The e-CODEX Trust Library can be used to create a validation document, the „Trust Ok“-Token, to give a legal- and technical evaluation for a given document and to link the created „Trust Ok“-Token to the validated document by the means of a signed container following the ASiC-S standard. It can be used in environments where the verification of a documents validity is not possible on a receiving side: The document is verified on the sending side and a validation report is bound to the document within a secure container that can be verified on the sending side using this library as well.
The default, technical evaluation is based on the validation of a documents signature using the libraries of the project „Digital Signature Service“ (https://joinup.ec.europa.eu/asset/sd-dss/description) and supporting signatures following the ETSI standards XAdES, PAdES or CAdES. In case of a need to validate other signature formats it is also possible to create an own technical evaluation and to replace the used libraries.
As an alternative to a system relying on signatures it is also possible to create an own technical validation based on a users’ authentication to a system. The default legal evaluation is given by analysing the result of the technical evaluation.
Currently the library is a part of the DOMIBUS Connector Framework and is used within e-CODEX pilots for both the validation of electronic signatures and the acknowledgment that a document has been created within a secure, authentication-based environment.