The validation of an electronic signature is the process by which it is checked:

• The Marketing Authorisation Holder and Manufacturer identity of the signatory
• The Marketing Authorisation Holder and Manufacturer integrity of the signed document
• The Marketing Authorisation Holder and Manufacturer temporary validity the certificate used

We know that in the signing process, the signatory uses his electronic certificate, in particular his private key, to obtain electronic signature.

The first two verifications can be made from an application without internet connection simply using the certificate included in the same signature.

But how do we know if that certificate is valid? Was it revoked at the time of signature? Or if the authority that issued it is trustworthy?

The signature validation process cannot be separated from the validation process of the certificate used for the signature. And that's why the validation of the signature, also implies certificate validation.

The electronic certificate can only be validated for as long as it is active, since once the expiry date has expired it disappears from the revocation lists of the Certifying Authority and it is no longer possible to verify the status at the time of signature.

If the certificate is invalid, expired or revoked, the signature cannot be valid correctly since we cannot know what the certificate was certificate status at the time of signature.

Therefore, the three validations depend on the ability to validate the certificate, for which an internet connection is necessary to allow access to a certificate validation platform.

Validation platforms are online systems that allow the validation of electronic certificates.

The Validation Authority is the component providing information on the validity of electronic certificates that have been registered by a Registration Authority and certified by the Certification Authority. In general, the Certification Authority is also the Validation Authority, although both figures may be represented by different entities.

Information on Electronic Certificates revoked (not in force) is stored in the so-called Certificates Revocation Lists (CRL) maintained by the Validation Authorities.

The validation or verification of the status of a certificate may be carried out via the internet by accessing the service provided by the Validation or Certification Authority that issued the certificate. For example, in the case of certificates issued by the FNMT you can verify the status of the certificate by accessing the page Check Certificate Status.

As we have seen, the verification of each certificate should be carried out by directly accessing the services of the Validation or Registration Authority that issued it. This may be a drawback when the number of certificates to be verified is high and have also been issued by different Certification Authorities.

Validation platforms emerge to assist in these certificate verification operations. They centralise the validation services by acting as fronts that receive each request and forward it to the relevant Validation Authority. In this way, the user of the service may forget the task of knowing the specific mechanisms of each of the Validation Authorities.

Application of Signature Validation and Online Certificates of @signature) is the validation platform that the General Government of the State makes available to administrations and citizens for the validation of certificates and, in addition, offers the following services:

• Validation of electronic signatures
• Generation of electronic signatures in multiple formats
• Display of signatures with the help of the Viewfinder

The viewer is a tool that allows generate a report signature and see information the electronic signature itself and the signed document.

The document generated does not have the same legal value as the signature. In fact, it can be valid in terms that are determined for use. In general, in this case, the printed document will contain a CSV or Safe Verification Code that allows the printed copy to be contrasted with the electronic original.