STFs * STF HomePages * STF458

Specialist Task Force 458:
Signature Creation and Validation and Trusted Service Providers (TSP) supporting eSignatures

Who we are:

Team Leader: Nick Pope,Thales, nick.pope@thales-esecurity.com
Team Members: Alexander Funk,  bremen online, af@bos-bremen.de
Andrea Caccia, Knowl. works / UNINFO, andrea.caccia@studiocaccia.com
Andrea Röck, Cryptolog, andrea.rock@CRYPTOLOG.COM
Arne Tauber, Stiftung  / FTW, Arne.Tauber@iaik.tugraz.at
Arno Fiedler, Nimbus,  arno.fiedler@nimbus-berlin.com
Frank Leroy, Certinomis / CEN, franck.leroy@certinomis.fr
Ijaz Khan, GEMALTO, ijaz.khan@gemalto.com
Inigo Barreira, I3S / AENOR, inigo_barreira@hotmail.com
Jon Olnes, UniBridge / Norway auth,  jon.olnes@unibridge.no
Juan Carlos Cruellas, DAC-UPC, cruellas@ac.upc.edu
Leonard Rosenthol, Adobe (voluntary),  lrosenth@adobe.com
Luigi Rizzo, InfoCert, luigi.rizzo@infocert.it
Moez Ben Mbarka, Cryptolog (voluntary), moez.benmbarka@cryptolog.com
Olivier Delos,  SEALED sprl, olivier.delos@sealed.be
Paloma LLaneza, LLaneza A+A / AENOR, pll@palomallaneza.com
Peter Lipp,  Stiftung / FTW, peter.lipp@iaik.tugraz.at
Stefan Santesson, 3xA Security AB, stefan@aaa-sec.com
Sylvie Lacroix,  SEALED sprl, sylvie.lacroix@sealed.be

What we do:

The STF-458 is one of the three STFs (the other two are STF-457 and STF-459) under Phase 2 of EU Mandate/460 on standards for electronic signatures in support of EU Directive 1999/93 and potential  EU regulations which may replace the Directive .

This STF covers two areas for standardisation in support of electronic signatures:

Area 1: Signature creation and validation: This includes standards for procedures for signature creation and validation, advanced electronic signature formats (CAdES, XAdES, PAdES and ASiC), advanced electronic signatures in mobile environments, and signature policies.

Area 2: Trust Service Providers (TSP) supporting electronic signatures: This includes standards for policy requirements for TSP issuing certificates (qualified, general public key, TSL/SSL) TSP issuing time-stamps, certificate and time-stamp formats, and TSP conformity assessment.

For more details, see our Terms of Reference

Why we do it:

This activity will bring existing ETSI technical specifications up to date and issue them as European Norms to aid interoperability across Europe within in Global context and provide a basis for systems meeting the requirements of EU legislation.

How we do it:

The standards are to be developed out by members of the STF organised around the two areas.  The STF will consult with bodies representing stakeholders (e.g. FESA – Forum for European Supervisory Authorities for Electronic Signatures) as well as European projects and associations and international standards bodies.  Drafts of deliverable will be made available to all stakeholders for public review before submitting through the formal standardisation process.

Deliverables:

Below follows the list of deliverables to be produced by the STF-459, as per its Terms of Reference.

The deliverables of the STF in Area 1 are :

 

Deliverable

Title

EN 319 102 Title: Procedures for Signature Creation and Validation.
EN 319 122 Title: CMS Advanced Electronic Signature Formats (CAdES)
EN 319 132 Title: XML Advanced Electronic Signature Formats (XAdES)
EN 319 142 Title: PDF Advanced Electronic Signature Formats (PAdES)
EN 319 15 Title: Advanced Electronic Signatures in Mobile environments
EN 319 162 Title: Associated Signature Containers (ASiC)
EN 319 172 Title: Signature Policies

The deliverables of the STF in Area 2 are:

Deliverable

Title

EN 319 411-2
Annex
Policy and Security Requirements for Trust Service Providers Issuing Certificates; Part 2: Policy requirements for certification authorities issuing Qualified Certificates An annex will be added to EN 319 411-2 to provide a check list for conformity assessment
EN 319 411-3
Annex
Title: Policy and Security Requirements for Trust Service Providers Issuing Certificates; Part 3: Policy requirements for certification authorities issuing public key certificates. An annex will be added to EN 319 411-3 to provide a check list for conformity assessment
EN 319 411-4 Title: Policy and Security Requirements for Trust Service Providers Issuing Certificates; Part 4: Policy requirements for certification authorities issuing TLS/SSL Certificates
EN 319 411-5 Title: Policy and Security Requirements for Trust Service Providers Issuing Certificates; Part 5: Policy requirements for certification authorities issuing attribute Certificates
EN 319 421 Title: Policy and Security Requirements for Trust Service Providers providing Time-Stamping Services; Part 2: Policy Requirements for TSPs providing Time-Stamping Services
EN 319 412
Part 1-5
Title: Profiles for Trust Service Providers issuing Certificates
Part 1: Overview
Part 2: profile for certificates issued to natural persons
Part 3: Certificate profile for certificates issued to legal persons
Part 4: Profiles for SSL/TSL certificates issued to organisation (Baseline & EV) Part
5: Profile extension for qualified certificates
EN 319 422 Title: Profile for Trust Service Providers providing Time-Stamping Services
EN 319 403 General requirements and guidance for Conformity Assessment of Trust Service Providers Supporting Electronic Signatures
EN 319 413 Title: Conformity Assessment for Trust Service Providers Issuing Certificates
En 319 423 Title: Conformity Assessment for Trust Service Providers providing Time-Stamping Services

Time plan:

The STF will produce drafts for public consultation over the period September to November 2013 with progression to European Norms over the period 2014 to 2015 .

How to contact us:

Lead: Nick Pope   nick.pope@thales-esecurity.com

 

This information is based upon STF working assumptions.
The views expressed do not necessarily represent the position of ETSI in this context.

Last updated: 2013-04-16 14:57:46