Words and concepts
e-ID= To perform services from state and municipal online you need an electronic ID, e-ID, to log in. An electronic ID is important to verify that you are the impersonation of being.
Electronic signature= Data in electronic form that is related to other electronic data and used as authentication method. The electronic signature used in the signing service, is produced by identification in ID-porten. The signature is attested and sealed by a trusted third party; Posten.
Signing Deadline= the time available to sign the document.
Expire= If you do not sign within the scheduled deadline, the document will be removed from the signing service. You must then contact the service provider to receive a new document.
Rejecting document= Announcing to the service provider that you do not want to sign the document. This may be because you have received the wrong document, or where for other reasons you do not wish to sign the document.
Signing Portal = To find the signing document, you must go to the Signing Portal (https://signering.posten.no). You can log in with ID-Porten (level 4) to see a list of documents for signing, and a list of any documents that you have signed in the past 24 hours.
Advanced electronic sigantures is an electronic signature that:
a) is uniquely linked to the signer
b) is able to identify the signer
c) is made by using means that the signer has sole control over
d) is related to other electronic data in such a way that it can be detected if they have been modified after signing
Signer=The person signing
Multi Signatories = The people who signs the multi-party signing.
Integrity = When a document is signed in such a way that the document can not be altered without being revealed by validation.
Validation = (here :) To examine the validity of a signed document. Validation of PAdES can be done by using an advanced pdf reader.
Non-repudiation = When a signature is made in such a way that the person signing (signer) can not deny that it is he / she who has signed. The non-repudiation is assured by the signature produced by qualified person certificate.
Authentication = to verify that you are the impersination of being. Authentication confirms the identity of the ones who in this case is logging in to the signing service, confirming the identity to whoever signs the document electronically.
Qualified certificate = A qualified certificate shall according to the e-Signature Act (§ 4) contain the following information:
a) an indication that the certificate is issued as a qualified certificate,
b) certificate issuer's identity and the state it is established;
c) signer's name or pseudonym with an indication that it is a pseudonym,
d) any further information about the signer, if it is relevant to the use of the certificate,
e) the signature verification data corresponding to the signature creation data under the control of,
f) certificate Commencement and expiry date,
g) certificate identification code,
h) certificate issuer's advanced electronic signature,
i) any limitations on the certificate application, and
j) any limits on the certificate with transactions for which the certificate can be used.
PAdES = (PDF Advanced Electronic Signature); Is a set of extensions to PDF and ISO 32000-1 that adapts PDF advanced electronic signature. PAdES is a presentation of the signed document and the electronic signature with front and "watermark" that makes it clear to the user that the document is signed. PAdES also contains XAdES (see separate definition). PAdES package is signed with a certificate that allows validation of the signature and document in an advanced PDF reader.
XAdES = ( "XML Advanced Electronic Signature): A set of extensions to XML that adapts XML advanced electronic signatures. XAdES is in practice a signed XML that contains a hash calculated over the signed document. In the signing service is it therefore the XAdES that carries the advanced signature of the signer. XAdES is in the signing service a LTV SDO (see separate definition)
LTV SDO = Long Term Validation SDO. This is a signed data object (SDO) enhanced to support long term validation, for example by adding the validation data such as TTP-log (see separate definition). LTV SDO is a XAdES (see separate definition), and used to extract the SDO's from e-ID providers that manufactures the signature (BankID and Buypass). LTV SDO is described in more detail at https://support.signicat.com/display/S2/LTV-SDO+specification+1.1.
Person certifikate= Electronic certificate that contains a person's private keys used for signing and authentication (see separate definition).
Trusted third parties (or Trusted third party TTP) = An actor (third party) that allows two parties to interact when they trust the third party. In the signing service, Posten guarantees the validity of the signature process and the signed document.
Hash Function = A cryptographic size which is calculated over a static amount of data. A hash function is a checksum which can be used to verify that the original amount of data, in this case a document, is unchanged.