Currently all services in the EACAT Procedures Catalog that have procedures, which use forms made with .net technology, commonly referred to in EACAT jargon as web forms , are electronically signed with the T-CAT certificate of the user and use the Signatory application.
This application is compatible with any browser, but it is essential to run and install the Native Signator application. This dependency on JAVA may cause the signing part to not work correctly for some users.
For this reason, the AOC Consortium has implemented an improvement that allows the web forms to be signed using the centralized signer and the electronic seal certificate of the body granted exclusivity for use of the AOC services (or that of the AOC Consortium if we have not transferred this certificate). In this way, possible installation problems of JAVA and the Native Signador application are avoided.
To be able to make these changes, the specific service providers in the EACAT Catalog of procedures, which have procedures designed as web forms , are categorized according to three types of identification and signature mechanisms. This process is complex and will take time; for this reason from now on you can find procedures, which are web forms , with the different types of signature and identification mechanisms.
These mechanisms affect entry access to EACAT and the signature of the procedure. Based on this, the following signature and identification mechanisms have been classified:
- Ordinary signature with low-level authentication
- Ordinary signature with middle level authentication
- Advanced or qualified signature based on qualified certificate (current mechanism)
a) Ordinary signature with low-level authentication
In this case the user is allowed to access the form to sign with low-level identification (non-cryptographic systems), such as EACAT and GICAR platform users and passwords.
To give this mechanism more robustness, when generating the signature, the identification evidence will be saved as one more node in the XML of the form to be signed and a signature will be made using the centralized signer with the electronic seal of the 'exclusively assigned to the AOC Consortium, if it does not have one, it will be signed with the AOC Consortium's electronic seal.
Once inside the completed procedure form, you must press the Sign button, and the signature process is carried out automatically.
Once the form is signed, you can find the document entry in My procedures .
If you enter the procedure you will check the electronic seal that was used for the signature. In the example, the seal used is that of the AOC Consortium, since the local body that processes has not given its electronic seal exclusive rights.
b) Ordinary signature with middle level authentication
To access the form to be signed, it is essential that the user has authenticated with a digital certificate when accessing the EACAT.
To give more robustness, when generating the signature, the evidence of identification will be saved as one more node in the XML of the form to be signed and a signature will be made using the centralized signer with the electronic seal of the entity transferred exclusive to the AOC Consortium and if it does not have one with the AOC Consortium's electronic seal. Additionally, the PSIS response is also saved when validating the certificate at the time of authentication.
If you did NOT identify yourself with your digital certificate when entering EACAT, this message will appear:
And as it tells you, you will not be able to sign the document. To do this, log out of the current session and log in again by identifying yourself with the Access with certificate option, using your T-CAT digital certificate or similar.
You will see the document pending signature in My procedures, in the To sign tray.
Click on the settlement and you will enter the document, where you can sign with the Sign button.
If you enter My procedures and click on the sent document entry, the signed and sent document will open:
Once inside you will see that the signature appears with the electronic seal of the entity or, failing that, with the electronic seal of the AOC Consortium.
c) Advanced or qualified signature based on qualified certificate
The current signature mechanism is maintained, which allows us to identify ourselves either with a user and password or with the user's digital certificate regardless.
Once the web form of the procedure has been completed, it is signed with the T-CAT or similar using the Signator .
A new browser tab is then opened and the web application to sign (the Signer) is loaded.
Enter the PIN of your T-CAT or similar certificate and the signature generation process begins.
From this moment, you can access My procedures where you will find your signed and submitted procedure.
Within your procedure you can see that it has been signed with your T-CAT public worker signature or similar.
The specific service providers in the EACAT Catalog of procedures, which have procedures designed as web forms , are categorized according to the three types of identification and signature mechanisms mentioned in point 2.
This process is complex and will take time. For this reason and so that you are always aware of which procedures have been changed and which level of identification and signature mechanism corresponds to them, we offer you an updated List of procedures with the level of identification and signature mechanism .
In this report you will find the following information for each procedure:
- We lender
- Service Name
- Name of the procedure
- Identification and signature mechanism that corresponds to it
- Implementation date of the identification and signature mechanism.
