diff options
Diffstat (limited to 'release-infos/handbook/conf/moa-spss/svaconfig.example')
| -rw-r--r-- | release-infos/handbook/conf/moa-spss/svaconfig.example | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/release-infos/handbook/conf/moa-spss/svaconfig.example b/release-infos/handbook/conf/moa-spss/svaconfig.example new file mode 100644 index 0000000..7be4541 --- /dev/null +++ b/release-infos/handbook/conf/moa-spss/svaconfig.example @@ -0,0 +1,97 @@ +# Format [key]=[value] +# +# Note that if an '=' is used in a key or value it has to be escaped: "\=" + +##################### WebConfig ####################### + +#The path to the sva configuration file +#svaconfig=/data/sigval/incoming/svaconfig + +#The directories where to store the collected testdata +#testdir=/data/sigval/incoming/test/ + +#The basepath for signature validation +#basepath=/data/sigval/incoming + +###################################################### + +#The path prefix for all file system locations +pathprefix=/home/user/example/prefix + +#The file where the xmldsig core schema is located +xmlschemaloc=schema/xmldsig-core-schema.xsd + +#The root folder where truststore and certstore are created later on +certroot=certs/example + +#The folder containing the trustanchors +trustanchorloc=certs/example/trustanchors + +#The folder containing the timestampauthority trustanchors +tsttrustanchorloc=certs/example/tstanchor + +#The folder containing alternative revocation information (comment out to use +#infos contained in the certificate) +#altdp=certs/example/revocation + +#The maximum age of a revocation information of a end user certificate in hours +endusercertgrace=4382 + +#The maximum age of a revocation information for a ca certificate in hours +cacertgrace=4382 + +tstcoherencetolerance=10 + +#The maximum time difference (in hours) the signing-time property and a +#time stamp +#timestampdelay=24 + +# Defines the forbidden hashing algorithms and the inception date +# Format: {<algorithm name>, <inception date>};{<algname 2>, <inc date 2>}... +hashconstraint={md5, 2000-08-08};{sha1, 2013-08-08} + +# Defines the minimum required key lengths +# Format: {<algorithm name>, <min len>,<inception date>};{...}... +keylenconstraint={rsa, 1024, 2000-08-08} + +# Defines the minimum required key lengths for CA Certificates +# Format: {<algorithm name>, <min len>,<inception date>};{...}... +cakeylenconstraint={rsa,512,2000-08-08} + +# Defines the minimum required key lengths for timestamps +# Format: {<algorithm name>, <min len>,<inception date>};{...}... +tstkeylenconstraint={rsa, 1024, 2000-08-08} + +# Defines the mapping from sub indications to main indications. +# If a sub indication1 is not present or empty, the default mappings are used. +# See "Final draft ETSI EN 319 102-1 V1.1.0 (2016-02)" +# Format: {<sub indication1>, <main indication1>};{...}... +indicationmapping={FORMAT_FAILURE,INDETERMINATE};{NO_VALID_TIMESTAMPS_FOUND, INDETERMINATE} + +# Allows any key usage if set to true, otherwise only dig. signature +allowanykeyusage=false + +# Defines the chaining model for path validation. +# possible values are: +# - All certificates are valid at validationtime (SHELL model). This is the default value. +# - All certificates are valid at the time they were used for issuing a certificate or signing (CHAIN model). +chainingmodel=shell + +# Defines if the validation of each timestap should be added to the validation report. +# If set to true, the timestamp validation reports will be added. Default value is true. +timestampreports=true + +# defines the bits which HAS TO be set in the key usage field of the +# end users certificate. The valid bits (from RFC5280) to set are as follows: +# (if omitted or empty it defaults to DIGITAL_SIGNATURE): +# digitalSignature (0), +# contentCommitment (1) +# dataEncipherment (3), +# keyAgreement (4), +# keyCertSign (5), +# cRLSign (6), +# encipherOnly (7), +# decipherOnly (8) + +# Format: {<index of bit to set>; ...} +keyusage = {0, 1}
\ No newline at end of file |