Policy
Specify minimum XAdES level for digital signature generation
Microsoft Office
Policy overview
Key metadata and intent for this policy.
This policy setting lets you specify a minimum XAdES level that Office 2016 applications must reach in order to create an XAdES digital signature. If unable to reach the minimum XAdESLevel, the Office application fails to create the signature. If you enable this policy setting, you can set the following minimum XAdES levels that must be met by the Office application before creating the digital signature. - No minimum level - XAdES-BES: Must create at least XAdES-BES or fail - XAdES-T: Must create at least XAdES-T (timestamp) or fail. - XAdES-C: Must create at least XAdES-C (certificate and revocation references) or fail. - XAdES-X: Must create at least XAdES-X (timestamp -C) or fail. - XAdES-X-L: Must create at least XAdES-X-L (store certificate and revocation values) or fail. If you disable or do not configure this policy setting, Office 2016 does not require a minimum XAdES level and creates the most advanced XAdES signature possible, up to the level specified in the policy setting
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Scope | Element | Type | Registry mapping | Constraints & behavior | Copy |
|---|---|---|---|---|---|
| User | L_SpecifyMinimumXAdESLevelForDigitalSignatureGenerationDropID ID L_SpecifyMinimumXAdESLevelForDigitalSignatureGenerationDropID | enum | Path software\policies\microsoft\office\16.0\common\signatures Value name minxadeslevel Type REG_DWORD | Options: No minimum level (0), XAdES-BES (1), XAdES-T (2), XAdES-C (3), XAdES-X (4), XAdES-X-L (5) |