Page Comparison

Authentication token

or

Unique pseudonym

String

Authentication token can be used to query all user's certificates. In case unique pseudonym is used only a particular Certificate and CertificateID is returned.

Mandatory

Filter

String

filter to filter certificates by “All”|”OK”|”ACTIVE”, ”Expired”|”Suspended”|”Revoked”

Certificate

X.509

User’s certificate

Mandatory when Status is OK

CertificateID

String

ID that binds Certificate and SCD and is used to send the request to user.

Mandatory when status is OK

Status & description

• OKACTIVE

• ERROR - in case of error also error description should be added

• EXPIRED

• SUSPENDED - suspend cause should be added

• REVOKED - also REOVOKE cause should be added

Mandatory

CertificateID

String

Mandatory

Authentication Token

JWT

Authentication token is necessary and should belong to a user or an authority

Mandatory

Status & reason

• SUSPENDED - add reason text

• REVOKED - add reason text

• ACTIVE - activate

Mandatory

Allowed transitions

ACTIVE->SUSPENDED

ACTIVE->REVOKED

SUSPENDED->ACTIVE

SUSPENDED->REVOKED

CertificateID or

uniquePseudonym or

Authentication Token && Payment Token

String

Mandatory

In case CertificateId or uniquePseodonym is presented SCD Signature is created,

If Authentication Token and Payment Token are presented then One time signature is created

format

• XAdES

• CAdES

• ASIC

• JWS

Pre format the signature in a given format so that it can be more easily inserted by the formatting library. Mandatory

hash

byte array in base64

Has to be signed. Hashing of document is responsibility of Signer Application and is done by formatting library. Mandatory

hash type

• SHA2/3-256

• SHA2/3-384

• SHA2/3-512

• BLAKE2B

Mandatory

data to be displayed

String

Information to be displayed on users device, can involve free text like “Accept childcare request”, transactionId, etc. Mandatory