Signing Service Solution Design

The website starts the process by obtaining the details of the AS, such as location of the pushed authorization endpoint. It utilizes the OAuth configuration of the AS, which is obtained by appending /.well-known/oauth-authorization-server to the issuer URL provided in the element identity/iss of the Service Configuration (messages #11 & #12).

In the next step (messages #13 & #14), the RP uses a pushed authorization request OAuth 2.0 Pushed Authorization Requests to send the authorization request data to the AS. The RP authenticates itself with its client certificate using OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens.

The pushed authorization endpoint location is obtained from pushed_authorization_request_endpoint parameter of the AS’s OAuth Configuration.

The signing transaction is specified in a JSON object as shown in the following example.

The RP initiates the OAuth authorization flow and passes the request_uri in the request_uri parameter to the AS (message #16) along with its client_id.

The AS authenticates the user (messages #17 & #18) using her Online Banking Credentials. If there already exists a user session with the AS, the user must be required to authenticate again, unless the session lifetime is sufficiently short to ensure that the same user as before is using the device (a few minutes).

In this case, the knowledge of the user (login credentials) is replaced by the cookie in her browser. The session lifetime MUST be short in order to prevent attacks where an attacker gains access to a user’s device and second factor device and is able to create signatures under the identity of the user.

The AS requests the user to consent to the RP’s signing request (message #19).

The user is presented with information about the QTSP used in this transaction and the data made accessible to the QTSP in order to allow the creation of the signing certificate. The data required by the QTSP is defined in its respective SP configuration (see Setup and Operations).

The AS determines the QTSP by matching the sole locations element value in the authorization_details with the client_id elements in the SP directory.

The claims a QTSP may acquire are defined in Identity Service.

A typical data set will include

The QTSP’s SP configuration may also define restriction on the values provided for verification data, namely the acceptable identity documents and identity verification methods, as described in Identity Service.

If the AS is unable to provide any of the non-essential claims defined in the SP configuration, either because the claim is unknown to the AS or because data is not available, the AS MUST omit the respective claim from the response.

If the AS is unable to provide any of the claims defined in the SP configuration as essential or if the AS cannot fulfill the requirements imposed on identity documents and the identity verification process, it SHOULD attempt to obtain and verify this data using suitable measures. If it cannot obtain the requested data, it MUST refuse to process the authorization request and return an error unable_to_meet_service_requirements.

The error description should indicate that the AS was unable to provide all data (with the requested properties) to the service provider needed to fulfill the requested service. The IDP SHOULD indicate the problem to the user before it redirects the user agent back to the RP and clearly state that the transaction will be aborted and no data will be shared with RP or QTSP.

The AS MUST log the error event along with suitable metadata that enable subsequent attempts to improve the data quality.

The user is asked to consent to

The user consents (messages #20) and authorizes the transaction using her preferred TAN method/second authentication factor (e.g., chipTAN) (messages #21 & #22).

The AS stores the consent for signature generation along with the intended purpose and the designation of the contract document(s) in the customer’s timeline.

The AS generates an OAuth authorization code, which is bound to the following parameters:

The AS sends the authorization response (message #23) including the code, the state value sent with the authorization request, and its own issuer URL in the iss parameter (see IDP Core Specification, section 2.1.1) to the RP as shown in this example:

The RP receives the request (message #24) and first verifies whether the state belongs to the session token (CSRF prevention) stored in the user agent and the issuer URL corresponds to the issuer URL discovered in the Bank Selection Phase.

The RP then (message #25) sends a request to the AS’s token endpoint to exchange the authorization code for an access token. This request is end-to-end TLS protected and the RP authenticates using OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens towards the AS.

The AS authenticates the RP and checks whether the code was issued to this particular client (client_id). The AS furthermore validates whether the PKCE code_verifier value matches the corresponding code_challenge value of the authorization request in accordance with RFC 7636. In case the RP used nonce instead of PKCE, the RP is required to check the nonce from its session with the nonce value from the respective ID Token. The request is refused if any of the checks fails.

The AS issues an access token which is digitally signed and bound to

The access token is a JWT (see RFC 7519) that contains (at least) the following JWT claims:

This data is the bare minimum required for an early detection and prevention of attacks, as described below. The JWT must further contain unique data binding it to the data to which the respective authorization code was bound (see above) and allow the AS to identify the authorization transaction when processing the subsequent Token Introspection Request. One option is to use the jti claim as defined in RFC7519 for that purpose.

The signature request follows the definition given in ETSI TS 119 432 for the signDoc request.

In case of this specification, the signature request is always mutually authenticated using TLS. The QTSP MUST support TLS Client Authentication for self-signed certificates as defined in OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens, i.e., the TLS authentication must be performed without CA/Trust Chain validation. The security of the transaction is ensured by matching the client certificate from the TLS handshake with the fingerprint associated with the access token.

The QTSP MUST support the synchronous operation mode as defined in ETSI TS 119 432, which is also the default operation mode if not requested otherwise by the RP.

The QTSP MUST accept all request parameters listed in Table 36 of ETSI TS 119 432. Requests containing unknown parameters must be refused by returning an HTTP status code 400 to the RP.

The QTSP must support the following parameters:

The signature formats and corresponding conformance levels relate to ETSI EN 319 122 and ETSI EN 319 142.

The parameter conformance_level is optional. The default baseline level according to ETSI EN 319 142 is AdES-B-B in case it is omitted. If a timestamp is needed, its request and inclusion is managed by the signature creation service according to signature creation service’s configuration and policies.

Since this solution design utilizes on-demand, short-lived certificates for signature creation, RPs SHOULD request signature creation using a conformance level that includes a timestamp into the signature, e.g., AdES-B-T. This ensures successful signature validation even after certificate expiration.

QTSPs MUST support signature_format values C and P and conformance_level values AdES-B-B and AdES-B-T and SHOULD support conformance_level AdES-B-LT.

Support for more signature formats and conformance levels may become a mandatory requirement for QTSPs in the scheme in the near future in order to fulfill market requirements.

The QTSP first validates the access token passed in the SAD parameter (#32). The access token is a JSON Web Token that is signed using JWS and the JWA algorithm RS256.

The access token check involves the following steps:

The QTSP then needs to obtain the user and token data from the AS’s Introspection Endpoint. The QTSP utilizes the OAuth configuration obtained in messages #31 and #32 to determine the Token Introspection Endpoint URL (see RFC 8414 - element introspection_endpoint).

The QTSP then sends an introspection request to this endpoint (#35).

The QTSP authenticates towards the AS using its client_id and certificate with this AS (see Setup and Operations) by utilizing OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens. Since the QTSP wants the AS to digitally sign the introspection response, it includes an HTTP Accept header with content type application/jwt (as specified in JWT Response for OAuth Token Introspection).

This is an example request

The AS first authenticates the QTSP. It checks whether the certificate used for TLS client authentication matches one of the certificates valid for this client_id. If this check fails, the AS responds with an error response and HTTP status code 401.

In the next step, the AS checks whether the access token has expired.

The AS then validates whether the QTSP is permitted to obtain data about the access token. This is the list of checks:

If any of these checks fails, the AS responds with an JWT containing the active claim with a status value false. The following example shows the respective JSON payload

Otherwise, the AS responds with a signed JWT containing all relevant data associated with the access token and all user and RP data the service is authorized to learn (#37).

The data is determined from the QTSPs service provider configuration (see Setup and Operations). The AS MUST always include the following standard JWT claims: active, iss, aud, authorization_details, client_id, cnf.

In the case of a qualified electronic signature, the typical data set is

This is an example of a signed introspection response:

The JSON payload of the example response is:

The QTSP validates (#38) that

The service provider creates a short-lived certificate (#39) based on the certificate profile identified by the credentialID using the data provided by the AS.

Using the new certificate, the QTSP creates a signature (#40). The private key corresponding to this certificate is invalidated afterwards.

The service provider returns certificate and signature data to the RP (#42).

The signing response MUST conform to the definition given ETSI TS 119 432, table 37.

In addition to ETSI TS 119 432 this specification also requires the QTSP to conditionally return revocation data in the additional revocationInfo response parameter (see below).

If an error occurs while processing the request, the QTSP shall return an HTTP status code 400 along with error information as specified in ETSI TS 119 432, Section 7.24.2.

In success case, the QTSP returns (at least) the following parameters:

The structure of every signature element is built in accordance with RFC 5652.

In case the request parameter signature_format was set to C (CAdES), every object conforms to ETSI EN 319 122.

In case signature_format was P (PAdES), every object conforms to ETSI EN 319 142. The result can be embedded in a PDF signature object according to ETSI EN 319 142.

This is an example response matching the example request given above:

The elements identity_assurance_claims_supported and default_signing_documents are determined by the respective elements in the QTSP’s SP configuration, as shown in the following example.

The RP MUST NOT request claims for inclusion in the signer certificate that are not listed in the QTSP’s identity_assurance_claims_supported field. The IDP MUST reject such requests using the error code unable_to_meet_service_requirements. The IDP SHOULD send this error response already in response to the PAR request.

The IDP checks what claims the RP is allowed to request to be included in the signer certificate. The claims an RP is allowed to request are determined by the element allowed_claims_qes of the RP’s platform configuration.

The RP configuration element is defined as follows:

Here is an example configuration snippet:

The OP MUST act according to the following tables, with exceptions marked as (*) and described below:

When the claim is not marked as essential:

(*) This case should never occur and the IDP MAY send an error response unable_to_meet_service_requirements instead.

When the claim is marked as essential:

(*) This case should never occur and the IDP MAY omit the claim instead.

If the IDP issues an error response to the RP, the error description SHOULD indicate that the IDP was unable to provide all data (with the requested properties) to the RP. If the problem cannot be detected already in the PAR request processing, the IDP SHOULD indicate the problem to the user before it redirects the user agent back to the RP and clearly state that the transaction will be aborted and no data will be shared with the RP or QTSP.

In addition to the consent the IDP already gathers for the standard QES flow, the IDP also (on behalf of the QTSP) asks the user for the consent to provide the user claims to the RP in the signer certificate (including the purpose of this data transfer).

In the QID use case (signature over the default document), the IDP MUST show the full text of the default document in the user consent and ask the user for approval to sign this document.

The IDP will add the names of all claims provided to the QTSP to the mediation record (type=identity_for_service_provider) before returning the Introspection Response to the QTSP.

The QTSP determines whether id data shall be added to the signer certificate based on the data provided in the pushed authorization request.

The QTSP will add the following data to the standard QES mediation record (type is remote_signature_creation):

The QTSP needs to compare every hash to the hashes of its default documents. In case the RP requested only the signing of a default document, this hash is not counted in the count element of the mediation record, i.e. count MUST be 0.

The QTSP signs the hashes of the documents, provided by the RP, using the user’s private key and creates corresponding signature objects as defined in ETSI EN 319 122 (CAdES) or ETSI EN 319 142 (PAdES), respectively.

These signature objects (also containing the signer certificate and respective CA’s certificate) are provided to the RP.

It is very important to ensure that RPs only receive legitimate service configurations. Otherwise, an attacker would be able to mount a number of attacks by manipulating the URLs of the OpenID Configuration, Authorization, Token, or Introspection Endpoints.

The attacks include stealing codes (e.g., via a mix-up attack), injection of stolen codes or tokens into otherwise normal flows (e.g., “Cuckoo’s Token Attack”), and other attacks; these attacks violate G1, G3, and G5.

To mitigate such attacks,

Defense-in-depth against these attacks is provided in particular by M1, M3, M5, M9, M10, and M11 above.

A malicious RP can let the user sign any document, since the document is only identified by its hash value when the user consents to the signature at the AS. This violates G4 and can only be mitigated by enforcing legal requirements for the RP.

The attacks from above apply.

The RP, AC, and AS must protect themselves against CSRF using the usual techniques.

The integrity and authenticity of the service configuration, discussed above, ensures that an attacker cannot use his own QTSP in a flow of the protocol with otherwise honest parties. Nonetheless, an attacker could compromise an existing QTSP.

The integrity of the QTSP must therefore be ensured at all times.

The QTSP cannot obtain information about the user’s documents, since it only sees the hashes of the documents.

A malicious/compromised mediation service could make an RP pay for transactions that did not happen, or suppress transactions.

A validator cannot determine whether a signature was created using a local signing device under the signer’s control or a remote signing device under the control of a QTSP. Therefore, the solution must work securely even if the signer created the signature locally using a signing device under her control. This is given, as can be seen in the Formal Description.

The identity data is signed by the QTSP which attests the data. In particular, the identity data is NOT signed by the signer instead.

There needs to be a strong link between signer certificate and identity assertion in order to prevent assertion swap. This is given, as can be seen in the Formal Description, Step (1).

The signer creates a fresh, short-lived certificate for each signing process. One or more documents may be signed in the same step.