ESI * ESI Activities

Electronic Signatures and Infrastructures Activities

July 2018 News

TC ESI is responsible for Electronic Signatures and Infrastructures standardization within ETSI.

What follows is the latest news on ESI activities.

 


ESI works in collaboration will CEN TC 224 to provide standards for digital signatures.

A stakeholders' mailing list has been set up to provide regular news and updates on the progress of the execution of the mandate: Subscribe to the E-SIGNATURES_NEWS mailing list

Most draft deliverables are openly available (Draft deliverables) with specific periods for public review notified on the E-SIGNATURES_NEWS mailing list.

These deliverables aim at supporting Regulation (EU) No 910/2014 as well as supporting the general requirements of the international community to provide trust and confidence in electronic transactions.

Introductory documents

TR 119 000 v1.2.1 "The framework for standardization of signatures: overview" 
This TR is the enry point for the standards related to digital signatures. It describes the general structure for digital signature standardization and outlining existing and potential standards for such signatures.

TR 119 001 v1.2.1 on Definitions and abbreviations

Trust Service Providers Supporting Digital Signatures

More information on Certification Authorities (CAs) and other Trust Service Providers (TSPs) can be found on the TSP page.

  • TR 119 400 v1.1.1 on Guidance on the use of standards for trust service providers supporting digital signatures and related services 
  • EN 319 403 v2.2.2: Requirements for conformity assessment bodies assessing Trust Service Providers 
  • New (July 2018) TS 119 403-2: Trust Service Provider Conformity Assessment;Part 2: Additional requirements for Conformity Assessment Bodies auditing Trust Service Providers that issue Publicly-Trusted Certificates 

    ongoing work TS 119 403-3: Requirements for Conformity Assessment Bodies assessing QTSP against eIDAS
  • New (April 2018) EN 319 401 v2.2.1 General Policy Requirements for Trust Service Providers 
  • x19 411 Policy and security requirements for Trust Service Providers issuing certificates
    • New (April 2018) EN 319 411-1 v1.2.2: General requirements 
    • New (April 2018) EN 319 411-2 v2.2.2: Requirements for trust service providers issuing EU qualified certificates
    • New (May 2018) TR 119 411-4 v1.1.1: Checklist supporting audit of TSP against ETSI EN 319 411-1 or ETSI EN 319 411-2
  • EN 319 421 v1.1.1: Policy and Security Requirements for Trust Service Providers issuing Electronic Time-Stamps
  • EN 319 412 Certificate Profiles
  • EN 319 422 v1.1.1 Time-stamping protocol and electronic time-stamp profiles

Ongoing work on validation services with specification of a validation report, policy requirements for TSPs providing Signature validation services and protocol for signature validation services.  

  • TS 119 102-2 v0.1.2     Signature Validation Report
    TS 119 441 v0.0.4        Policy requirements for TSP providing signature validation services
    TS 119 442 v0.0.5        Protocol profiles for trust service providers providing AdES digital signature validation services

Work ongoing until end 2018: policy requirements for TSPs providing remote signature components and protocols for remote digital signature creation. 

Payment Services Directive (PSD2):

TS 119 495 v1.1.1 defining Qualified Certificate Profiles and TSP Policy Requirements for Payment Services under the payment services Directive (EU) 2015/2366 (called PSD2) was published in May 2018. As well, ETSI and Open Banking Europe organized a workshop "eIDAS meets PSD2" on 20 March 2018, an event on securing access to financial services with qualified certificates gathering 100 participants.

Signature Creation and Validation

TR 119 100 v1.1.1 on Guidance on the use of standards for signatures creation and validation

TS 119 101 v1.1.1 on Policy and security requirements for applications for signature creation and signature validation

Technical requirements

  • EN 319 102-1 v1.1.1 Procedures for Creation and Validation of AdES Digital Signatures; Part 1: Creation and Validation
  • TS 119 172-1 Signature policies; Part 1: Building blocks and table of contents for human readable signature policy documents

Test specifications

  • TR 119 124-1 v1.1.1: CAdES digital signatures Testing; Part 1: Overview
  • TS 119 124-2 v1.1.1: CAdES digital signatures Testing; Part 2: Test suites for testing interoperability of CAdES baseline signatures
  • TS 119 124-3 v1.1.1: CAdES digital signatures Testing; Part 3: Test suites for testing interoperability of extended CAdES signatures
  • TS 119 124-4 v1.1.1: CAdES digital signatures Testing; Part 4: Testing conformance of CAdES baseline signatures
  • TS 119 124-5 v1.1.1: CAdES digital signatures Testing; Part 5: Testing conformance of extended CAdES signatures
  • TR 119 134-1 v1.1.1: XAdES digital signatures Testing; Part 1: Overview
  • TS 119 134-2 v1.1.1: XAdES digital signatures Testing; Part 2: Test suites for testing interoperability of XAdES baseline signatures
  • TS 119 134-3 v1.1.1: XAdES digital signatures Testing; Part 3: Test suites for testing interoperability of extended XAdES signatures
  • TS 119 134-4 v1.1.1: XAdES digital signatures Testing; Part 4: Testing Conformance of XAdES baseline signatures
  • TS 119 134-5 v2.1.1: XAdES digital signatures Testing; Part 5: Testing Conformance of extended XAdES signatures
  • TR 119 144-1 v1.1.1: PAdES digital signatures Testing; Part 1: Overview
  • TS 119 144-2 v2.1.1: PAdES digital signatures Testing; Part 2: Test suites for testing interoperability of PAdES baseline signatures 
  • TS 119 144-3 v1.1.1: PAdES digital signatures Testing; Part 3: Test suites for testing interoperability of additional PAdES signatures
  • TS 119 144-4 v1.1.1: PAdES digital signatures Testing; Part 4: Testing Conformance of PAdES baseline signatures
  • TS 119 144-5 v1.1.1: PAdES digital signatures Testing; Part 5: Testing Conformance of additional PAdES signatures
  • TR 119 164-1 v1.1.1: ASiC containers Testing; Part 1: Overview
  • TS 119 164-2 v2.1.1: ASiC containers Testing; Part 2: Test suites for testing interoperability of ASiC baseline containers
  • TS 119 164-3 v1.1.1: ASiC containers Testing; Part 3: Test suites for testing interoperability of ASiC containers other than baseline
  • TS 119 164-4 v1.1.1: ASiC containers Testing; Part 4: Testing Conformance of ASiC baseline containers
  • TS 119 164-5 v1.1.1: ASiC containers Testing; Part 5: Testing Conformance of additional ASiC containers

Tools implementing the above conformance test specifications have been developed and are accessible as Signatures conformance checkers.

Signature creation and other related devices 

This area is under the responsibility of CEN TC 224

CEN/TC 224/WG 16 -  Application Interface for smart cards used as Secure Signature Creation Devices 

CEN/TC 224/WG 17 -  Protection Profiles in the context of SSCD 

Cryptographic Suites

TR 119 300 v1.2.1 Business guidance on cryptographic suites
TS 119 312 v1.2.1 Cryptographic Suites 

Trust Application Service Providers

Preservation

SR 019510  Scoping study and framework for standardization of long-term data preservation services, including preservation of/with digital signatures

Ongoing work on:

  • TS 119 511 Policy & security requirements for trust service providers providing long-term preservation of digital signatures or unsigned data using signature techniques
  • TS 119 512 Protocols for trust service providers providing long-term preservation of digital signatures or unsigned data using signature techniques

eDelivery

Ongoing work on Electronic Registered Delivery and Registered Electronic Mail, specifying the services, the policy requirements and test specifications. Final drafts of 319 521, 319 531, 319 522 and 319 532 are under EN Approval Procedure until 23 August 2018. All final drafts are publicly available on the following page.

draft EN 319 521     Policy and Security Requirements for Electronic Registered Delivery Service Providers
draft EN 319 531     Policy and Security Requirements for Electronic Registered Electronic Mail Service Providers

EN 319 522    Electronic Registered Delivery Services
   draft Part 1: Framework and Architecture
   draft Part 2: Semantic Contents
   draft Part 3: Formats
   draft Part 4: Bindings
           draft Sub-part 1: message delivery binding
           draft Sub-part 2: evidence and identification binding
           draft Sub-part 3: capability/requirements binding

draft EN 319 532    Registered Electronic Mail (REM) Services
   draft Part 1: Framework and Architecture
   draft Part 2: Semantic Contents
   draft Part 3: Formats
   draft Part 4: Interoperability profiles

Trust Service Status Lists Providers

TR 119 600 v1.2.1 Business guidance for trust service status lists providers

TS 119 612 v2.2.1 Trusted Lists. 

New work on TS 119 615 on Use of information within a trusted list 

TS 119 614-1 v1.1.1 Specifications for testing conformance of XML representation of Trusted Lists  

PlugtestsTM and signatures conformance checkers

A remote Plugtests event on signature validation was held from 6 April to 2 June 2016. 98 companies have participated gathering 193 people.

ETSI ran a XAdES Plugtests from 1st October until 23 November 2015 with 63 participating organizations.

In May 2015, a PAdES remote Plugtests™ was held. More than 100 participants from 62 organizations from all over the world took part and included government bodies, public entities and enterprises involved in trust services. See news release.

From 11 June until 24 July 2015, ETSI CTI organised a remote Plugtests™ interoperability event for CAdES digital signatures

Signatures conformance checkers: ETSI Centre for Testing and Interoperability (CTI) provides a free online tool that performs numerous checks in order to verify the conformance of the ETSI AdES Digital Signatures (CAdES, XAdES, PAdES, and ASiC).

ETSI Workshops

eIDAS meets PSD2 workshop, 20 March 2018

As part of the ETSI Security Week 2018, ETSI organized a workshop on Remote Signature Creation Services by TSP: Protocols and Audit Requirements on 13 June 2018

ETSI organized a workshop on eSignature and eSeal Validation on 10 January 2018, Sophia-Antipolis, France

 

For additional information, please contact esisupport@etsi.org

Background information on the principles of the ESI work, when the work was started, can be found in the "ESI Mission Statement".

Useful links: