Flexible validation policies
So you want to validate an electronic signature? But against which rules?
Serenity allows you to define very flexible validation rules depending on the context. You could for example, restrict validation to European legally qualified certificates, or mandate that a specific set of timestamping servers should be used.
Support for standard validation policies formats
Serenity supports the standard validation policies formats defined by the European Telecommunication Standard Institute (ETSI TR 102 038 and ETSI TR 102 272), allowing you to import with a single click all relevant information to validate an electronic signature.
And as an added bonus, Serenity comes with an embedded signature policy editor to produce your own standard signature policies with a rich graphical interface.
Have you already defined your own validation policies? Thanks to Serenity, you can easily validate electronic signatures compliant with them!
Support for EPES format signatures
"Explicit Policy based Electronic Signatures" (EPES) is a special format of signatures which encloses a secure reference to the signature policy at the time of signing.
The main added value of this format is to dismiss all doubts on the validation rules that should be used to validate a signature, and to avoid conflicts between implementations with different configurations or behaviors as regards validation.
Serenity has full support for this electronic signature format.
Even more control above the standard
While the standard formats allow a very fine-grained control of the validation parameters, there are cases where one may want to go even further.
For instance, to check that the signing certificate has some specific extended properties set. Or that a given algorithm will not be used anymore after a defined date and below a key-length threshold.
Serenity introduces the concept of extended signature policies built upon the standard one to allow you even finer grained control on your validation.