronic Signatures Interoperability Events:
Here are the 4 types of testing that are usually performed during a ETSI Electronic Signature Interop events:
- Generation and cross-verification (a.k.a. Positive) tests. Each participant is invited to generate a certain set of valid signatures with certain characteristics (generation). The rest of participants are invited afterwards to verify these signatures (cross-verification). The Plugtests portal automatically generates an updated set of interoperability matrixes that all the participants may access.
- Only-verification (a.k.a. Negative) tests. ETSI has generated a number of invalid signatures (the so-called “negative testcases”) by different reasons. Each participant may, at her own discretion, try to verify these signatures, checking in this way that the corresponding tool actually detects that the signature is not valid.
- Signatures Upgrade and Arbitration tests. In this type of tests a simple form of AdES (XAdES-BES for instance) will be generated by one participant A (acting as signer). A different participant B (acting as verifier/archival system) will verify the aforementioned signature and will upgrade it to a more evolved form (to XAdES-X for instance). Finally, the participant A (acting now as if she was an arbitrator) will take the upgraded signature and will verify it as an arbitrator would do.
- Signature Conformance Checking tools. The portal incorporates tools that perform numerous tests in order to verify the conformity of the ETSI Advanced Electronic Signatures XAdES, CAdES, PAdES and ASiC.
- AdES conformity-testing tool, which tests conformity of signatures against the requirements defined in the standard.