Verifying signatures
The signatures (including the certificates) returned from the service are already verified by the service. The Relying Party does not need to verify the signatures, but doing so is possible. For that, the following is needed:
The signature returned from the service. A specification of the content is delivered to you on request.
The certificate of the user and intermediate CA:s. These are included in the signature.
The ocspResponse returned from the service.
The self-signed root certificate. This is delivered to you on request.
The following principles apply:
Verify the signature.
Verify the certificates in the certificate chain up to the self-signed root. Note that certificates may have expired at the time of verification if it is later than the time of use.
Verify the status of the ocspResponse to be OK.
Verify the signature of the ocspResponse.
Verify the certificate of the ocspResponse signer and that it is issued by the same CA as the user certificate in question.
Verify the nonce included in the ocspResponse to be correct by matching it with a hash computed of the signature.
The BankID service does not keep the data in the signature. It is the responsibility of the RP to keep it according to applicable regulations and laws.