1. Introduction

Currently all services in the EACAT Procedures Catalog that have procedures, which use forms made with .net technology, commonly referred to in EACAT jargon as web forms , are electronically signed with the T-CAT certificate of the user and use the Signador application.

This application is compatible with any browser, but it is essential to run and install the Native application Signador . This dependency on JAVA may cause the signing part to not work correctly for some users.

For this reason, the AOC Consortium has implemented an improvement that allows web forms to be signed using the centralized signer and the electronic seal certificate of the organization granted exclusively for use of the AOC services (or that of the AOC Consortium if we have not transferred this certificate). In this way the possible installation problems of JAVA and the Native application Signador are avoided.

To be able to make these changes, the specific service providers of the EACAT Procedures Catalog, which have procedures designed as web forms , are categorized according to three types of identification and signature mechanisms. This process is complex and will take time; for this reason from now on you can find procedures, which are web forms , with the different types of signature and identification mechanisms.

2. The identification and signature mechanisms

These mechanisms affect entry access to EACAT and the signature of the procedure. Based on this, the following signature and identification mechanisms have been classified:

  • Ordinary signature with low-level authentication
  • Ordinary signature with middle level authentication
  • Advanced or qualified signature based on qualified certificate (current mechanism)

a) Ordinary signature with low-level authentication

In this case the user is allowed to access the form to sign with low-level identification (non-cryptographic systems), such as users and passwords of the EACAT and GICAR platforms.

To give this mechanism more robustness, when generating the signature, the evidence of identification will be saved as another node in the XML of the form to be signed and a signature will be made using the centralized signer with the electronic seal of the 'exclusively assigned to the AOC Consortium, if it does not have one, it will be signed with the AOC Consortium's electronic seal.

Once inside the completed procedure form, press the Sign button, and the signature process is carried out automatically.

Once the form is signed, you can find the document entry in My procedures .

If you enter the procedure you will check the electronic seal that was used for the signature. In the example, the stamp used is that of the AOC Consortium, since the local entity that processes has not given its electronic stamp exclusive rights.

b) Ordinary signature with middle level authentication

To access the form to be signed, it is essential that the user has authenticated with a digital certificate when accessing the EACAT.

To give more robustness, when generating the signature, the evidence of identification will be saved as one more node in the XML of the form to be signed and a signature will be made using the centralized signer with the electronic seal of the entity transferred exclusively for the AOC Consortium and if it does not have one with the AOC Consortium's electronic seal. Additionally, the PSIS response is also saved when validating the certificate at the time of authentication.

If you did NOT identify yourself with your digital certificate when entering EACAT, this message will appear:

And as it tells you, you will not be able to sign the document. To do this, log out of the current session and log in again by identifying yourself with the option Access with certificate , using your digital certificate T-CAT or similar.

You will see the document pending signature in My procedures, in the To sign tray.

Click on the settlement and you will enter the document, where you can sign with the Sign button.

If you enter My procedures and click on the sent document entry, the signed and sent document will open:

Once inside you will see that the signature appears with the electronic seal of the entity or, failing that, with the electronic seal of the Consortium AOC.

c) Advanced or qualified signature based on qualified certificate

The current signature mechanism is maintained, which allows us to identify ourselves either with a user and password or with the user's digital certificate regardless.

Once the web form of the procedure has been completed, it is signed with the T-CAT or similar using the Signador .

Then a new browser tab opens and the web application to sign (the Signador) is loaded.

Enter the PIN of your T-CAT or similar certificate and the signature generation process begins.

From this moment, you can access My procedures where you will find your signed and submitted procedure.

Within your paperwork you can see that it has been signed with your public worker signature T-CAT or similar.

3. List of procedures according to the signature level

The specific service providers in the Catalog of EACAT procedures, which have procedures designed as web forms , are categorized according to the three types of identification and signature mechanisms mentioned in point 2.

This process is complex and will take time. For this reason and so that you are always aware of which procedures have been changed and which level of identification and signature mechanism corresponds to them, we offer you an updated List of procedures with the level of identification and signature mechanism .

In this report you will find the following information for each procedure:

  • We lender
  • Service Name
  • Name of the procedure
  • Identification and signature mechanism that corresponds to it
  • Implementation date of the identification and signature mechanism.