Introduction to the verification of an electronic signature
The purpose of the signature verification service is to provide its clients with a report on the technical validity of the electronic signature present in the document submitted to it. This report is to be interpreted by the client of the service in order to determine whether or not the signature of the document is valid in its context of use.
The service verifies signatures of type XAdES (XML document or any other document) or PAdES (PDF document). If the signature is of type XAdES and the signature is detached from the document, a second block appears to allow loading the signature file.
Instructions for use
To use the signature verification service in utility mode, go to the home page of the verification utility, click on the "Verify Electronic Signature" menu and drag the document to be verified onto the "drag your document" cloud icon.
Click on the "check" button: a report line is displayed at the bottom of the page.
By clicking on the "Download" button, you can view the report details in PDF format.
Alternatively, you can view the details directly in your browser by clicking on the hyperlink below the "Report" line (in the following example, this is the line named "Signature 1/1", the document used contains only one signature).
5 detail blocks available
Five detail blocks are therefore available to allow you to verify your electronic signature.
They are as follows:
It is a synthesis that restores :
- the unique identifier of the certificate,
- the identity of the natural or legal person holding the certificate (i.e. the signatory),
- the identity of the authority issuing the certificate (i.e. the trusted certifying authority).
It also indicates whether a problem has been detected. In our example, an error has been detected in the certification chain. For more details on the nature of this problem, please refer to the content of the "Signatory's certificate" block, which deals with the certification chain.
This block gives the time stamp of the signature, its format (XAdES or PAdES) and its "level". There are 4 levels:
- Unqualified: an unqualified signature, although it mentions a signatory, does not guarantee the integrity of the controlled document.
- Advanced: a qualified signature guarantees both the integrity of the data and the identity of the signatory by relying on a certification issued by a certification authority in accordance with a defined security policy (e.g. RGS, Référentiel Général de Sécurité). Other.
The Issuer field of the timestamp token gives the identity of the holder of the timestamp unit, i.e. the authority that certifies the date and time of use of the certificate.
This block gives the validity date of the certificate, the identity of the signatory and the issuer of the certificate, i.e. the certification authority. In addition, it is in this block that it is specified whether the certificate has been revoked and whether the certification chain is validated. Possible causes of invalidity of the certification chain include: incorrect signature, certification authority revoked, expired or unknown.
This block restores data related to the signature timestamp (especially its date). The security level field refers to the nature of the qualification of the certificate ("RGS qualified", "eIDAS qualified" or "none").
This block restores the data specific to the timestamp certificate (to be distinguished from the signatory's certificate), that is why the validity date given here (which corresponds to the validity date of the timestamp certificate) is different from the validity date mentioned in the "Signatory's certificate" block. The same is true for the other fields of the block.
Last Update: December 16, 2020