STFbreadcrumb separatorSTFsbreadcrumb separatorSTF Homepagesbreadcrumb separatorSTF318

Specialist Task Force 318:
Electronic Signatures Applied to Registered Emails: formats and policies. 

Who we are:

Team Leader: Juan Carlos Cruellas
Team Members: Nick Pope  
Paloma Llaneza  
Santino Foti  
Luca Boldrin  
Franco Ruggieri  
Peter Lipp  
Gregory Sun
Benjamin Voiturier 

What we do :

Electronic mail is one of the major tools for electronic business and administration. It has been recognised that additional security services are necessary for e-mail to be trusted. In some European Union Member States (Italy, Belgium, Germany, etc.) regulation(s) and application(s) are in place on e-mails (including Internet mail & web mail) providing origin authentication and proof of delivery. Such security services may be used to provide trusted delivery of e-mail equivalent to the existing physical registered postal service. Several approaches are possible in order to realize the goal of trusted “Registered E-Mail” services. This may be enhanced, for example, by other facilities such as the “Digital Postmark” (as specified by the Universal Postal Union) to provide further electronic evidence about the handling of messages. In order to ensure the interoperability of the trusted email services, it is necessary to specify technical formats, as well as procedures and practices for handling registered e-mail and the ways the electronic signatures are applied to it. 

ETSI will first verify among the European Union Member States competent bodies (state authorities, standardisation bodies, e-mail providers, local experts, etc.), as well as with other independent organisations and non EUMS bodies, which current and prospective implementations exist of registered e-mail mechanisms. A Technical Report will be produced to summarize the results of this survey.

Based on this survey outcome, a number of Technical Specifications (TSs) will be produced. These are currently envisaged as follows:
• A TS defining format of the signatures to be applied on registered emails;
• A TS defining the policies of Trusted Service Providers (TSP) applying signatures on registered emails.

Read our Terms of Reference

Request for Input :

STF 318 is currently collecting information on requirements for Registered E-Mail.
Any organisation interested in contributing to the survey should contact the STF leader:

Why we do it:

All over Europe the need for citizens, companies and public authorities to transfer secure, comprehensible and confidential messages as well a sets of data via the internet from one to another is increasing. In order to implement seamless communication between different states, national e-Government services not only need to fully support single market but require that they are open to citizens and enterprises throughout Europe and that the interoperability efforts, currently taking place nationally, would be scaled up to work at a pan-European level.

 Some Ministries of Justice are working on pilot paperless court trial and now they are moving from pilot to real applications.  There are many projects even within the same Member State (they are mostly justice-court-driven) so protocol and format problems of communication abound.

 Due to this scenario, it is necessary to urgently provide the market with specifications of security management and policies for Trusted Service Providers of such IT services.

 Given the need for this service type felt in various EUMS it is urgent that a common set of such specification is published to prevent, or at least reduce, the risk of proliferation of different technical solutions and requirements, thus promoting cross border interoperability and therefore an easier exchange of trustable e-mail all around Europe.

Time plan for the work:

Total Duration:       34 months from November 2006 to August 2009

Performance indicators:

Performance Indicator (Concept) Performance Indicator Value
Number of entities contacted 61
European countries showing interest 17
Number of responses to questionnaires 39
Number of interviews conducted 14
Number of systems whose details are gathered without using the questionnaire 3
Implementations considered The team has analyzed 22 REM services and 13 REM products.
Support from EEMA, CEN, ICCC, government bodies, UPU 8
Liaisons established Close contacts with 4 organizations, namely: UPU, CEN; EEMA and also ISO JTC1/SC27 secretariat contacted. No formal liaisons, although ETSI is working for establishing formal liaisons with ISO JTC1/SC27.
Number of other supports 1, Italian branch of Critical Path, an internationally operating USA company.
Views of responders on Potential market The TR 102 605, in its section 5 “Market”, contains figures that help to assess both the current and the potential market as reported by the responders to the questionnaire. There is significant interest across Europe with already a number of REM products and services deployed.The majority of European countries contacted indicated that REM services or products existed. One organization reports more than 500,000 users, another one more than 100,000 users. As for expected growth, one organization has expectations of serving about 100,000,000 users, and two other organizations expect that these services are used by more than 1,000,000 users.
Views on the need for standardization Some responders manifest support to the standardization in this area.
Number of voluntary effort provided by members of the STF 105, 75 days
Estimation of the time offered by contributors (questionnaire responders and any provider of information) The team thinks that an average time of 3 to 4 hours is required to fulfil the questionnaire, and that interviews have an average duration of between 2 and 3 hours. Time dedicated by contributors to fulfil questionnaires by themselves or through interviews with STF team members can be estimated from the number of questionnaires received and the number of interviews conducted.
Number of man days of participants to the ESI meeting sessions on the subject The 8 experts participated in the preparatory meeting held in Berlin. The 8 experts had a one day face-to-face meeting co-located to the second ETSI Security Workshop in Sophia Antipolis. The 8 experts also had a one day face-to-face meeting co-located to the ESI#16 meeting in Barcelona. They also participated in the two days ESI#16 held in Barcelona. 4 experts attended in person the two days ESI#17 meeting in Sophia Antipolis. One more member attended that meeting remotely.
Number of documents/contributions presented by TB delegates 22. This includes individual contributions to the production of the TR 102 605, as well as the different drafts of this document.
Presentations by STF experts in conferences, face-to-face meetings with stakeholders. Presentation to the Second ETSI Security Workshop, 16th, 17th January.
Number of experts attending the meetings. The STF has conducted 14 meetings: 12 conference calls and 2 face to face meeting. In most of them the 8 experts have been present.
Number of ESI delegates and ETSI staff members attending STF meetings. The STF Manager has participated in one ad-hoc meeting on performance indicators with the STF leader and the STF editor. The ESI chair has attended one conference call. The ESI Technical Officer has attended 3 meetings.
Number of contributions from ESI to the STF work (comments to STF outcome, etc) The preliminary draft of ESI/TR-00051 TR 109 605 was distributed to ESI members on March the 20th, so the team expects comments in the next weeks after the delivery of the present report. The final version of the ESI/TR-00051 TR 109 605 was distributed to the ESI members on 2/7/2007.
Disemination of the work: attendance to workshops, papers and prsentations in conferences Presentation to the Second ETSI Security Workshop, 16th, 17th January Note for the electronic journal of EEMA on the STF-318 concept.
Attendance to conferences and workshops for getting requirements None

How to contact us:

If you would like more information, please contact the STF Leader:

Note: this information is based upon STF working assumptions. The views expressed do not necessarily represent the position of ETSI in this context.