Specialist Task Force 318:
Electronic Signatures Applied to
Registered Emails: formats and policies.
Who we are:
Team Leader: Juan Carlos
Team Members: Nick Pope
What we do :
Electronic mail is one of the major tools for electronic
business and administration. It has been recognised that additional security
services are necessary for e-mail to be trusted. In some European Union Member
States (Italy, Belgium, Germany, etc.) regulation(s) and application(s) are in
place on e-mails (including Internet mail & web mail) providing origin
authentication and proof of delivery. Such security services may be used to
provide trusted delivery of e-mail equivalent to the existing physical
registered postal service. Several approaches are possible in order to realize
the goal of trusted “Registered E-Mail” services. This may be enhanced, for
example, by other facilities such as the “Digital Postmark” (as specified by the
Universal Postal Union) to provide further electronic evidence about the
handling of messages. In order to ensure the interoperability of the trusted
email services, it is necessary to specify technical formats, as well as
procedures and practices for handling registered e-mail and the ways the
electronic signatures are applied to it.
ETSI will first verify among the European Union Member States competent bodies
(state authorities, standardisation bodies, e-mail providers, local experts,
etc.), as well as with other independent organisations and non EUMS bodies,
which current and prospective implementations exist of registered e-mail
mechanisms. A Technical Report will be produced to summarize the results of this
Based on this survey outcome, a number of Technical Specifications (TSs) will be
produced. These are currently envisaged as follows:
• A TS defining format of the signatures to be applied on registered emails;
• A TS defining the policies of Trusted Service Providers (TSP) applying
signatures on registered emails.
Request for Input :
STF 318 is currently collecting information on requirements for
Any organisation interested in contributing to the survey should contact the STF
Why we do it:
All over Europe the need for citizens, companies and public authorities to
transfer secure, comprehensible and confidential messages as well a sets of data
via the internet from one to another is increasing. In order to implement
seamless communication between different states, national e-Government services
not only need to fully support single market but require that they are open to
citizens and enterprises throughout Europe and that the interoperability
efforts, currently taking place nationally, would be scaled up to work at a
Some Ministries of Justice are working on pilot paperless court trial and now
they are moving from pilot to real applications. There are many projects even
within the same Member State (they are mostly justice-court-driven) so protocol
and format problems of communication abound.
Due to this scenario, it is necessary to urgently provide
the market with specifications of security management and policies for Trusted
Service Providers of such IT services.
Given the need for this service type felt in various EUMS
it is urgent that a common set of such specification is published to prevent, or
at least reduce, the risk of proliferation of different technical solutions and
requirements, thus promoting cross border interoperability and therefore an
easier exchange of trustable e-mail all around Europe.
Time plan for the work:
months from November 2006 to August 2009
|Performance Indicator (Concept)
||Performance Indicator Value
|Number of entities contacted
|European countries showing interest
|Number of responses to questionnaires
|Number of interviews conducted
|Number of systems whose details are gathered without using the questionnaire
||The team has analyzed 22 REM services and 13 REM products.
|Support from EEMA, CEN, ICCC, government bodies, UPU
||Close contacts with 4 organizations, namely: UPU, CEN; EEMA and also ISO JTC1/SC27 secretariat contacted. No formal liaisons, although ETSI is working for establishing formal liaisons with ISO JTC1/SC27.
|Number of other supports
||1, Italian branch of Critical Path, an internationally operating USA company.
|Views of responders on Potential market
||The TR 102 605, in its section 5 “Market”, contains figures that help to assess both the current and the potential market as reported by the responders to the questionnaire. There is significant interest across Europe with already a number of REM products and services deployed.The majority of European countries contacted indicated that REM services or products existed. One organization reports more than 500,000 users, another one more than 100,000 users. As for expected growth, one organization has expectations of serving about 100,000,000 users, and two other organizations expect that these services are used by more than 1,000,000 users.
|Views on the need for standardization
||Some responders manifest support to the standardization in this area.
|Number of voluntary effort provided by members of the STF
||105, 75 days
|Estimation of the time offered by contributors (questionnaire responders and any provider of information)
||The team thinks that an average time of 3 to 4 hours is required to fulfil the questionnaire, and that interviews have an average duration of between 2 and 3 hours. Time dedicated by contributors to fulfil questionnaires by themselves or through interviews with STF team members can be estimated from the number of questionnaires received and the number of interviews conducted.
|Number of man days of participants to the ESI meeting sessions on the subject
||The 8 experts participated in the preparatory meeting held in Berlin. The 8 experts had a one day face-to-face meeting co-located to the second ETSI Security Workshop in Sophia Antipolis. The 8 experts also had a one day face-to-face meeting co-located to the ESI#16 meeting in Barcelona. They also participated in the two days ESI#16 held in Barcelona. 4 experts attended in person the two days ESI#17 meeting in Sophia Antipolis. One more member attended that meeting remotely.
|Number of documents/contributions presented by TB delegates
||22. This includes individual contributions to the production of the TR 102 605, as well as the different drafts of this document.
|Presentations by STF experts in conferences, face-to-face meetings with stakeholders.
||Presentation to the Second ETSI Security Workshop, 16th, 17th January.
|Number of experts attending the meetings.
||The STF has conducted 14 meetings: 12 conference calls and 2 face to face meeting. In most of them the 8 experts have been present.
|Number of ESI delegates and ETSI staff members attending STF meetings.
||The STF Manager has participated in one ad-hoc meeting on performance indicators with the STF leader and the STF editor. The ESI chair has attended one conference call. The ESI Technical Officer has attended 3 meetings.
|Number of contributions from ESI to the STF work (comments to STF outcome, etc)
||The preliminary draft of ESI/TR-00051 TR 109 605 was distributed to ESI members on March the 20th, so the team expects comments in the next weeks after the delivery of the present report. The final version of the ESI/TR-00051 TR 109 605 was distributed to the ESI members on 2/7/2007.
|Disemination of the work: attendance to workshops, papers and prsentations in conferences
||Presentation to the Second ETSI Security Workshop, 16th, 17th January Note for the electronic journal of EEMA on the STF-318 concept.
|Attendance to conferences and workshops for getting requirements
How to contact us:
If you would like more information, please contact the STF
Note: this information is based upon STF working assumptions.
The views expressed do not necessarily represent the position of ETSI in this