Serenity 2.6 welcomes TSL

Paris, March 8th, 2011 - Cryptolog is delighted to announce the release of version 2.6 of Serenity, its advanced electronic signature validation server. The main innovation in this release is the integration of Trust-service Status Lists (TSL) in the validation engine and in the Serenity administration interface.

A standard European format 

Imposed by the European Commission on its member states, TSL are designed to consolidate lists of suppliers of certification services that are considered trustworthy by the different EU states within public, standardized XML files that can be accessed online. The format of these lists has been standardized in Europe (ETSI TS 102 231). The lists are used to reference all trusted authorities in a given country and include a certain amount of technical and organizational information. In particular, these lists must indicate which certification authorities issue qualified certificates under the Electronic Signature Directive (e-signature 1999/93/EC).
 
For example, the Belgian TSL is available here as an XML file and here as a PDF file.. This Belgian TSL is in turn referenced in a European TSL which also contains the TSL from most other countries in the EU (Luxembourg, Italy, etc).

Validating signatures using TSL
 
Serenity 2.6 enables signature validation using TSL by checking that the certificate associated with the signature was issued by a certification authority which is either present in the TSL set by the user or which was itself certified by a trusted root present in the TSL set by the user.
In the tab for defining validation policy, users can list the TSL to be used when validating a signature and also define a number of filters on the information to be verified within these TSL (authority status, type, etc).
 
Serenity validation policies TSL
Defining a validation policy using the European TSL and the Belgian TSL
 
A new tab in the administration interface
 
In order to enable users to define the TSL they want to use as part of their validation policy, the administration interface in Serenity 2.6 now includes a new configuration tab, as shown in the example below in which the European TSL has been set.
 
Serenity TSL Europa
TSL configuration tab
About Serenity 
 
Serenity is a server designed for validating electronic signatures and extending their validity in time. Extremely versatile, it handles all major signature formats, and can adapt to even the most detailed validation policies. It can be installed on any system, including a Java Virtual Machine, and can enable the integration of signature validation into any simple or complex workflow.
 
To find out more, visit Electronic signature validation.