UPDATE ON CEN & ETSI STANDARDISATION ON SIGNATURES

Similar documents
ETSI ESI and Signature Validation Services

ETSI TC ESI WORK ON ELECTRONIC REGISTERED DELIVERY SERVICES AND REGISTERED ELECTRONIC MAIL

ETSI Electronic Signatures and Infrastructures (ESI) TC

Session 1. esignature and eseal validation landscape. Presented by Sylvie Lacroix esignature and eseal validation workshop, Jan

EU e-signature standardisation mandate m460

CEN & ETSI standards & eidas Compliance

eidas Workshop Return on Experience from Conformity Assessment Bodies - EY June 13, 2016 Contacts: Arvid Vermote

ETSI ESI Electronic Signature Activities

The current status of Esi TC and the future of electronic signatures

SSL/TSL EV Certificates

Utimaco eidas Update. June Thorsten Groetker CTO. Utimaco HSM Business Unit Aachen, Germany 2017 Utimaco eidas Update, June 2017 Page 1

Technical guidelines implementing eidas

IAS2. Electronic signatures & electronic seals Up-dates - feedbacks from :

Sándor Szőke, Dr. Microsec Ltd. Migration of national PKI Services to eidas conformant Trust Services case study in Hungary

Electronic registered delivery services (ERDS) in light of the eidas regulation. Warsaw Common Sign Conference 2015

European Commission s proposal for a Regulation on Electronic identification and trust services for electronic transactions in the EU internal market

ETSI TR V1.1.1 ( )

CERTIFICATE OF CONFORMITY. The certification body LSTI. declares BALTSTAMP HEADQUARTER : DARIAUS IR GIRENO STR. 40, LT VILNIUS - LITHUANIA

eidas-compliant signing of PDF

Protection Profiles for Signing Devices

TECHNICAL REPORT Electronic Signatures and Infrastructures (ESI); Guidance on the use of standards for cryptographic suites

ETSI European CA DAY TRUST SERVICE PROVIDER (TSP) CONFORMITY ASSESSMENT FRAMEWORK. Presented by Nick Pope, ETSI STF 427 Leader

EVROTRUST TECHNOLOGIES JSC

BE INVEST INTERNATIONAL SA

eidas compliant Trust Services with Utimaco HSMs

Test Signature Policy Version 1.0

EUROPEAN STANDARD Electronic Signatures and Infrastructures (ESI); Time-stamping protocol and time-stamp profiles

CORPME- COLEGIO DE REGISTRADORES DE LA PROPIEDAD, MERCANTILES Y DE BIENES MUEBLES DE ESPAÑA

Countdown to eidas. Date: 19/04/2016 Auteur: CTIE Révision: 1.0 Ref: EIDAS_CTIE_4 Page 1

ETSI TS V1.1.1 ( )

CERTIFICATE OF CONFORMITY. The certification body LSTI. declares ALEAT HEADQUARTER : SH.P.K RRUGA: XHANFIZE KEKO - TIRANA-ALBANIA

EVROTRUST TECHNOLOGIES AD

Draft EN V0.0.3 ( )

INSTRUCTION FOR OPERATION WITH DESKTOP SIGNER

EUROPEAN STANDARD Electronic Signatures and Infrastructures (ESI); Time-stamping protocol and time-stamp token profiles

CERTIFICATE OF CONFORMITY. The certification body LSTI. declares UNIVERSIGN HEADQUARTER: 40 RUE DES ANCIENS ETANGS , FOREST BELGIQUE

ILNAS/PSCQ/Pr004 Qualification of technical assessors

eidas Regulation (EU) 910/2014 eidas implementation State of Play

Guidance for Requirements for qualified trust service providers: trustworthy systems and products

CERTIFICATE OF CONFORMITY. The certification body LSTI. declares LUXTRUST SA IVY BUILDING L-8308 CAPELLEN - LUXEMBOURG

Resolution of comments on Drafts ETSI EN to ETSI EN May 2014

DIGITALSIGN - CERTIFICADORA DIGITAL, SA.

Identity Documents Personalisation Centre. Conformity Assessment Report: Conformity Certificate and Summary. T-Systems

Certificate. Certificate number: Certified by EY CertifyPoint since: July 10, 2018

European Standards & Community Specifications

FOR QTSPs BASED ON STANDARDS

EUROPEAN STANDARD Electronic Signatures and Infrastructures (ESI); PAdES digital signatures; Part 2: Additional PAdES signatures profiles

Krajowa Izba Rozliczeniowa S.A.

Audit Attestation for CERTSIGN

Policy for electronic signature based on certificates issued by the hierarchies of. ANF Autoridad de Certificación

Draft ETSI EN V1.0.0 ( )

NOBLE presentation of the project

SIGNATURE VALIDATION POLICY AND SIGNATURE VALIDATION PRACTICE STATEMENT OF B-TRUST QUALIFIED VALIDATION SERVICE PROVIDED BY BORICA AD.

ETSI STF 412 AUDIT GUIDELINES FOR EVC (24 TH JAN 2012)

Krajowa Izba Rozliczeniowa S.A.

Protection profiles for TSP Cryptographic modules - Part 5

Trust Services: building blocks for secondary legislation

2017 ANNUAL TRUST SERVICES SECURITY INCIDENTS ANALYSIS. ENISA Article 19 Team

eidas Regulation eid and assurance levels Outcome of eias study

ETSI TS V1.2.1 ( ) Technical Specification

eidas & e-delivery CE Midsummer Conference "The role of policy decisions in the postal & delivery industry", Copenhagen (DK), 12 June 2017

SAREF: A NEW STANDARD FOR SMART APPLIANCES IN SMART HOMES IOT/M2M WORKSHOP FEATURING THE SMART WORLD, S A,15 17 NOV. 2016

Overview & Specification

ETSI ITS Workshop, 7 9 February 2012, Doha

BRITISH TELECOMMUNICATIONS PLC

Final draft ETSI EN V1.1.0 ( )

Digital Signatures: How Close Is Europe to Truly Interoperable Solutions?

Draft ETSI EN V1.0.0 ( )

Comparison of Electronic Signature between Europe and Japan: Possibiltiy of Mutual Recognition

ETSI documents published or circulated for vote/comment in May 2018

The appendix to the certificate is part of the certificate and consists of 3 pages.

ETSI TS V1.1.1 ( )

Draft. Electronic Signatures and Infrastructures (ESI); Protocols for remote digital signature creation STABLE DRAFT

Spanish Information Technology Security Evaluation and Certification Scheme

ETSI TS V1.1.1 ( )

Conformity Assessment Report: Conformity Certificate and Summary. T-Systems Trust Service Provider: Connect Solutions

Electronic signature framework

Qualified Validation Policy

EXBO e-signing Automated for scanned invoices

eias Study on an electronic identification, authentication and signature policy SUPERVISION Presentation on status

EUROCONTROL SWIM Specifications. NM B2B Tech Forum June 2018

Profile for High-Performance Digital Signatures

The appendix to the certificate is part of the certificate and consists of 3 pages.

Standardization mandate addressed to CEN, CENELEC and ETSI in the field of Information Society Standardization

Cosmos POFESSIONALS OF SAFETY ENGINEERING

SmartCards as electronic signature devices Progress of standardization. Helmut Scherzer, CEN TC224/WG16 (Editor) IBM Germany

COOPERATIVE ITS SECURITY STANDARDIZATION AND ACTIVITIES ON EUROPEAN C ITS TRUST MODEL AND POLICY

EUROPEAN STANDARD Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 5: QCStatements

PSD2/EIDAS DEMONSTRATIONS

ETSI TS V1.1.1 ( )

Electronic Signature Format. ECOM Interoperability Plug Test 2005

Conformity Assessment Report: Conformity Certificate and Summary. T-Systems U Trust Service Provider: Connect Solutions

ETSI TS V1.2.1 ( )

ETSI OVERVIEW BY CLUSTERS. ETSI All rights reserved

EUROPEAN STANDARD Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC); Part 2: Additional ASiC containers

ETSI TS V2.2.1 ( )

IFY e-signing Automated for scanned invoices

The appendix to the certificate is part of the certificate and consists of 3 pages.

Raising standards for consumers

Trust Services Practice Statement

Transcription:

UPDATE ON CEN & ETSI STANDARDISATION ON SIGNATURES Workshop eidas Trust Services: 6 months on after the switch-over 19 December 2016 Riccardo Genghini, TC ESI chairman

Topics eidas Standards Status ETSI Ongoing / Future Activities TSP Standards Updates Signature Validation Service edelivery Preservation Remote Signature Creation Component Services CEN Ongoing Activities HSM & Time-stamping protection Profiles Remote Signing 2

eidas Standards Framework: Published Standards Trust services for: Issuing certificates Time Stamping Signature creation services Validation services x19 4xx TSPs supporting digital signatures 119 6xx Trust service status lists x19 5xx Trust application service providers List of approved QTSPs & services supervised by National Bodies Trust services for: Registered edelivery / email Long term preservation Procedures for AdES creation & validation x19 1xx Signature Creation & Validation Formats: XAdES (XML) CAdES (CMS) PAdES (PDF) ASiC (containers) 3 CC Protection Profiles QSCD - Smart Cards HSM used as QSCD HSM used by TSPs Remote QSCD 419 2xx Signing Devices 119 0xx General Framework 119 3xx Signature suites Cryptographic suites - Hash - Asymmetric crypto - Key generation - Lifetime Standards framework Common definitions Guides

Published work inclusion in CID 2 EC Implementing Decisions published on 8 Sept. 2015 mandating support by EU Member States (EUMS) of ESI specifications (baseline CAdES/XAdES/PAdES/ASiC signatures + Trusted Lists) CID (EU) 2015/1505 on Trusted Lists: referring TS 119 612 v2.1.1 CID (EU) 2015/1506 on formats of advanced electronic signatures and advanced seals to be recognised by public sector bodies: referring old baseline profiles, waiting for ENs to be published 1 EC Implementing Decision published on 25 April 2016 referring to CEN standards CID (EU) 2016/650 for the security assessment of qualified signature and seal creation devices: referring to EN 419211 4

Published work - testing and interoperability Testing conformance and interoperability ETSI organized 6 Plugtests in the past 2 years Signature validation Plugtests Nov.-Dec. 2014, in coordination with EC PAdES (May 2015), CAdES (June-July 2015) and XAdES (October 2015) signature formats (testing previous TS and draft ENs) Signature validation Plugtests in February 2016, in coordination with EC ASiC (signature containers) Plugtests (Nov-Dec. 2016) Availability of Signature Conformance checkers for CAdES, XAdES, PAdES and ASiC - freely accessible 5

ESI ongoing work TSP Standards updates to consider feedback received on published documents, revocation status beyond expiry Signature validation service provided by TSP Starting work New standards TS 119 441: TSP Policy requirements TS 119 102-2: Signature Validation Report TS 119 442: Protocols Signature Preservation: Scoping study and framework for long term preservation services Aim complete early 2017 Preservation of the validity of digital signatures Preservation of the integrity of digital objects using digital signature / time-stamping techniques 6

ESI ongoing work Registered edelivery Coherent set of Standards for Electronic Registered Delivery (ERD) and Registered Electronic Mail (REM), which ESI considers a special type of ERD. Documents to be produced: EN 319 522 (ERD) & 319 532 (REM) Technical specifications, including: architecture, semantic contents, formats, bindings to transport protocols EN 319 521 & 319 531 Policy and security requirements TS 119 524 & 119 534 Testing interoperability and conformance 7

ESI future work Remote Signature Creation Component Services Plan Starting early 2017 New standards TS 119 431-1: Policy requirements for TSP Service Components operating for a TSP operating a remote QSCD (Building on CEN standards for server signing) TS 119 431-2: Policy requirements for TSP Service Components supporting AdES Signature Creation TS 119 432: Protocols for remote digital signature creation Preservation 8

CEN - Ongoing Activities EN 419231 Time-stamping Protection Profile Evaluation successfully completed, awaiting certification About to be sent to CEN enquiry EN 419221-5 Protection Profile for TSP cryptographic device evaluation successfully completed, awaiting certification CEN Server signing EN 419 241-1 General System requirements about to be sent to CEN enquiry EN 419 241-2 Protection Profile for QSCD for Server Signing will be sent out to evaluation and CEN enquiry in February 2017 9

Conclusions All primary standards are published as ENs ETSI: available for free download http://www.etsi.org/standards-search Overview of ESI standards: https://portal.etsi.org/tbsitemap/esi/esiactivities.aspx CEN: available through National Standards Orgnisations Ongoing support for eidas standards Any questions

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback