Foreword
Introduction
1. Scope
2. References
3. Definitions
4. Abbreviations
5. Signature Creation Functional Model
    5.1 Signature Creation Objectives
    5.2 Model
    5.3 Signature Creation Applications
    5.4 Secure Signature Creation Devices
    5.5 Signature Creation Application Instantiation
    5.6 Control and possession of Signature Creation
         Systems
6. Signed Data Object Information Model
    6.1 Signer's Document (SD)
    6.2 Signature Attributes
    6.3 Data To Be Signed (DTBS)
    6.4 Data To Be Signed (Formatted) (DTBSF)
    6.5 Data To Be Signed Representation (DTBSR)
    6.6 Advanced Electronic Signature
    6.7 Qualified Electronic Signature
    6.8 Signed Data Object
    6.9 Signer's Authentication Data (not shown)
7. Overall Security Requirements of the SCA
    7.1 Introduction
    7.2 Trusted Path
         7.2.1 Basic Trusted Path Requirement
         7.2.2 Requirements for Public SCA
         7.2.3 Referencing the correct SD and Signature
                Attributes
    7.3 Requirements for Distributed Signature Creation
         Applications
    7.4 Requirements resulting from un-trusted processes
         and communications ports
    7.5 Post signature verification of the Signed Data
         Object
    7.6 Requirements of the DTBS
8. SD Presentation Component (SDP)
    8.1 Purpose
    8.2 Background
    8.3 Data Content Type Requirements
    8.4 SD Non-ambiguity Requirements
    8.5 Requirements for Presentation Insensitive SDs
    8.6 Hidden Text and Active Code Requirements
9. Signature Attribute Viewer (SAV)
10. Signer Interaction Component (SIC)
    10.1 High level user interface principles
    10.2 Signature Invocation
    10.3 Signature process inactivity timeout
    10.4 Signer Control Functions
    10.5 Retrieval of Signer's Characteristics
    10.6 User Interface Aspects
11. Signer's Authentication Component (SAC)
    11.1 General Aspects
    11.2 Obtaining the Signer's Authentication Data
    11.3 Knowledge based Signer Authentication
    11.4 Biometric Signer Authentication
    11.5 Provision of the wrong Signer's Authentication
         Data
    11.6 Change of Signer's Authentication Data and Reset
         of the Retry Counter
    11.7 Signer's Authentication Data User Interface Aspects
    11.8 Security Requirements for the SAC Component
12. Data To Be Signed Formatter (DTBSF)
    12.1 Functions of the DTBSF component
    12.2 Security Requirements for the DTBSF component
13. Data Hashing Component (DHC)
    13.1 Functions of the DHC Component
    13.2 Production of the DTBS Representation
    13.3 Formatting of the electronic signature input
    13.4 Security Requirements for the DHC Component
14. SCDev/SCA Communicator (SSC)
    14.1 Interaction Sequences
    14.2 Establishing the Physical Communication
    14.3 Retrieval of SCDev Token Information
    14.4 Selection of the SCDev functionality on a
          multi-application platform
    14.5 Retrieval of Certificates
    14.6 Selection of Signature Creation Data
    14.7 Performing Signer Authentication
    14.8 Digital Signature Computation
    14.9 Signature Logging
    14.10 Security requirements for the SSC Component
15. SCD/SCA Authenticator (SSA)
    15.1 SCA - SCDev Authentication for SCA under service
         provider's control
    15.2 Security Requirements for the SSA Component
16. SD Composer (SDC)
    16.1 Security Requirements for the SDC Component
17. Signed Data Object Composer (SDOC)
18. External Interface for Input/Output
    18.1 Risks to the SCA
    18.2 Import of Certificates
    18.3 Import of an SD and Signature Attributes
    18.4 Download of SCA Components
    18.5 Security Requirements for Input Control
Annex A (Informative) - General Recommendations
    A.1 Operation of the Signature Creation Application
    A.2 Requirement on the environment
    A.3 Presentation insensitive SD
Annex B Guidance to implement a User Interface
    B.1 Purpose
    B.2 User interface consistency
    B.3 Use of colour
    B.4 Feedback
    B.5 Security Breach detection
    B.6 Invalid choice
    B.7 Preservation of information presentation
    B.8 Personalisation
    B.9 Signer's Control when integrating with user
         profiling techniques
    B.10 Configure/Edit Signature Creation process
    B.11 Distinguishing between certificates
    B.12 Timing of operations
    B.13 Security of terminals in public domain
    B.14 User retention of secrets
    B.15 User instructions
    B.16 Presentation of operational sequence
    B.17 Presentation of distinguishable parts
    B.18 Guidance
    B.19 Terminology
    B.20 Error tolerance
    B.21 Informative error messages
    B.22 Single handed operation of public SCAs
    B.23 Cancellation of operation
    B.24 Undo operation
    B.25 Signer's Authentication Component (SAC)
         B.25.1 Choice of signer authentication method
         B.25.2 Biometric signer authentication
Annex C Signature Logging Component (SLC)
Annex D (Informative) - SCDev Holder Indicator (SHI)
Annex E (Informative) - References