Examples of certificates with transliteration
The code of a natural person — Registration number of the taxpayer's account card RNOTAC (formerly the code of State register of individuals or TIN) — should currently be set in the certificate in the basic details of the owner of the certificate.
The format of the field is determined by the technical requirements of ETSI EN 319 412-1 "Electronic Signatures and Infrastructures (ESI). Certificate Profiles. Part 1: Overview and common data structures"in paragraph 5.1.3 Natural person semantics identifier
This field must be set as a serial number attribute (serialNumber) with the object identifier id-etsi-qcs-SemanticsId-Natural having the initial characters "TIN" (Tax Identification Number) and the country code characters "TINUA".
The format of the serial number attribute (serialNumber) is determined by the technical recommendations of theIETF RFC 5280 "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile"and the DSTU standard ISO/IEC 9594-8:2021 "Information technologies. Interconnection of open systems.Part 8.Catalog: Framework for Public Key Certificates and Attributes" as X520SerialNumber ::= PrintableString (SIZE (1..ub-serial-number)).
That means, it must be a string of type PrintableString, which can only contain printable ASCII characters (including Latin letters and numbers) and cannot contain Cyrillic letters.
Accordingly, to enter the series and number of the passport of a citizen of Ukraine in the RNOTAC field, it is necessary to perform the procedure of transliteration of Cyrillic letters into Latin.
[Reference information on the transliteration of the Ukrainian alphabet into Latin in the fields of certificates]
natural person or natural person interpreneur
| DSTU | RSA | ECDSA | ||
|---|---|---|---|---|
| encryption | signature | signature | signature | |
| A person with RNOTAC | ||||
| A person without RNOTAC, old model passport data | ||||
| A person without RNOTAC, data from an ID card | ||||
naturall person - representative of legal entities
| DSTU | RSA | ECDSA | ||
|---|---|---|---|---|
| encryption | signature | signature | signature | |
| A person with RNOTAC | ||||
| A person without RNOTAC, old model passport data | ||||
| A person without RNOTAC, data from an ID card | ||||
Also, for compatibility with previous technical solutions for the use of QES in applied systems, it is recommended to duplicate the values of RNOTAC or series and passport numbers in identifiers 1.2.804.2.1.1.1.11.1.4.1.1 in the requisite format - "PrintableString". Coding of the letter part of the requisites is carried out in accordance with the table of transliteration of the Ukrainian alphabet in Latin, approved by Resolution No. 55 of the Cabinet of Ministers of Ukraine dated January 27, 2010.
natural person or natural person interpreneur
| DSTU | ||
|---|---|---|
| encryption | signature | |
| A person with RNOTAC | ||
| A person without RNOTAC, old model passport data | ||
| A person without RNOTAC, data from an ID card | ||