The validity confirmation service of SK gives the digital signature a legal basis. With the help of the service a notation that records the time of signature and the validity of the certificate of the undersigned at the time of signature is added to the digital signature. The validity confirmation service is also used for verification of the validity of certificates in real time, thus ensuring secure electronic identification of persons.
The validity confirmation service is suitable for public e-services that can be used by an ID-card, Mobile-ID or digital stamp or where you can give digital signature. Validity confirmations of certificates issued are preserved in a secure database that allows for verifying them for certification purposes, where necessary.
Calculate the costs on signing contracts in Your company!
Use digital signature cost-profit calculator that can be found here.
Electronic identification by an ID card is in several ways better and securer than a username and password. Upon authentication by an ID card you can be certain that the right data is obtained from the card and the card is in the hands of the right person – this way the service provider’s risk of receiving false information from the user is reduced. Furthermore, all service providers can provide their services directly and securely to all ID card holders without prior registration. It is also convenient for users, because they do not have to remember different usernames or passwords – the same card and PIN apply to all services.
Using a digital signature is convenient and quick, because it allows for carrying out operations, for which one had to use a handwritten signature in the past, electronically and without paper. The digital signature is also very secure, because it cannot be forged and thus its correctness is ensured.
According to the Digital Signature Act, only signatures that have a valid certificate at the time of signature are valid. With the help of the validity service the validity of a digital signature and quickly and conveniently be verified. A query of the correctness of a digital signature can be made after the expiry of the term of validity or after cancellation of the certificate.
The service is based on OCSP (Online Certificate Status Protocol), which has been described in Internet standard RFC 2560. OCSP is a simple client-server system where an OCSP client sends to the OCSP responder (server) a query about a certificate and the responder gives a confirmation regarding the certificate, which contains the validity of the certificate, not the validity and the time of giving the confirmation. The reply given by the responder is digitally signed.
OCSP responder has three replies regarding a certificate:
OCSP's positive response means that the certificate has been issued and it was valid at the time of giving the confirmation.
The validity confirmation service functions as follows:
Access to the validity confirmation service is limited. Access is granted to the IP address specified in the client agreement. The service can be accessed also on the basis of an access certificate. Users of the validity confirmation service also have free access to the DigiDocService web service.
Technical description of the service: PDF (in Estonian)
For the first six months the client can use the service free of charge, but after that time a monthly fee-based package is applied on the basis of the number of queries.
More detailed price information: Prices
General conditions of Service Contract are available here.
Set up ID card and Mobile-ID support for your web service!