GB/T 35285-2017 English PDFUS$279.00 · In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 35285-2017: Information security technology -- Public key infrastructure -- Technical requirements for digital certificate based reliable electronic signature creation and verification Status: Valid
Basic dataStandard ID: GB/T 35285-2017 (GB/T35285-2017)Description (Translated English): Information security technology -- Public key infrastructure -- Technical requirements for digital certificate based reliable electronic signature creation and verification Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 14,153 Date of Issue: 2017-12-29 Date of Implementation: 2018-07-01 Regulation (derived from): National Standards Bulletin 2017 No. 32 Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China GB/T 35285-2017: Information security technology -- Public key infrastructure -- Technical requirements for digital certificate based reliable electronic signature creation and verification---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security technology - Public key infrastructure - Technical requirements for digital certificate based reliable electronic signature creation and verification ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Public Key Infrastructure Reliable electronic signature based on digital certificates Generate and verify technical requirements 2017-12-29 Posted 2018-07-01 implementation General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China China National Standardization Administration released Directory Preface Ⅰ Introduction Ⅱ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Abbreviations 2 5 reliable electronic signature generation and verification system architecture 3 5.1 reliable electronic signature generation and verification logic framework 3 5.2 reliable electronic signature generation and verification of the object involved 3 6 requirements of electronic certification service providers 4 6.1 The basic conditions of electronic certification service providers 4 6.2 Services and Security Requirements Provided by Electronic Certification Service Providers 4 7 Requirements for the identity of electronic signatory 5 8 Electronic signature related data requirements 5 8.1 Data to be signed request 5 8.2 Electronic signature data format requirements 6 9 signature generation module requirements 6 9.1 Functional Requirements 6 9.2 Safety Requirements 6 10 Electronic Signature Generation Process and Application Requirements 7 10.1 Electronic Signature Generation Process Requirements 7 10.2 Signature Generation Application Requirements 8 11 Electronic Signature Verification Process and Application Requirements 9 11.1 Electronic Signature Verification Process Requirements 9 11.2 Signature Verification Application Requirements 9 Reference 10 ForewordThis standard was drafted in accordance with the rules given in GB/T 1.1-2009. This standard by the National Information Security Standardization Technical Committee (SAC/TC260) and focal point. This standard was drafted by China Electronics and Information Industry Development Research Institute, Beijing Digital Certification Co., Ltd., Shanghai Geer software shares Co., Ltd., the new technology (Beijing) Co., Ltd., the successful bidder Security Technology (Beijing) Co., Ltd., Beijing Zhenglian ICT Technology Development Co., Ltd., Chongqing University of Posts and Telecommunications. The main drafters of this standard.Liu Quan, Chen Yuehua, Xu Yaqian, Lin Xueyan, Fu Dapeng, Wang Chuang, Ye Feng, Liu Donghua, Duan Meng, Ma Shengdong, Huang Yonghong.IntroductionWith the rapid development of network applications such as e-government and e-commerce, the phenomena of information theft and internet fraud have become increasingly prominent. Electronic signatures To confirm the main network and behavior, identify legal responsibility and safeguard the legitimate rights and interests of the important means of application is increasingly widespread. "People's Republic of China Electronic Signature Law "does not require the use of a specific technology, but the current internationally recognized technology is mature, the main Is based on the digital certificate of electronic signature technology. Although the Law of the People's Republic of China on Electronic Signatures establishes the legal validity of reliable electronic signatures, how to technically implement reliable electronic signatures Sub-signatures and how to verify that electronic signatures are reliable are still not well addressed. In order to implement "the People's Republic of China Electronic Signature Law "to promote the popularity of reliable electronic signatures, it is necessary to study the reliable electronic signature generation and verification of technical specifications And make. This standard involves electronic signature related content, all refer to digital signature based electronic signature technology. Implemented in this standard Cheng, involving the specific application of cryptography, in accordance with the relevant provisions issued by the competent department of public security and technical specifications. Information Security Technology Public Key Infrastructure Reliable electronic signature based on digital certificates Generate and verify technical requirements1 ScopeThis standard specifies the technical requirements for a reliable digital signature generation and verification process based on digital certificates, including the provision of electronic certification services , Identity of electronic signatory, data related to electronic signature, signature generation module, electronic signature generation process and application, electronic signature verification Process and application requirements. This standard applies to digital certificates based on reliable electronic signature related systems, application development, and related products, service standards Make.2 Normative referencesThe following documents for the application of this document is essential. For dated references, only the dated version applies to this article Pieces. For undated references, the latest edition (including all amendments) applies to this document. Information security technology Public key infrastructure digital certificates format Information security technology Public key infrastructure time stamping specification Information security technology - Public key infrastructure - Electronic signature format specification Information technology - Security terminology3 Terms and definitionsGB/T 25069-2010 defined and the following terms and definitions apply to this document. 3.1 Electronic signer electronicsigner A person who holds electronic signatures and applies electronic signatures in his/her own capacity or on behalf of the person on whose behalf it is called, Name party. 3.2 Electronic signature electronicsignature The data message is enclosed in electronic form and is used to identify the identity of the electronic Signer and to indicate the content of the electronic Signer's approval data. 3.3 Electronic signature making data electronicsignaturecreationdata Characters, encodings and other data that are used in the process of electronic signatures to reliably associate electronic signatures with electronic signatories. in In the electronic signature based on the public key technology, the electronic signature making data is also called the private key. 3.4 Reliable electronic signature reliableelectronicsignature Electronic signature that meets the following criteria. Electronic signature When making data for electronic signature, it is proprietary to the electronic signature person; ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 35285-2017_English be delivered?Answer: Upon your order, we will start to translate GB/T 35285-2017_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 35285-2017_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 35285-2017_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
