ESIGNATURE & ELECTRONIC TRUST SERVICES ......‐ Part 5: PP for Cryptographic module for TSP signing...
Transcript of ESIGNATURE & ELECTRONIC TRUST SERVICES ......‐ Part 5: PP for Cryptographic module for TSP signing...
ESIGNATURE & ELECTRONIC TRUST SERVICESESIGNATURE & ELECTRONIC TRUST SERVICES STANDARDISATION WORKSHOP – 3RD DECEMBER 2013
Work Progress for Phase 2 of m460 Mandate
© ETSI 2013. All rights reserved
Work Progress for Phase 2 of m460 Mandate
Presented by CEN & ETSI
Agenda
Introduction
Key points & new items in each Area0. Rationalised Framework
1. Signature creation and validation
2 Signature creation & other related devices2. Signature creation & other related devices
3. Cryptographic suites
4. TSPs supporting electronic signatures
5. Trust Application Service Providers
6. Trust service status list providers
Testing conformance & interoperability
Conclusions and next steps
© ETSI 2013. All rights reserved2
m460 scope & objectives
Easier implementation & use of eSignatures and related trust services by Business stakeholders
Objectives (focusing on cross‐border interoperability & usability)• Business practices oriented/driven standardsp /
• True international standards wanted (EN & even beyond)
• Covering all eSignature product/service categories
Policy & Security Requirements
Guidance
Technical Specifications
Conformity Assessment
Testing Conformance & Interoperability
• Improved guidance and implementation guidelines
• Improved promotion and marketing
• Improved maintenance
© ETSI 2013. All rights reserved3
• Full referencing by future Regulation / Secondary legislation
M/460 Phase 1 – Output summary
Objectives: Rationalised structure:Objectives:Inventory
Rationalised structure
G A l iTrust ApplicationService Providers5
TSPs supporting eSignature 4
Trust Service Status Lists Providers6
Gap Analysis
Work Programme
Quick fixes Signature Creation &Validation
1
Service Providers5eSignature 4
& Validation
Signature Creation & other related Devices
2Cryptographic
Suites3
0
C i b i ( 19 000 i )
Introductory deliverables0
Consistent numbering (x19 000 series):
DD L19 xxx-zFunctional Area & Sub‐Area
© ETSI 2013. All rights reserved4
Functional Area & Sub Area
Document typePolicy & Security Requirements
Guidance
Conformity Assessment
Testing Conformance & Interoperability
Technical Specifications
m460 Rationalised Framework
List of TSP services approved (supervised)6 approved (supervised) by National Bodies (e.g. Trusted lists)
TSP issuing certificates
hi T t A li tiTSP ti
Trust Service Status Lists Providers6
eDelivery / Reged email
Long term preservation
Time Stamping Authies
Signing Services
Validation Services
Trust ApplicationService Providers5
TSPs supporting eSignature 4
XAdES
CAdES
PAdES
AdES in mobile envmt
Rules & procedures
Formats
Signature creation / lid ti li ti
Signature Creation & V lid ti
1
AdES in mobile envmt
ASiC (containers)validation application protection profiles
CC Protection Profiles Key generation
& Validation
Signature C t hiSmart Cards
HSM’s
Signing Services
y g
Hash functions
Signature algorithsm
Parameters, …
Signature Creation & other related Devices
2Cryptographic
Suites3
0
© ETSI 2013. All rights reserved5
Introductory deliverables0
Area 0 ‐ Rationalized Framework(introductory deliverables)(introductory deliverables)
© ETSI 2013. All rights reserved6
Framework documents
Phase 1 resulted in Rationalized Framework (SR 001 604)
Phase 2 work in progressp g• Updating Rationalised framework document (TR 119 000)
• Study on Extended Rationalised structure incl. identification & authentication (TR 419 010)
• Study on Rationalised Framework of Stds for AdES in Mobile environments (SR 019 020)y ( )
• Guidelines for SMEs & citizens (TR 419 030 & TR 419 040)
• Document centralising definitions and abbreviations (TR 119 001)
Rationalised structure for Electronic Signature Standardisation Sub‐areas
GuidanceTR 1 19 0 0 0 Rationalised structure for Electronic Signature StandardisationTR 4 19 0 1 0 Rationalised structure for Electronic Signature Standardisation:
Extended Rationalised structure including IASSR 0 19 0 2 0 Rationalised structure for Electronic Signature Standardisation:
Rationalised Framework of Standards for AdES in Mobile environmentsTR 4 19 0 3 0 Rationalised structure for Electronic Signature Standardisation:
Best practices for SMEsTR 4 19 0 4 0 Rationalised structure for Electronic Signature Standardisation:
Quite all the documents in this area are new!
© ETSI 2013. All rights reserved7
Guidelines for citizensPolicies
TR 1 19 0 0 1 Rationalised Framework for Electronic Signature Standardisation: Definitions and abbreviations
About extending the Framework
Rationalized Framework to be extended to authentication and identification• TR 419 010
• Authentication and identification are central of the proposal for the replacement ofthe proposal for the replacement of 1999/93/EC: eIDAS regulation
• Driven by authentication assurance levels (ISO, NIST STORK)NIST, STORK)
8 © ETSI 2013. All rights reserved
About extending the Framework
Rationalized Framework to be extended to mobile environment• SR 019 020
• “Mobile” (mobility driven) device is everywhere and is a perfect vector for IAS deploymentand is a perfect vector for IAS deployment
• The document describes • Scenarios for local signing and remote signing
• Life cycle management
• List of standardization requirements
• Further standardization workFurther standardization work
• The document is to be consistent with CEN work
• Included support for other distributed
9 © ETSI 2013. All rights reserved
environments
About guidelines
Contribute to improve business practices orientation
and implementation guidance for each of the e‐
signature standardization area of the framework
O id li f SME ( )One guidelines for SMEs (TR 419 030)
One guidelines for citizens (TR 419 040)
A business driven implementation guidance perA business driven implementation guidance per area (TR 119 x00 series)
Business Requirements Analysis dRi kA tand Risk Assessment
Business Modeling
Policy and Security RequirementsManagementRequirements Management
Scoping business driven parameters for implementation
Iterativeprocess
10 © ETSI 2013. All rights reserved
Specifying technical mechanisms and standards
Area 1 – Signature creation and validation
© ETSI 2013. All rights reserved11
Signature Creation & Validation
Phase 1 Quick fixes
Phase 2 work in progress• Business driven guidance for implementation (new – TR 119 100)
• Policy requirements for Sig Creation / Validation Applications (new TS 119 101)• Policy requirements for Sig. Creation / Validation Applications (new – TS 119 101)
• Protection Profiles for Sig. Creation / Validation Applications (new – EN 419 111)
• Signature formats (core + baseline) to EN’s
• revisions
• Signature Creation / Validation procedures
• New ‐ EN 319 102
• Signature Policies
• New/reviewed – TS 119 172
• Conformity Assessment for SCA / SVAConformity Assessment for SCA / SVA
• New – EN 419 103
• Testing Conformance & Interoperability
• Signature formats TS 119 1x4
© ETSI 2013. All rights reserved12
• Signature formats – TS 119 1x4
• Signature Policies – TS 119 174
Technical Specificationson Signature Policyon Signature Policy
EN 319 172-1. Signature Policy
Signature Policy • Signature Policy concept.• Main components of a Signature Policy.
EN 319 172-2. XML Format
a co po e ts o a S g atu e o cy.• Methodology for designing a Signature Policy
(close to ETSI TR 119 100).• Normalized structure for a Signature Policy.
EN 319 172-3. ASN.1 Formatg y
• Human being consumption format
Structured formats forStructured formats for computer consumption.
Implementers Signature Policy
© ETSI 2013. All rights reserved13
issuers
Technical Specifications on Formats
CAdES
EN 319 122-1. Core Specification
EN 319 122-2. Baseline Profile
EN 319 132-1. Core Specification
XAdES
ImplementersEN 319 132-2. Baseline Profile
EN 319 142 1 F k
PAdESEN 319 142-1. Framework
EN 319 142 6 B li P fil
. . . . . .EN 319 142-5. Visual representation
EN 319 142-6. Baseline Profile
EN 319 162 1 Core Specification
ASiCTechnical approach:
Respect legacy (not disruptive)
© ETSI 2013. All rights reserved14
EN 319 162-1. Core Specification
EN 319 162-2. Baseline Profile react to stakeholders’ requests.
Technical Specification on Procedures for signature creation and validationfor signature creation and validation
EN 319 102: Procedures for signature Creation and Validation Implementers (signer)
Procedures for signature creation
Procedures for signature validation
AdES signatures lifecycle
Sign request
Implementers (verifier)
Sign response
Implementers (verifier)
Signing/Validation Services Providers
Validate request
✔V lid t
© ETSI 2013. All rights reserved15
✔Validate response.
Conformity Assessment of SCA/SVA’s
ImplementersAuditorsEN 319 101:Policy Requirements forSignature Creation and Validation pAuditorsControl Objectives & Controls
Legal Driven Policy Reqs.
g
ISMS Reqs.
Si C ti RCAG Sig. Creation Reqs.
Development & coding Reqs.
General Reqs.
CAGEN 419 103
Signature Creation / Validation Applications
Protection ProfilesStandaloneSCA/SVA
Protection Profilesfor SCA/SVA’s
(EN 419 111)
Signature Policies Serverbased(TS 119 172)
Sig. Creation & Validation Procedures(EN 319 102)
basedSCA/SVA
Catalyzing toolkit
I t bilit
Signature Formats (EN 319 1x2)
X/C/PAdES & ASiC& b li
(EN 319 102) Interoperability test events and specifications
Conformance d
© ETSI 2013. All rights reserved16
core & baseline specs
Crypto Suites(TS 119 312)
test events and specifications
Area 2 – Signature creation and other related devices
© ETSI 2013. All rights reserved17
Sig. Creation & other related devices
Phase 1 resulted in a work plan including new topics and revision and maintenancePhase 1 resulted in a work plan including new topics and revision and maintenance of existing documents• Protection Profiles for SSCD (Phase 1), EN 419 211
Signature creation and other related devicesSub‐areas
GuidanceTR 4 19 2 0 0 Business Driven Guidance for Signature Creation and Other Related Devices
Policy & Security RequirementsEN 4 19 2 1 1 Protection Profiles for Secure Signature Creation Device (SSCD)
‐ Part 1: Overview‐ Part 2: SSCD ‐ PP ‐ Device with Key Generation
Phase 2 work in progress• Business driven guidance
• Protection Profiles ‐ Part 3: SSCD ‐ PP ‐ Device with Key Import ‐ Part 4: SSCD ‐ PP ‐ Extension for Device with Key Generation and trusted communication with certificate generation application ‐ Part 5: SSCD ‐ PP ‐ Extension for Device with Key Generation and trusted communication with signature creation application ‐ Part 6: SSCD ‐ PP ‐ Extension for Device with Key Import and trusted communication with signature creation application
EN 4 19 2 2 1 Security requirements for trustworthy systems managing certificates for electronic signature ‐ Part 1: OverviewP t 2 PP f C t hi d l f CSP i i ti ith b k hi h it l l
• New (Time Stamping EN 419 231)
• Move to EN (PP crypto module EN 419 221 & 419 261, Security
‐ Part 2: PP for Cryptographic module for CSP signing operations with backup ‐ high security level ‐ Part 3: PP for Cryptographic module for CSP key generation services ‐ high security level ‐ Part 4: PP for Cryptographic module for CSP signing operations ‐ high security level ‐ Part 5: PP for Cryptographic module for TSP signing and authentication ‐ moderate security level
EN 4 19 2 3 1 Protection Profile for trustworthy systems supporting time‐stamping
EN 4 19 2 4 1 Trustworthy Systems supporting Server SigningEN 4 19 2 5 1 Security Requirements for Device for Authentication
‐ Part 1: Protection Profile for core functionality ‐ Part 2: Protection Profile for extension for trusted channel to certificate generation application
requirements for server signing EN 419 241)
• Evaluation & Certification (PP DAUTH EN 419 251) ‐ Part 3: Additional functionality for security targets
EN 4 19 2 6 1 Security Requirements for Trustworthy Systems Managing Certificates for Electronic SignaturesTechnical Specifications
EN 4 19 2 1 2 Application Interfaces for Secure Signature Creation Devices‐ Part 1: Introduction‐ Part 2: Basic services for electronic signatures‐ Part 3: Additional Services in the context of electronic signatures‐ Part 4: Context specific authentication protocols for SSCDs
Conformity Assessmentf f d h
EN 419 251)
• Application Interfaces for SSCDs EN 419 212
• Mobile device study (new)
© ETSI 2013. All rights reserved18
EN 4 19 2 0 3 Conformity Assessment of Secure Devices and Trustworthy systemsTesting Conformance & Interoperability
‐ ‐ ‐ ‐ ‐ no requirement identified
• Mobile device study (new)
• Conformity assessment EN 419 203 (New)
About Protection Profiles
New Time Stamping protection profile ‐ EN 419 231p g p p
Trustworthy systems supporting time‐stamping
Proposal for new HSM protection profile ‐ EN 419 221‐5 Part 5 Cryptographic Module for Trust ServicesPart 5 Cryptographic Module for Trust Services
Server signingServer signing security
i TS 419 241
Cryptographic Suites
Cryptographic Suites
requirements TS 419 241Phase 1: TS approved
(Sep. 2013)
Phase 2: Completion and
SCDev
SSA
SignerSCD
Components
Su tes Suites
Phase 2: Completion and publication as EN
Proposal for new server signing protection profile – EN
Policies
Certificates Database
419 241‐2&3Protection profiles for Trustworthy systems generating Qualified
Server OS
© ETSI 2013. All rights reserved19
generating Qualified Electronic Signature
About SSCD and smart card
Trustworthy systems ‐ EN 419 212Trustworthy systems EN 419 212New introduction part
Highlighting market requirements: mobile, ID‐cards and ID‐tokens, g g g q , ,contactless cards, digital money, server based signatures, driver's license, health cards, home banking
Highlighting new technologies: blind signatures pseudonymousHighlighting new technologies: blind signatures, pseudonymous signatures, derived credentials
:New structure reflecting the new EC Regulation eIDAS
A new part for device authentication
A new part for privacyA new part for privacy
© ETSI 2013. All rights reserved20
Other documents
Study for additional protection profiles or otherStudy for additional protection profiles or other form of security certification and security evaluation processes may be required, to
h h ff h l l l fensure that they offer the relevant level of security, for other types of devices such as, e.g.:• Mobile phones with hardware‐based securityMobile phones with hardware based security
(e.g. SE, TEE).
• HSM being recognised as an SSCD.
• SSCD used for mass signing operations (e.g. for signing a series of documents).
T b i t t ith WG16 d WG17 kTo be consistent with WG16 and WG17 work.
To be consistent with SR 019 020 “AdES in mobile environment”mobile environment .
21 © ETSI 2013. All rights reserved
Area 3 – Cryptographic suites
© ETSI 2013. All rights reserved22
Cryptographic suites
Cryptographic SuitesbPhase 1 resulted in updating
TS 102 176‐1
Sub‐areasGuidance
TR 1 19 3 0 0 Business Driven Guidance for Cryptographic SuitesTechnical Specifications
TS 1 19 3 1 2 Cryptographic Suites for Secure Electronic SignaturesT i C f & I bili
Phase 2 work in progress• Updating “Cryptographic suites” document (TS 119 312)
• Maintenance to be ensured by ETSI for next 3‐4 years
Testing Conformance & Interoperability‐ ‐ ‐ ‐ ‐ no requirement identified
Maintenance to be ensured by ETSI for next 3‐4 years
• Reference Table for signature suites (TS 119 312 – Sep. 2013)
© ETSI 2013. All rights reserved23
• Business driven guidance (TR 119 300)
Area 4 – TSPs supporting electronic signatures
© ETSI 2013. All rights reserved24
TSPs supporting electronic signatures
Main activitiesTSPs Supporting Electronic Signatures and related services
Sub‐areasGuidance
TR 1 19 4 0 0 Business Driven Guidance for TSPs Supporting Electronic Signatures
Business Guidance (TR 119 400)
TSP Conformity Assessment
Policy & Security RequirementsEN 3 19 4 0 1 General Policy Requirements for TSPs Supporting Electronic SignaturesEN 3 19 4 1 1 Policy & Security Requirements for TSPs Issuing Certificates
EN 3 19 4 2 1 Policy & Security Requirements for TSPs providing Time‐Stamping Services
EN 3 19 4 3 1 Policy & Security Requirements for TSPs providing Signature Generation Services
EN 3 19 4 4 1 Policy & Security Requirements for TSPs providing Signature Validation Services
Technical SpecificationsEN 3 19 4 1 2 Profiles for TSPs issuing Certificates
EN 3 19 4 2 2 Profiles for TSPs providing Time‐Stamping servicesy• Draft EN 319 403
TSP Policy requirements
EN 3 19 4 3 2 Profiles for TSPs providing Signature Generation ServicesEN 3 19 4 4 2 Profiles for TSPs providing Signature Validation Services
Conformity AssessmentEN 3 19 4 0 3 Trust Service Provider Conformity Assessment ‐ Requirements for conformity assessment bodies assessing Trust
Service ProvidersEN 3 19 4 1 3 Conformity Assessment for TSPs Issuing Certificates
EN 3 19 4 2 3 Conformity Assessment for TSP providing time‐stamping services
EN 3 19 4 3 3 Conformity Assessment for TSPs providing Signature Generation ServicesEN 3 19 4 4 3 Conformity Assessment for TSPs providing Signature Validation Services
• Revised EN 319 401: General requ’t
• Revised EN 319 411‐2 & ‐3 Qualified and other public key certificates
d f b f
Testing Conformance & Interoperability‐ ‐ ‐ ‐ ‐ no requirement identified for such a document
• New draft EN 319 411‐1 Web site certificates
• New draft EN 319 411‐4 Attribute certificates
• New draft EN 319 421 Time‐stampingNew draft EN 319 421 Time stamping
Certificate and time‐stamp profiles• Draft EN 319 412‐1 to ‐5 Certificates (natural, legal, web, qualified)
© ETSI 2013. All rights reserved25
( , g , , q )
• Draft EN 319 422 Time‐stamping
Policy requirements document structuredocument structure
EN 319 401General Policy Requirements for TSPs
EN 319 411-1P li R t
EN 319 411-2P li R t
EN 319 411-3P li R t
EN 319 411-4P li R t
EN 319 421P li R tPolicy Reqmts
for CAs issuing website
certificates
Policy Reqmtsfor CAs issuing
qualified certificates
Policy Reqmtsfor CAs issuing
public key certificates
Policy Reqmtsfor CAs issuing
attribute certificates
Policy Reqmtsfor TSPs
providing time-stamping
…
CAB Forum
p gservices
(qualified & non-qualified)
Web cert Guide
© ETSI 2013. All rights reserved26
TSP Conformity Assessment Model: Regulatory AdoptionRegulatory Adoption
© ETSI 2013. All rights reserved27
TSP Conformity Assessment Model: Non‐Regulatory AdoptionNon Regulatory Adoption
TrustedLists
© ETSI 2013. All rights reserved28
Key points
Global Adoption of TSP standards: Already used in majority of EU, North Africa, Japan CA Browser Forum etcJapan, CA Browser Forum, etc.
TSP Conformity Assessment (Audit)aligned with existing schemes• Aligned with standards (ISO 17065, 17021, 27006)
Fit i i ti EU id l ti (765/2008)• Fits in existing EU wide regulations (765/2008)
TSP Security requirements likely to need regular updates taking into account incident reports
29 © ETSI 2013. All rights reserved
Area 5 – Trust Application Service Providers
© ETSI 2013. All rights reserved30
Trust Application Service Providers
i i i iTrust Application Service Providers
Sub‐areasGuidance
Main activities
• Business Guidance (TR 119 500)
TR 1 19 5 0 0 Business Driven Guidance for Trust Application Service ProvidersSR 0 19 5 3 0 Study on standardisation requirements for e‐Delivery services applying e‐Signatures
Policy & Security RequirementsEN 3 19 5 1 1 Policy & Security Requirements for Registered Electronic Mail (REM) Service ProvidersEN 3 19 5 2 1 Policy & Security Requirements for Data Preservation Service Providers (DPSPs)
Technical SpecificationsEN 3 19 5 1 2 Registered Electronic Mail (REM) ServicesEN 3 19 5 2 2 Data Preservation Services through signing
Conformity AssessmentEN 3 19 5 1 3 Conformity Assessment for REM Service ProvidersEN 3 19 5 2 3 Conformity Assessment of Data Preservation Service Providers
• Study on e‐Delivery standardisationneeds (SR 019 530)
Testing Conformance & InteroperabilityTS 1 19 5 0 4 General requirements for Testing Conformance & Interoperability of TASPsTS 1 19 5 1 4 Testing Conformance & Interoperability of REM Service Providers
• Addressing e‐Delivery services as defined in Regulation proposal
• Identify standards required to be Electronic Deliver abstract model
SR 019 530: Rationalised Frameworkof Standards for Electronic Delivery
Identify standards required to be produced
• Define scope and purported contents
Analysis of standardisation statusfor e-Delivery components
Proposed Framework of Standards
• Raise recommendations Amended Framework of Standards for Registered e-Mail
Proposal for e-Delivery standardisation activities
© ETSI 2013. All rights reserved31
sta da d sat o act t es
DraftedBeing drafted
Area 6 – Trust Service Status Lists Service Providers
© ETSI 2013. All rights reserved32
TSLs & Trusted Lists
Phase 2 work in progressp g
• Business driven guidance (TR 119 600)
• Testing conformance & interoperability (TS 119 614)g p y ( )
Trusted Lists (TS 119 612)
V1 1 1 bli h d J 2013• V1.1.1 published June 2013
• Referenced by CD 2009/767/EC (amended 14/10/2013)
• Allow non‐EU countries and International organisations to set‐up TL’s in order to facilitate (mutual) recognition of “approved” trust services
• Tools available:
• TLManager (EC – Joinup)Trust Service Status Lists Providers
Sub‐areasTLManager (EC Joinup)
• TL Conformance Tester (ETSI)Guidance
TR 1 19 6 0 0 Business Driven Guidance for Trust Service Status Lists ProvidersPolicy & Security Requirements
EN 3 19 6 0 1 General Policy & Security Requirements for Trust Service Status Lists Providers (TSSLPs)EN 3 19 6 1 1 Policy & Security Requirements for Trusted Lists Providers
Technical SpecificationsTS 1 19 6 0 2 Trust Service Status Lists FormatTS 1 19 6 1 2 Trusted Lists
© ETSI 2013. All rights reserved33
Conformity AssessmentEN 3 19 6 0 3 General requirements and guidance for Conformity Assessment of TSSLPsEN 3 19 6 1 3 Conformity Assessment of Trusted List Providers
Testing Conformance & InteroperabilityTS 1 19 6 0 4 General requirements for Testing Conformance & Interoperability of TSSLPsTS 1 19 6 1 4 Testing Conformance & Interoperability of Trusted Lists
Testing Conformance & Interoperability
© ETSI 2013. All rights reserved34
Testing Conformance & Interoperability
Generate a Special Report detailing activities related to testing interoperability and conformity to be run during theand conformity to be run during the implementation and deployment of the Rationalised Framework of Electronic Signatures (RF henceforth).
Production of a set of Technical Specifications defining test suites for testing interoperability and conformity
i t t d d f th RFagainst core standards of the RF.
Design and implement a set of conformity testing toolstesting tools.
35 © ETSI 2013. All rights reserved
“Tools” within the Rationalised FrameworkFramework
TS 119 1X4 & 614 are the basis for creating a Toolbox for Testing
TS 119 1X4 & 119 614C f Interop test cases
creating a Toolbox for Testing
Requirements for testing conformanceConformance
CheckersInterop test cases
definitions
Test suites for testing interoperability
(C/X/P/)AdES, ASiC, TLs
Tools for testing conformance of signatures against (C/P/X)AdES, ASiC and EUMS TLs against EN 319 612
ANDTest suites for testing interoperability of applications generating,
upgrading and validating (C/P/X)AdES and ASiC
© ETSI 2013. All rights reserved36
ARE DEPLOYED IN AN ETSI PORTAL FOR SUPPORTING REMOTE INTEROP AND CONFORM.
CHECK EVENTS
Remote testing interoperability
ETSI Electronic Signatures Portal
<?xml version="1.0" encoding="utf-8"?><SignatureRequest>
Signatures Portal
Test suites for interoperability
1.Download material
… … … … … …<UnsignedAttributes>
<ArchiveTimeStampV3/></UnsignedAttributes>
interoperability
Scripts for ex- ✗Scripts for ex-Changing signatures and validation reportsAND
✗✗
✗
building interop. matrixes
4. Validate (& upgrade)
7. Validate
© ETSI 2013. All rights reserved37
Testing Conformance remotely
ETSI Electronic Test assertions
derived from
Signatures PortalETSI TS
Conf. Checkers
Scripts for l di iuploading signs.
And feeding conformance checkers Trace details of certain computations that
may help implementers to identify sources
of interop. Problems (like archive time‐stamps’ message imprints computations)
© ETSI 2013. All rights reserved
Full report on every test assertion evaluation result
Testing interoperability & conformancePlans.Plans.
Published Special Report SR 003 186 formalizing plans for:Organization, definition and conduction of test events in the next two and a half years.
Scheduling of Technical Specifications and the software tools production will mainly depend on the plans formalized for the testproduction will mainly depend on the plans formalized for the test events.
Schedule available fromSchedule available from • ETSI Publications Download Area:
http://pda.etsi.org/pda/queryform.asp
© ETSI 2013 All rights reserved39
Conclusions and next steps
© ETSI 2013. All rights reserved40
Conclusions & Challenges
Complete and Rationalised Framework for standards
• Addressing both security & interoperability
• Business oriented/driven
• Focused on cross‐border interoperabilityTrust ApplicationService Providers5
TSPs supporting eSignature 4
Trust Service Status Lists Providers6
• Focused on cross‐border interoperability
• Targeting easier implementation
• Mapped to legal requirements
Signature Creation & Validation
1
Signature Creation & other 2
Cryptographic Suites3
• Aligned with global standards and practices
… meeting stakeholders’ needs
related DevicesSuites
Introductory deliverables0
g• Growing adoption by the market
• Ready for referencing by eIDAS secondary legislation as reference standards
41 © ETSI 2013. All rights reserved
Website & Stakeholders mailing list
www.e‐signatures‐standards.euwww.e signatures standards.eu
Stakeholders mailing list:
42 © ETSI 2013. All rights reserved
• Subscription via above website
(via “Subscribe to the newsletter”).
Useful links
e‐Signature Standards Portal: http://www.e‐signatures‐standards.eu
STF web pages• STF 457: http://portal.etsi.org/STFs/STF_HomePages/STF457/STF457.asp
• STF 458: http://portal.etsi.org/STFs/STF_HomePages/STF458/STF458.asp
• STF 459: http://portal etsi org/STFs/STF HomePages/STF459/STF459 asp• STF 459: http://portal.etsi.org/STFs/STF_HomePages/STF459/STF459.asp
ETSI Publications Download Area: http://pda.etsi.org/pda/queryform.asp
ETSI Electronic Signatures Portal:http://xades‐portal.etsi.org/pub/index.shtmlhttp://xades portal.etsi.org/pub/index.shtml
Standardisation mandate m460 to CEN and ETSI on electronic signatureshttps://ec.europa.eu/digital‐agenda/en/news/standardisation‐aspects‐esignatures
Study on Cross‐Border Interoperability of eSignature (CROBIES) ‐ (2008‐2010): y p y g ( ) ( )
https://ec.europa.eu/digital‐agenda/en/news/crobies‐study‐cross‐border‐interoperability‐esignatures‐2010
European Commission page on EU Member States Trusted Lists: https://ec.europa.eu/digital‐agenda/en/eu‐trusted‐lists‐certification‐service‐providersp p g g p
Revision aspects of European electronic signature Directive 1999/93/EC & Draft proposal for a Regulation "on electronic identification and trusted services for electronic transactions in the internal market": https://ec.europa.eu/digital‐agenda/en/trust‐services
Studies on an electronic identification, authentication and signature policy (2011‐2012, 2013): http://iasproject.eu/home.html
© ETSI 2013. All rights reserved43