1. SK
  2. Services
  3. Validity confirmation services

Print

Validity confirmation services

The validity confirmation service of SK gives the digital signature a legal basis. With the help of the service a notation that records the time of signature and the validity of the certificate of the undersigned at the time of signature is added to the digital signature. The validity confirmation service is also used for verification of the validity of certificates in real time, thus ensuring secure electronic identification of persons.

The validity confirmation service is suitable for public e-services that can be used by an ID card, Mobile ID or digital stamp and that can be signed digitally. Validity confirmations of certificates issued are preserved in a secure database that allows for verifying them for certification purposes, where necessary.

Business advantages

Electronic identification by an ID card is in several ways better and securer than a username and password. Upon authentication by an ID card you can be certain that the right data is obtained from the card and the card is in the hands of the right person – this way the service provider’s risk of receiving false information from the user is reduced. Furthermore, all service providers can provide their services directly and securely to all ID card holders without prior registration. It is also convenient for users, because they do not have to remember different usernames or passwords – the same card and PIN apply to all services.

Using a digital signature is convenient and quick, because it allows for carrying out operations, for which one had to use a handwritten signature in the past, electronically and without paper. The digital signature is also very secure, because it cannot be forged and thus its correctness is ensured.

According to the Digital Signature Act, only signatures that have a valid certificate at the time of signature are valid. With the help of the validity service the validity of a digital signature and quickly and conveniently be verified. A query of the correctness of a digital signature can be made after the expiry of the term of validity or after cancellation of the certificate.

How does the validity confirmation work?

The service is based on OCSP (Online Certificate Status Protocol), which has been described in Internet standard RFC 2560. OCSP is a simple client-server system where an OCSP client sends to the OCSP responder (server) a query about a certificate and the responder gives a confirmation regarding the certificate, which contains the validity of the certificate, not the validity and the time of giving the confirmation. The reply given by the responder is digitally signed.

OCSP responder has three replies regarding a certificate:

  • Certificate is valid.
  • Certificate is not valid.
  • No information about the requested certificate.

OCSP's positive response means that the certificate has been issued and it was valid at the time of giving the confirmation.

The validity confirmation service functions as follows:

  1. A document fingerprint is made of the document to be signed.
  2. The user signs the document using an ID card.
  3. The information system sends the document fingerprint and the user’s certificate to the SK server.
  4. The SK server verifies the validity of the user’s certificate. If the certificate is valid, a validity confirmation is issued. If the certificate is not valid, an error message is displayed to the user. If there is no information on the certificate, the respective message is displayed.
  5. The SK server records the issued validity confirmation in its database where it can be verified afterwards. The document fingerprint contained in the validity confirmation does not contain information on the contents of the signed document.

Access to the validity confirmation service is limited. Access is granted to the IP address specified in the client agreement. The service can be accessed also on the basis of an access certificate. Users of the validity confirmation service also have free access to the DigiDocService web service.

Technical description of the service: PDF (in Estonian)

How much does the validity confirmation service cost?

For the first six months the client can use the service free of charge, but after that time a monthly fee-based package is applied on the basis of the number of queries.

More detailed price information: Prices

General conditions of Service Contract are available here.

General conditions of the extended validity confirmation service contract valid until 01.09.2011.

Additional technical information

Contact

Ask for more information

Andres Kuut,
Corporate Sales Manager
e-mail: andres.kuut[A]sk.ee
phone: +372 610 1892