Chief Archivist of Lithuania

CHIEF ARCHIVIST OF LITHUANIA

order
ON APPROVAL OF
THE ELECTRONIC DOCUMENT SPECIFICATION PDF-LT-V1.0
29 August 2014, No. VE(1.3 E)-42
Vilnius

In accordance with Article 5 Part 3 Item 6 of the Law on Documents and Archives of the Republic of Lithuania,

1. I approve the Electronic Document Specification PDF-LT-V1.0 (attached).

2. I order that:

2.1. Electronic documents produced by state and local government institutions, public institutions, enterprises, and persons authorised by the state (hereinafter referred to as Institutions) in accordance with the specification, approved in Item 1 of this order (hereinafter referred to as Specification), shall meet the requirements for Level A documents, as defined in the Specification.

2.2. Electronic documents produced by non-governmental organisations and private legal bodies or natural persons (hereinafter referred to as Persons) in accordance with the Specification and legal acts shall meet the requirements for Level A or Level B documents, as defined in the Specification.

2.3. If the Institution receives electronic documents, meeting the requirements for Level B documents as defined in the Specification, such electronic documents shall be supplemented with the lacking metadata using mechanism defined by the Specification, so that the electronic document would meet the requirements for Level A documents, as defined in the Specification.

2.4. Persons submitting electronic documents, which meet the requirements for Level B documents defined in the Specification, shall also deliver the lacking metadata in the mode indicated by the receiving institution.

Ramojus Kraujelis Chief Archivist of Lithuania

APPROVED by
Order No. VE(1.3 E)-42 of 29 August 2014
of Chief Archivist of Lithuania

SPECIFICATION OF THE ELECTRONIC DOCUMENT PDF-LT-V1.0

CHAPTER I

GENERAL PROVISIONS

1. The specification of the electronic document PDF-LT-V1.0 (hereinafter referred to as Specification) defines the technical characteristics of the format of electronic documents stored in PDF format file, the requirements for document creation using secure signature creation system, verification and life cycle.

2. The Specification is focused on the creation, verification and visualisation of written electronic documents having simple content structure (as described in Issue 14 of the Specification), which content, metadata and electronic signatures are stored in the PDF format file.

3. The Specification has been prepared in accordance with the Description of Requirements for Electronic Document Specifications, approved by the Chief Archivist of Lithuania in his Order No. VE (1.3 E)-41 of 29 August (hereinafter referred to as Description of Requirements for the Electronic Document Specifications). To form the requirements in the Specification, PDF/A-2, PAdES, PAdES Baseline Profile standards as well as other documents indicated in Appendix 11 of the Specification have been used.

The electronic document conforming to the Specification is stored in PDF/A-2 format file, which meets the requirements of the Specification. The Specification defines 2 levels of requirements for the creation and the verification of the conforming electronic document:

Level A. The electronic document created in conformity with this level shall meet all requirements for the file as defined in the Specification. An electronic document meeting this conformance level is further on referred to as a “Level A Document”.

Level B. The electronic document created in conformity with this level shall meet all requirements for the file as defined in the Specification, except those classified as non-applicable for Level B electronic documents. An electronic document meeting this conformance level is further on referred to as a “Level B Document”.

4. Definitions and abbreviations used in the Specification:

CAdES – the Cryptographic Message Syntax (CMS) format-based electronic signature formats defined in the LSTETSITS101733V2.2.1:2013 standard “Electronic Signatures and Infrastructures (EPI). CMS Advanced electronic signatures (CAdES)” (Appendix 11Item 2 of the Specification; hereinafter referred to as CAdES standard).

CAdESA – an archival form of the electronic signature created in conformity with the CAdES standard.

CAdESBES – a basic electronic signature format created in conformity with the CAdES standad.

CAdESC – an electronic signature with complete validation data references created in conformity with the CAdES standard.

CAdESEPES – an explicit policy based electronic signature created in conformity with the CAdES standard.

CAdES-LT – an extended long-term electronic signature created in conformity with the CAdES standard.

CAdEST – an electronic signature with a time stamp token created in conformity with the CAdES standard.

CAdESX – an extended electronic signature with complete validation data references and a time stamp token created in conformity with the CAdES standard.

CAdESX Long – an extended electronic signature with validation data created in conformity with the CAdES standard.

CMS electronic signature format – electronic signature created in conformity with the RFC 5652 Recommendations (Appendix 11Item 22 of the Specification).

CRL – list of certificates, the validity of which has been terminated or suspended, created in conformity with the RFC 5280 Recommendations (Appendix 11Item 21 of the Specification).

Incremental update – a PDF file change and update mechanism, when new PDF objects are appended at the end of the file leaving its original content intact (PDF-1.7 Standard Section 7.5.6). The incremental file update does not invalidate the existing PDF electronic signatures.

OCSP service – a service for certificate validity check, operating in conformity with the RFC 6960 recommendations (Appendix 11Item 15 of the Specification).

PAdES – a set of standards (hereinafter referred to as PAdES standard) that define Advanced Electronic Signature format within PDF framework. The overview of these standards is given in the LSTETSITS102778-1V1.1.1:2011 standard “Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signatures (PAdES); Usage and implementation guidelines” (Appendix 11Item 6 of the Specification).

PAdESBasic – an electronic signature format based on the CMS electronic signature format, defined in PAdES Standard Part 2 (Appendix 11Item 7 of the Specification).

PAdES Baseline profile – a PDF electronic signatures profile, defined in LST ETSI TS 103 172 V2.2.2:2013 standard “Electronic Signatures and Infrastructures (ESI), PAdES Baseline Profile” (Appendix 11Item 12 of the Specification).

PAdESBES – an electronic signature format based on the CAdES-BES or CAdES-T electronic signature format, defined in PAdES Standard Part 3(Appendix 11Item 8 of the Specification).

PAdESEPES – an explicit policy based electronic signature format, based on the CAdES-EPES or CAdES-T format electronic signature, defined in PAdES Standard Part 3 (Appendix 11Item 8 of the Specification).

PAdESLTV – a long-term electronic signature format, defined in PAdES Standard Part 4 (Appendix 11Item 9 of the Specification).

PAdES for XML – a XAdES format based electronic signature format for dealing with XML content within PDF framework, defined in PAdES Standard Part 5 (Appendix 11Item 10 of the Specification).

Signature validation data – electronic data collected in accordance with the existing legislation (certificates, responses to the OCSP service requests, CRL lists), used for the verification of the certificate authenticating the electronic signature. The data characterised in this definition do not include time-stamps.

Trusted Certification Authority – a certification authority issuing qualified certificates, or a certification service provider whom PDF electronic signature verifier trusts.

PDF – a portable document file format, defined in LST ISO 32000-1:2009 Standard “Document management - Portable document format - Part 1: PDF 1.7 (ISO 32000-1:2008, identical)” (Appendix 11 Item 14 of the Specification; hereinafter referred to as the PDF-1.7 standard).

PDF/A-2 format – a format for long-term file preservation based on the PDF-1.7 standard, defined in the LST ISO 19005-2:2011 Standard “Document management - Electronic document file format for long-term preservation - Part 2: Use of ISO 32000-1 (PDF/A-2) (ISO 19005-2:2011, identical)” (Appendix 11Item 13 of the Specification; hereinafter referred to as the PDF/A-2 Standard).

PDF document catalog – the root of a PDF document’s object hierarchy containing references to other PDF objects (PDF-1.7 Standard 7.7.2 Section).

PDF document time-stamp – a time-stamp token included in PDF file and stored in PDF document time-stamp dictionary, created by computing a digest over data objects (excluding the time-stamp itself) in a document. PDF document time-stamp provide the evidence of existence of covered data before the time indicated by the time-stamp.

PDF document time-stamp dictionary – a PDF signature dictionary containing PDF document time-stamp as defined in PAdES Standard Part 4 Appendix A.2.

PDF electronic signature – an electronic signature or data, which secure the integrity and authenticity of associated electronic data, stored in PDF signature dictionary.

PDF metadata stream – a PDF stream object, where metadata are stored in the data format defined in XMP specification. PDF metadata stream shall conform to the requirements defined in PDF/A-2 Standard Section 6.6.2 and the PDF-1.7 Standard Section 14.3.2. A PDF metadata stream may be attached to any PDF dictionary through the “Metadata” entry.

PDF signature form field – a PDF form field dictionary, containing entries for visual appearance information of PDF signature (PDF-1.7 Standard Section 12.7.4.5), and PDF signature dictionary.

PDF signature dictionary – a PDF dictionary containing electronic signature or data, which secure the integrity and authenticity of associated electronic data (PDF-1.7 Standard Section 12.8).

PDF page tree – hierarchical tree structure, which defines the ordering of pages in the document using page tree nodes and page objects containing vector graphics and text data resources that make up the visual information of the document (PDF-1.7 Standard 7.7.3 Section).

PDF dictionary object – a PDF object, represented as an associative table containing pairs of objects, known as the dictionary’s entries. Dictionary objects are the main building blocks of a PDF document. Through their entries they are used to collect and tie together the attributes of a complex object (PDF-1.7 Standard 7.3.7 Section).

PDF dictionary entry – an integral part of the PDF dictionary, defining one complex PDF object attribute and represented by a pair of PDF objects. The first element of each entry is the key and the second element is the value (PDF-1.7 Standard 7.3.7 Section).

Prefix – a part of the name of PDF dictionary entry keys, XML or XMP elements, attributes and value types, used to identify and unambiguously qualify its usage domain. The prefix is also used as a namespace URI qualifier for the associated XML or XMP elements.

Secure signature creation system – the overall system of software and hardware, comprised of the electronic signature creation device meeting the Requirements for the Electronic Signature Devices, approved by the Resolution of the Government of the Republic of Lithuania No. 2108 of 31 December 2002 (Chapter III), and electronic signature creation application conforming with the requirements of the LSTCWA14170:2005 Standard (Appendix 11 Item 1 of the Specification) or equivalent requirements for the secure signature creation applications.

URI – a uniform resource identifier, the structure of which is in conformity with the RFC 3986 Recommendations (Appendix 11Item 19 of the Specification); in this Specification, it is used to denote XML or XMP schemas that defined the associated XML or XMP elements, attributes and their value types.

XAdES – a XML format-based electronic signature standard LST ETSI TS 101 903 V1.4.2:2011 “Advanced XML Electronic Signatures (XAdES)” (Appendix 11Item 5 of the Specification; hereinafter referred to as the XAdES Standard).

XML – a descriptive eXtensible Markup Language for generic data structures and their content encoding and processing, recommended by the World Wide Web Consortium, W3C (Appendix 11Item 25 of the Specification).

XMP – an Extensible Metadata Platform specification (Appendix 11Item 24 of the Specification; hereinafter referred to as the XMP specification), integral part of the PDF-1.7 and PDF/A-2 standards, proposed by Adobe Systems to provide a standard format for the creation, processing, and interchange of metadata.

Other definitions used in the Specification are in conformity with the Law on Documents and Archives of the Republic of Lithuania, the Law on the Electronic Signature of the Republic of Lithuania, the Specification Procedure for the Time-stamping Service Provision, approved in the Order No. 1V-407 of 19 April 2011 by Director of the Communications Regulatory Authority “On the Approval of the Specification Procedure for the Provision of Time-stamping Services”, Description of Requirements for the Electronic Document Specifications, approved by the Chief Archivist of Lithuania in his Order No. VE (1.3 E)-41 of 29 August 2014 “On the Approval of the Description of Requirements for the Electronic Document Specifications”, and other legal acts, issued by the Chief Archivist of Lithuania, which define the creation, management, accounting, preservation of electronic documents and contain the definitions used in them.

CHAPTER II

STRUCTURE OF THE ELECTRONIC DOCUMENT

5. The logical structure of electronic document contains the following parts:

5.1. content, comprised of a single mandatory main document and optional (logical) appendices;

5.2. metadata (unmodifiable only);

5.3. one or more PAdES format electronic signatures, based on the CAdES electronic signature format.

6. The package of the electronic document is a PDF format file, combining all parts of the electronic document into a whole.

7. The parts of the logical structure of the electronic document are represented through PDF objects within the package. The physical structure of the document is represented by PDF format file where:

7.1. the entire content (main document and its appendices) are represented through the PDF page tree structure. The visual part of the content includes bookmarks, annotation widgets, headings and other page related objects;

7.2. the electronic document metadata are represented by PDF metadata stream objects, referenced from PDF document catalog and PDF signature dictionaries, and PDF signature dictionary entries, as defined in Specification;

7.3. electronic signatures or data, which secure the integrity and authenticity of other electronic data, are represented by PDF signature dictionary (excluding entries containing metadata or metadata streams).

8. The electronic document file, its content and metadata shall meet the requirements of the Specification, including the requirements defined in PDF/A-2 Standard. The PDF electronic signatures shall meet the requirements of the Specification, including the requirements defined in the PAdES and PAdES Baseline Profile standards.

9. The electronic document, meeting the requirements of the Specification shall not contain:

9.1. embedded files – in the PDF file specification dictionary, the entry “EF” (PDF-1.7 Standard Section 7.11.3) and PDF document name dictionary entry “EmbeddedFiles“ (PDF-1.7 Standard Section 7.7.4) are prohibited;