Abstract This paper proposes a set of JSON signed and unsigned attributes which, if incorporated into a JSON signature, will convert it in a digital signature (JAdES) with identical capabilities (for instance, feasibility of validating them long after their generation, even after the signing certificate has expired, or has been revoked) as the digital signatures in ETSI AdES family, namely CAdES, PAdES, and XAdES. The paper also proposes two different mechanisms for incorporating the aforementioned attributes into a JWS signature (i.e. building a JAdES signature on JWS), with special emphasis in the computation and checking of archive time-stamps (i.e. time-stamp tokens that assure integrity and time of existence of all the contents of the digital signature). Finally, the paper summarizes the results obtained by a program developed to ascertain the correctness of the technical approaches taken, and that served as proof of concept. This paper has served as the starting point for building a formal proposal for producing an ETSI (European Telecommunications Standards Institute) Technical Specification (ETSI TS) to ETSI Electronic Signatures and Infrastructure (ESI) Technical Committee, responsible, within ETSI, of developing European Standards for digital signatures and public key infrastructure in general, and of the standardization of AdES digital signatures family in particular.

中文翻译：

---

将 JSON 签名引入 ETSI AdES 框架：满足 JAdES 签名

摘要 本文提出了一组 JSON 签名和未签名属性，如果将这些属性合并到 JSON 签名中，将把它转换为具有相同功能的数字签名 (JAdES)（例如，即使在生成后很长时间验证它们的可行性，甚至在签名证书已过期或已被撤销）作为 ETSI AdES 系列中的数字签名，即 CAdES、PAdES 和 XAdES。该论文还提出了两种不同的机制将上述属性合并到 JWS 签名中（即在 JWS 上构建 JAdES 签名），特别强调存档时间戳的计算和检查（即确保完整性和时间的时间戳令牌）数字签名的所有内容的存在）。最后，该文件总结了为确定所采取的技术方法的正确性而开发的程序所获得的结果，该程序用作概念证明。本文是为 ETSI（欧洲电信标准协会）技术规范 (ETSI TS) 制定正式提案的起点，ETSI 电子签名和基础设施 (ESI) 技术委员会负责在 ETSI 内制定欧洲标准一般用于数字签名和公钥基础设施，特别是 AdES 数字签名系列的标准化。