A.3 Bit-Preserving Digital Signatures Secure Use Profile

An implementation that stores and forwards SOP Instances may claim conformance to the Bit-Preserving Digital Signatures Secure Use Profile. Any implementation that claims conformance to this Security Profile shall obey the following rules in handling Digital Signatures:

  1. The implementation shall store any SOP Instances that it receives in such a way that when the SOP instance is forwarded to another Application Entity, the Value fields of all Attributes are bit-for-bit duplicates of the fields originally received.

  2. The implementation shall not change the order of Items in a Sequence.

  3. The implementation shall not remove or change any Data Element of any SOP Instance that it receives when sending that SOP Instance on to another Application Entity via DICOM. This includes any Digital Signatures received.

Note: Implementations may add new Data Elements that do not alter any existing Digital Signatures.

  1. The implementation shall utilize an explicit VR Transfer Syntax.

Note: Implementations that cannot use an explicit VR Transfer Syntax cannot conform to this Secure Use Profile, since it may not be able to verify Digital Signatures that are received with an implicit VR Transfer Syntax.

  1. The implementation shall not change the VR of any Data Element that it receives when it transmits that object to another Application Entity.