ESI Activity Report 2016
Chairman: Riccardo Genghini, Studio Notarile Genghini, eWitness SA
Responsible for the standardisation of electronic signatures and related trust infrastructures
2016 was a busy year for ETSI’s Electronic Signatures and Infrastructures committee (TC ESI) with the publication of 38 new documents and 14 revisions.
The committee completed its work in response to the European Commission (EC) mandate on Electronic Signature Standardisation, M/460. This mandate aimed to achieve mutual recognition and the cross-border interoperability of electronic signatures throughout Europe, by providing a Rationalised Framework for electronic signature standardisation. All the outstanding specifications required were published in 2016 – 15 new documents and four revised versions of existing European Standards (ENs), dealing with Trust Service Providers (TSPs), electronic signatures, electronic seals and electronic time-stamps.
These ENs include a series of six new standards and four revised ENs on security and policy requirements which will be used by conformity assessment bodies to audit TSPs and assess their conformity with relevant requirements of the ‘eIDAS Regulation’ on electronic identification and trust services for electronic transactions in the internal market. These standards also form an audit scheme recognised by the CA/Browser Forum for certification authorities issuing certificates for website authentication.
The majority of the standards, however, relate to the creation and validation of digital signatures to support electronic signatures, advanced electronic signatures, qualified electronic signatures, electronic seals, advanced electronic seals and qualified electronic seals. The well-known signature formats, CAdES, XAdES, PAdES and the signature container format ASiC, have now become ENs.
TC ESI also updated its Technical Report (TR) which describes the general structure for the standardisation of digital signatures and outlines existing and potential standards for such signatures. This will facilitate the implementation and use of products and services based on digital signatures and will provide mutual recognition and cross-border interoperability.
The output for M/460 also includes guidance documents and test specifications for interoperability and conformance testing, with thirteen new Technical Specifications (TSs) on testing and three revised TSs on conformance and interoperability testing.
To ensure the alignment of standards and avoid overlapping work, TC ESI co-operated with the European Committee for Standardisation (CEN) in this work.
During the course of its work, TC ESI harmonised its ENs and specifications with the eIDAS Regulation, which entered fully into force in July 2016. At the same time, the committee took the opportunity to widen the potential impact of its standards and specifications globally by revising the terminology used and emphasising the distinction in their content between industry best practices and the regulatory requirements of the European eIDAS Regulation.
Other work in 2016 included a preliminary study into long term preservation. Work progressed well and publication was expected early in 2017.
A new ETSI Specialist Task Force (STF 523) was set up in October to work on ENs on Electronic Registered Delivery Services and Registered EMail (REM) services. This work will define policy and security requirements fitting within the EU scheme for the supervision of eDelivery services, and will specify the technical architecture, semantic contents, formats and protocol bindings. Other work initiated in 2016 included revisions and quick fixes for existing REM specifications.
In 2016, ETSI’s Centre for Testing and Interoperability (CTI), in co-operation with the EC, organised two remote Plugtests™ interoperability events for digital signatures. The first event, on eSignature validation, was held in April and May and was designed to test both the interoperability of digital signatures and Member States’ ability to process documents signed with XAdES, PAdES, CAdES and ASiC. The second event, lasting a month in November/December, focused on interoperability tests on ASiC signatures.
A second STF (524) was set up in November to develop three specifications related to signature validation reports and TSPs providing AdES digital signature validation services.
TC ESI made good progress with enhancements to the CAdES and XAdES signature formats to support the Evidence Record (ERS and XMLERS). Publication of a new TS on mechanisms for the incorporation of ERS in CAdES was expected early in 2017.
The committee produced an early draft of a new TS on a signature validation policy for European qualified electronic signatures/seals using trusted lists; the TS was expected to be completed by mid-2017.
TC ESI began updating its TS on cryptographic suites, and a new version of the TR which provides guidance on the use of standards for these suites was published in March.
A new TS on PAdES document time-stamp digital signatures was published in December which specifies a type of PDF digital signature using a document time-stamp to prove the integrity and existence of a PDF document.
Future work was expected to address TSPs for remote signature creation for AdES digital signatures in distributed environments. Other planned activities will address global acceptance of EU Trust Services and Signature Policy Formats.
In 2016, TC ESI continued to collaborate with the Japan Network Security Association (JNSA) to improve harmonisation between International Organization for Standardization (ISO) standards on electronic signatures and ETSI’s specifications. This co-operation will help avoid the duplication of standardisation effort and is recognition of the global impact of TC ESI’s work.
Collaboration also continued with the CA/Browser Forum on certification authorities issuing public key certificates, and discussions were ongoing with the European Network and Information Security Agency (ENISA) about developing collaboration to maintain the ETSI specification on cryptographic suites.
Throughout 2016 ETSI continued to participate as a partner in the Electronic Simple European Networked Services (e-SENS) consortium, a Large Scale Pilot project co-funded by the European Union. The project’s goal is to make cross-border government services a reality to support the mobility of citizens and businesses. The project consolidates the output of the existing Large Scale Pilot projects, focusing on eIdentity, eDocuments, eDelivery, semantics and eSignatures. TC ESI disseminated ETSI’s existing and draft specifications to the project partners to raise awareness of standardisation processes, to identify standardisation needs and to facilitate contributions from the project to ETSI’s standardisation activities.