The validity confirmation service gives digital signature a legal basis. With the help of the service a notation that records the time of signature and the validity of the certificate of the undersigned at the time of signature is added to the digital signature. The validity confirmation service is also used for verification of the validity of certificates in real time, thus ensuring secure electronic identification of persons.
The validity confirmation service is suitable for public e-services that can be used with an ID-card, Mobile-ID or digital stamp or where you can give digital signature. Validity confirmations of certificates issued are preserved in a secure database that allows for verifying them for certification purposes, where necessary.
Electronic identification by an ID-card or Mobile-ID is in several ways better and securer than a username and password. Upon authentication by ID-card or Mobile-ID you can be certain that the right data is obtained from the document and the document is in the hands of the right person – this way the service provider’s risk of receiving false information from the user is reduced. Furthermore, all service providers can provide their services directly and securely to all ID-card and Mobile-ID holders without prior registration. It is also convenient for users, because they do not have to remember different usernames or passwords – the same document and PIN apply to all services.
Using a digital signature is convenient and quick, because it allows for carrying out operations, for which one had to use a handwritten signature in the past, electronically and without paper. The digital signature is also very secure, because it cannot be forged and thus its correctness is ensured. Watch the video introducing digital signature.
According to the Digital Signature Act, only signatures that have a valid certificate at the time of signature are valid. With the help of the validity confirmation service the validity of a digital signature can quickly and conveniently be verified. Also, a query of the correctness of a digital signature can be made after the expiry of the term of validity or after cancellation of the certificate.
The service is based on OCSP (Online Certificate Status Protocol), which has been described in Internet standard RFC 2560. OCSP is a simple client-server system where an OCSP client sends to the OCSP responder (server) a query about a certificate and the responder gives a confirmation regarding the certificate, which contains the validity or non-validity of the certificate and the time of giving the confirmation. The reply given by the responder is digitally signed.
OCSP responder has three replies regarding a certificate:
OCSP's positive response means that the certificate has been issued and it was valid at the time of giving the confirmation.
The validity confirmation service functions as follows:
Access to the validity confirmation service is limited. Access is granted to the IP address specified in the client agreement. The service can be accessed also on the basis of an access certificate. Users of the validity confirmation service have free access to the DigiDocService web service.
Technical description of the service: PDF (in Estonian)
On concluding the contract, we offer the service free of charge:
After the free trial period, a monthly fee is applied on the basis of the packet chosen.
More detailed price information here.
General Terms of Subscriber Agreement are available here.
Set up ID-card and Mobile-ID support for your e-service.