Specialist Task Force 459:
Priority Activities relating to Testing Compliance & Interoperability and Trust Applications Service Providers

Who we are:

Team Leader: Juan Carlos Cruellas (UPC) cruellas@ac.upc.edu
Team Members: Jörg Apitzsch (bremen online) ja@bos-bremen.de
Luca Boldrin (InfoCert) luca.boldrin@infocert.it
Andrea Caccia (Knowledge works) andrea.caccia@studiocaccia.com
Santino Foti (Criticalpath) Santino.Foti@criticalpath.net
Paloma Llaneza (Llaneza A+A) pll@palomallaneza.com
Luigi Rizzo (InfoCert)  luigi.rizzo@infocert.it
Arne Tauber (Siftung) Arne.Tauber@iaik.tugraz.at
Laurent Velez (ETSI) Laurent.Velez@etsi.org

What we do:

The STF-459 is one of the three STFs (the other two are STF-457 and STF-458) that are going to implement Phase 2 of the Electronic Signature Mandate/460 requirement for a “rationalsed European eSignature standardisation framework”. The activities of the STF-459 fall within the two following areas:

1. Registered Electronic Delivery. The STF is going to generate a Special Report, which will include a proposal for a rationalised, and well-organized set of standards for Electronic Delivery Applying Electronic Signatures fully aligned with the principles, criteria and structure of the Rationalised Framework of Electronic Signatures (the Rationalised Framework henceforth). This Special Report will complement the aforementioned Rationalized Framework for this specific type of Trust Services Providers using Electronic Signatures. 
2. Testing interoperability and conformance. In this area, the STF aims at producing a set of ETSI Technical Specifications (ETSI TSs) and software tools that will help to accelerate the generation and deployment of systems that ensure true interoperability of electronic signatures across the European Union.

a. The STF will generate a set of ETSI TSs that will define test suites for testing interoperability of Advanced Electronic Signatures (including their Baseline Profiles) in their different formats, Containers of those signatures, and also Trusted Lists of Certification Services Providers.

b. The STF will also generate a set of ETSI TSs that will define complete test suites for testing compliance of  Advanced Electronic Signatures, Containers and Trusted Lists, against the corresponding European Norms (under development in STF-458) specifying such signatures, containers and lists.

c. The STF will develop a set of software tools for automatically test compliance of Advanced Electronic Signatures and Containers, and deploy them in ETSI portal for Electronic Signature (as it is currently deployed the XAdES Baseline Profile Conformity Testing Tool).

d. In addition, the STF will elaborate a plan for coordinating activities dealing with testing interoperability and conformity, with those activities dealing with the actual development and promotion of a selected set of standards in the Rationalised Framework. This will be done in close co-operation with the ETSI Centre for Testing and Interoperability (ETSI CTI), and the already mentioned two STFs.

For more details, see our Terms of Reference

Why we do it:

Testing compliance and interoperability is a vital element of standardisation.  Once the standards have been fully defined then true interoperability is achieved once implementers have demonstrated compliance to the standard and the ability to interoperate with other implementations. The ETSI TSs defining tests suites for testing interoperability and for testing compliance, and the set of software tools that test compliance of signatures against the standards that define them, are parts of the holistic package (conceived by ETSI), of tools for supporting and accelerating the deployment of interoperable Electronic Signatures across Europe. The third part of this package is the ETSI Electronic Signatures Portal, a portal that supports Remote Interoperability and Conformity test events. The products generated by the STF-459 are crucial for the completion of this package.

Registered e-Delivery has been identified as an important component of a number of electronic services such as e-Justice and e-Procurement. Such a service ensures that users can have strong evidence of the delivery of information needed to conduct electronic transactions, thereby avoiding any uncertainty over the status of any transaction. It is recognised that electronic signatures form an essential element of e-Delivery, however it has yet to be established what features will be needed for e-Delivery.  This has similar properties to the existing standardised approach for registered electronic mail (REM) but because of the potential interactive nature of e-Delivery services variations of these features may well be necessary.  At present a high variety of solutions have been specified (and some of them even implemented total or partially). The EC, aware of this disparity of solutions and its inherent danger, is requesting to the relevant players in the e-Delivery arena to provide a clear effort to achieve convergence in these different solutions.

How we do it:

Regarding the production fo Rationalised framework of Standards for Electronic Delivery Applying Electronic Signatures, the STF is going to conduct a study on Electronic Delivery standardisation requirements, which will drive the generation of the framework. This activity will encompass the activities of some key LSPs (like e-Codex, e-Sens and others that very likely will be born during this phase), will closely work with them and will develop the part of the Rationalised Framework on Electronic Signatures on this field, so that ETSI TC ESI may launch as quickly as possible the corresponding efforts to produce the corresponding standards. In fact some members of this STF are also active members in e-Codex, e-Sens and have participated in other relevant LSPs in this field, like BUSDOX and STORK. Additionally, ETSI has itself become a member of e-Codex, which ensures the presence of ESI TC members  in its activity and a fluent exchange of information.

As for the report that will coordinate the activities on interoperability and conformity tests, the STF team will coordinate with the STFs in charge of the development of the different areas of the Rationalised Framework and ETSI CTI all the required activities dealing with the organization of interoperability tests events and conformity tests events (including provision of resulting feedback), with the production of Technical Specifications required for these types of tests, and with the development and deployment of conformity tools. The STF will identify the critical ENs whose adoption and deployment would largely benefit from this type of events and tools, and for each, it will identify those relevant aspects that have to be subject of interoperability tests. It also will agree with those entities a sensible scheduling for interoperability test events that ensures first that a reasonable amount of tools are available at the market for being tested, and second, that these tests may actually impact in due time the standardisation process, allowing the ENs to fix any interoperability problem or ambiguity identified by the participants in these events. Finally, it will also define the scheduling of conformity testing tools development and deployment. The task will also define when and how these tools have to be made available to the community.

As for the generation of the ETSI TSs that will define tests suites for testing interoperability and conformity, the STF will take benefit of STF-428’s legacy. That STF generated a first version of ETSI TS 119 1444 Part 2: “Test Suite for PAdES interoperability test events” v1.1.1,   ETSI TS 119 164 Part 2: “Test Suite for ASiC interoperability test events” v1.1.1, and ETSI TS 119 134 Part 5: Conformance Testing for XAdES Baseline Profile” v1.1.1. The STF will also review current state of the conformance assertions technologies as they are key to the definition of conformance tests. The STF will continuously survey the progress of the ENs by the other STFs, in order to ensure that these ETSI TSs correctly deal with any change and evolution in those ENs. A certain degree of shared membership (some members of this STF are also members of the others) will ensure an accurate knowledge of that progress.

Finally, as for the development and deployment of the conformance testing tools for the different formats and profiles of electronic signatures, the STF will take advantage of the legacy of STF-428, which developed the XAdES Baseline Profile Conformance Testing Tool and deployed it at the ETSI Electronic Signatures Portal, as this will be the starting point for further developments.

Deliverables:

Below follows the list of deliverables to be produced by the STF-459, as per its Terms of Reference:

Time plan:

Please indicate the expected time scale for the production of the deliverables, including intermediate milestones (e.g. stable draft, WG approval, TB approval).

Belows follows the time plan for this STF.

How to contact us:

Juan Carlos Cruellas: cruellas@ac.upc.edu

This information is based upon STF working assumptions.
The views expressed do not necessarily represent the position of ETSI in this context.

Last updated: 2013-04-17 15:59:45