Electronic registered delivery services (ERDS) in light of the eidas regulation. Warsaw Common Sign Conference 2015

Similar documents
eidas & e-delivery CE Midsummer Conference "The role of policy decisions in the postal & delivery industry", Copenhagen (DK), 12 June 2017

ETSI ESI and Signature Validation Services

UPDATE ON CEN & ETSI STANDARDISATION ON SIGNATURES

eidas Regulation eid and assurance levels Outcome of eias study

e-sens Electronic Simple European Networked Services

ETSI TC ESI WORK ON ELECTRONIC REGISTERED DELIVERY SERVICES AND REGISTERED ELECTRONIC MAIL

ETSI Electronic Signatures and Infrastructures (ESI) TC

e-sens Electronic Simple European Networked Services Klaus Vilstrup Pedersen WP6 Manager DIFI, Norway

Trust Services: building blocks for secondary legislation

NOBLE presentation of the project

Security Aspects of Trust Services Providers

Countdown to eidas. Date: 19/04/2016 Auteur: CTIE Révision: 1.0 Ref: EIDAS_CTIE_4 Page 1

FOR QTSPs BASED ON STANDARDS

Technical guidelines implementing eidas

STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL?

Certificate. Certificate number: Certified by EY CertifyPoint since: July 10, 2018

Live Webinar Electronic Registered Delivery Service (ERDS) and the eidas Regulation. 12 September 2016

e SENS Pilots of eid, esignatures and Trusted Services

Electronic signature framework

European Commission s proposal for a Regulation on Electronic identification and trust services for electronic transactions in the EU internal market

Sándor Szőke, Dr. Microsec Ltd. Migration of national PKI Services to eidas conformant Trust Services case study in Hungary

CEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''

eidas Regulation in the context of Cybersecurity: Electronic seals and website certificates: Two sides of a (gold) medal?

Comparison of Electronic Signature between Europe and Japan: Possibiltiy of Mutual Recognition

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

eidas compliant Trust Services with Utimaco HSMs

edelivery Tutorial How can CEF help you set-up your edelivery infrastructure? November 2016

The NIS Directive and Cybersecurity in

Session 1. esignature and eseal validation landscape. Presented by Sylvie Lacroix esignature and eseal validation workshop, Jan

Trust Services for Electronic Transactions

Interoperability Challenge of Certified Communication Systems via Internet

CEN & ETSI standards & eidas Compliance

This document is a preview generated by EVS

NIS Standardisation ENISA view

eidas Regulation (EU) 910/2014 and the Connecting Europe Facility Boosting trust & security in the Digital Single Market

Network and Information Security Directive

ENISA s Position on the NIS Directive

13303/17 CB/ek 1 DGE 2B

Utimaco eidas Update. June Thorsten Groetker CTO. Utimaco HSM Business Unit Aachen, Germany 2017 Utimaco eidas Update, June 2017 Page 1

The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18

ETSI TR V1.1.1 ( )

esignature Infrastructure Marketing Model

eidas Regulation (EU) 910/2014 eidas implementation State of Play

Connecting Europe Facility Introducing CEF edelivery. Christian RASMUSSEN, DG DIGIT. DIGIT Directorate-General for Informatics

Protection Profiles for Signing Devices

ILNAS/PSCQ/Pr004 Qualification of technical assessors

Security guidelines on the appropriate use of qualified electronic registered delivery services Guidance for users

The CEF Building Blocks & #REUSE in the Twenty-First Century

European Union Agency for Network and Information Security

VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe

Guidance for Requirements for qualified trust service providers: trustworthy systems and products

ETSI European CA DAY TRUST SERVICE PROVIDER (TSP) CONFORMITY ASSESSMENT FRAMEWORK. Presented by Nick Pope, ETSI STF 427 Leader

ETSI - European CA-Day. November 29th 2012 I Dr. Kim Nguyen, Chief Scientist Security, Managing Director D-Trust

The commission communication "towards a general policy on the fight against cyber crime"

2017 ANNUAL TRUST SERVICES SECURITY INCIDENTS ANALYSIS. ENISA Article 19 Team

Harmonisation of Digital Markets in the EaP. Vassilis Kopanas European Commission, DG CONNECT

ISA 2 Programme & EIF

eid building block Introduction to the Connecting Europe Facility DIGIT Directorate-General for Informatics

ENISA Cooperation in the EU / NIS Directive

SAT for eid [EIRA extension]

22 November Introduction to Connecting Europe Facility. DIGIT Directorate-General for Informatics

SECURITY FRAMEWORK F TRUST SERVICE PROVIDERS

Agenda. 1. The LoU between EC-CEF and OpenPEPPOL about transition and migration to AS4 - Niels

Cybersecurity & Digital Privacy in the Energy sector

CERTIFICATE OF CONFORMITY. The certification body LSTI. declares BALTSTAMP HEADQUARTER : DARIAUS IR GIRENO STR. 40, LT VILNIUS - LITHUANIA

The current status of Esi TC and the future of electronic signatures

ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)

Cross border eservices STORK 2.0

eidas Workshop Return on Experience from Conformity Assessment Bodies - EY June 13, 2016 Contacts: Arvid Vermote

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017

European Interoperability Reference Architecture (EIRA) overview

Draft ETSI EN V1.0.0 ( )

European Framework for C-ITS Security 6 th of March 2018 Gerhard Menzel European Commission

CEF Telecom policy background. DG CONNECT, 12 September 2017

Electronic and digital signatures in Adobe Sign for government.

Securing Europe's Information Society

ETSI ESI Electronic Signature Activities

Update on Security, Privacy and Safety Standards

CERTIFICATE OF CONFORMITY. The certification body LSTI. declares ALEAT HEADQUARTER : SH.P.K RRUGA: XHANFIZE KEKO - TIRANA-ALBANIA

Cosmos POFESSIONALS OF SAFETY ENGINEERING

Cybersecurity eit. Software. Certification. Industrial Security Embedded System

ehealth action in the EU

Digital Austria = egov best practice in d Europe

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018

ISO/IEC INTERNATIONAL STANDARD

Comprehensive Study on Cybercrime

NEWSFLASH GDPR N 8 - New Data Protection Obligations

Privacy Statement for Use of the Trust Service of Swisscom IT Services Finance S.E., Austria

Cyber Security in Europe and CEER s new PEER initiative

Joint FIEEC-ZVEI Position on Cybersecurity

DIGITIZING INDUSTRY, ICT STANDARDS TO

Identity Documents Personalisation Centre. Conformity Assessment Report: Conformity Certificate and Summary. T-Systems

Package of initiatives on Cybersecurity

Conformity Assessment Report: Conformity Certificate and Summary. T-Systems Trust Service Provider: Connect Solutions

ISO/IEC TR Information technology Security techniques Guidelines for the use and management of Trusted Third Party services

World Telecommunication Development Conference (WTDC- 14) Dubai, 30 March 10 April 2014

Conformity Assessment Report: Conformity Certificate and Summary. T-Systems U Trust Service Provider: Connect Solutions

EU policy on Network and Information Security & Critical Information Infrastructures Protection

NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

GSME proposals regarding mobile theft and IMEI security

Transcription:

Electronic registered delivery services (ERDS) in light of the eidas regulation Warsaw Common Sign Conference 2015

! 1. e-delivery and the eidas regulation - EU legislative framework - French legislative framework! 2. Ongoing e-sens project in France to prepare the eidas regulation - In partnership with Germany - And other Member States! 3. Further steps needed for a trully interoperable ERDS on the European level - in the field of standardization - Ongoing debate on Implementing Acts 2

3

What is e-delivery? «What is electronic delivery? It is a service that, to a certain extent, is the equivalent in the digital world of registered mail in the physical world. At the moment the legal effect of the "registration" of an email stops at the border of the Member State of origin of an e-mail unless the Member State of destination recognizes the registered nature of the email.» Source : Memo 12/403 of the European Commission, «Electronic identification, signatures and trust services: Questions & Answers», June 4th, 2012 4

ERDS in eidas Initial version of eidas regulation in 2012 Definition (art 3) (28) electronic delivery service means a service that makes it possible to transmit data by electronic means and provides evidence relating to the handling of the transmitted data, including proof of sending or receiving the data, and which protects transmitted data against the risk of loss, theft, damage or any unauthorised alterations; Requirements for qualified electronic delivery services (art 36) 1. Qualified electronic delivery services shall meet the following requirements:! (a) they must be provided by one or more qualified trust service provider(s);! (b) they must allow the unambiguous identification of the sender and if appropriate, the addressee;! (c) the process of sending or receiving of data must be secured by an advanced electronic signature or an advanced electronic seal of qualified trust service provider in such a manner as to preclude the possibility of the data being changed undetectably;! (d) any change of the data needed for the purpose of sending or receiving the data must be clearly indicated to the sender and addressee of the data;! (e) the date of sending, receipt and any change of data must be indicated by a qualified electronic time stamp;! (f) in the event of the data being transferred between two or more qualified trust service providers, the requirements in points (a) to (e) shall apply to all the qualified trust service providers. Final version of eidas regulation in 2014 Definition (art 3) (36) electronic registered delivery service means a service that makes it possible to transmit data between third parties by electronic means and ( idem) Requirements for qualified electronic delivery services (art 36) 1. Qualified electronic registered delivery services shall meet the following requirements:! (a) they are provided by one or more qualified trust service provider(s);! (b) they ensure with a high level of confidence the identification of the sender;! (c) they ensure the identification of the addressee before the delivery of the data;! (d) the sending and receiving of data is secured by an advanced electronic signature or an advanced electronic seal of a qualified trust service provider in such a manner as to preclude the possibility of the data being changed undetectably;! (e) any change of the data needed for the purpose of sending or receiving the data is clearly indicated to the sender and addressee of the data;! (f) the date and time of sending, receiving and any change of data are indicated by a qualified electronic time stamp.! In the event of the data being transferred between two or more qualified trust service providers, the requirements in points (a) to (f) shall apply to all the qualified trust service providers. 5

! Civil Code - Art 1369-8 (2011): Legislative framework for ERDS used for commercial contracts B2C, C2C, B2B relations! Ordonnance on State-citizens relations (2014) : Legislative framework for teleservices with the same value as ERDS C2A, A2C relations A2C, A2B, B2B, B2C, C2C relations! «Projet de loi pour une république numérique» Draft law under discussion for a harmonized framework on ERDS for citizens & companies 6

7

! Domain: WP5.4 Business Lifecycle! Cross border communication using existing national electronic Delivery solutions.! Sending receipts, acknowledgments or confirmations legally binding and directly to the end user.! Analysing required standards and rules from an interoperability perspective regarding standardisation on e-delivery in ETSI in the context of eidas. 8

Coordinator of the project French and German Industrial Partners Austrian public-private partner German and French administrations 9

13

! At ETSI A Special Report (SR 019 050) on ERDS is publicly available on ETSI website. Specialist Task Force (STF) will be set-up to work on ERDS, in collaboration with CEN TC 331 WG2, UPU, e-sens and others.! At CEN TS 16 326 on registered electronic mail (open to all operators, not only postal)! At UPU S52 on postal electronic registered mail 14

! France and Germany believe that the Commission should draft an Implementing Act for e-delivery to promote alignment among implementations of e-delivery in different Member States.! The Commission is currently assessing candidate standards including those for e-delivery, with the support of ENISA.! Nevertheless, availability and compatibility of standards with the requirements of the Regulation is a necessary for the adoption of Implementing Acts.! Other parameters such as 'market needs' must also be taken into account before taking a decision 15

New eidas technical subgroup on e-delivery Agenda for next meeting (November 2015) Presentations of some examples of edelivery work in MSs; Presentation of edelivery within the context of the postal sector; Presentation and round table on standards/ technical specifications for edelivery; Discussion on the way forward regarding a possible Implementing Act for edelivery; Presentation about how CEF edelivery is being implemented in different domains: ejustice, eprocurement, within esens, etc.; Preparation of the questionnaire requested during the meeting. 16

! Thank you for your attention 17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback