eessi european electronic signature standardisation initiative implementing electronic signatures...
TRANSCRIPT
EESSIEuropean Electronic Signature
Standardisation Initiative Implementing Electronic
Signatures Overview - Nov. 2000
Nov. 2000 EESSI Overview
EESSI Charter Electronic Signature Directive is providing a
common EU framework for electronic signatures
Industry, with the assistance of European Standards Bodies, to provide an agreed framework for an open, market-oriented implementation of the Directive
EESSI put in place to co-ordinate this task
Nov. 2000 EESSI Overview
EESSI Objectives
Analyse needs for standards in support of minimum essential legal requirements as stated by the Directive
Assess available standards and current initiatives at national, European and international levels
Set up and implement a Programme of Work, built on international co-operation
Nov. 2000 EESSI Overview
Classes of Electronic Signatures
Classes ofsignature:
Generalelectronicsignature asrequired in 5.2
Qualified electronicsignature - as specifiedin 5.1 (Annex I, II, III)
Enhanced electronicsignature (applicable toboth general andqualified electronicsignatures)
Level of legalcertainty:
Can not be deniedlegal effect (art5.2)
Same legal effect ashand-written signature(art 5.1)
Enhancement oftechnical evidence
Explanation: Any electronicsignature that isnot a qualifiedelectronicsignature.
Minimum technical levelrequired for the signerso that his electronicsignature can beconsidered as legallyequivalent with a hand-written signature.
Additional technicalrequirements for averifier, such as time-stamping, but also forthe signer, to enhancetechnical security andobtain protection againstcertain threats.
Nov. 2000 EESSI Overview
EESSI Timetable
DEC.’98
EESSILaunch
JUNE ‘99
Draft Reportfor
Consultation
JULY ‘99
2nd Open ConsultationMeeting:
Report Presentation1st July
ICTSBRecommendations
Endorsement
FEB. ‘99
1st Open ConsultationMeeting:
Market Assessment24 February
OCT ‘99
DesignReview
CEN ISSS E-SignKick-off Meeting
NOV/DEC ‘99
ETSI SECKick-Off Meeting
MAR’00
ImplementationReview 1
MAY’00
Open SeminarEESSI &
National InitiativesParis
11-12 May
JUN’00
ImplementationReview 2
SEP’00
EESSI InternationalSeminar
Barcelona26 Sept.
Open ConsultationMeeting:
Presentationof EESSI Deliverables
DEC’00
Nov. 2000 EESSI Overview
EESSI Organisation Steering Committee
Standard Bodies and Consensus Bodies involved in standardisation: CEN, ETSI, ISO, ECBS, EEMA, EURESCOM
Market Players: ACE/Telefonica, Belgacom, BT, Bull, Globalsign, iD2/Sonera, Telia, Utimaco
Public Authorities and Consumers Rep’s: BSI (D), PRC (FIN), AIPA (I), DSTI (F), ECP.NL (NL), ANEC
Commission as observer: DG Enterprise, DG Information Society, DG Internal Market
Open WGs with assistance of CEN/ISSS and ETSI TC Security
Nov. 2000 EESSI Overview
EESSI Mode of Operation
SC defining the Programme of WorkCEN and ETSI:
proposing programme split: WGs calling for experts and editorssetting up open meetings for consensus building calling for public comment (60 days) to reach TS
(Technical Specifications) managing reference deliverables
Nov. 2000 EESSI Overview
EESSI Commitment to International Co-operation
ETSI TC SEC, ISO/JTC1/SC27, IETF-PKIX, W3C, EURESCOM
EEMA/ECAF, ICC, ABA, ILPF UNCITRAL Model of Law, AGB European Projects: IST and ISIS programmes National activities in Germany (BSI, INDI), Nordic
Countries (SEIS, SAT, FDS), Italy (AIPA), Austria, Spain (FESTE), Netherlands (TTP.NL), UK (tScheme), ...
Nov. 2000 EESSI Overview
EESSI Programme Overview
Signature creation process and environment
Signature validation process and environment
Signature formatand syntax
Creationdevice
Qualified Certificate policy
Trustworthy system
Certification Service Provider
Subscriber/signer Relying party
Qualified certificate
Nov. 2000 EESSI Overview
Present Priorities Three short term Priorities
Policies rqmt’s for CSP’s issuing Qualified Certificates Trustworthy Systems SSCD
Avoid divergences in MS’s implementation Supervision Voluntary accreditation
The Next Step How to implement “5.2” ? How to launch active cooperation on “international aspects”?
Nov. 2000 EESSI Overview
“Qualified Electronic Signature”
Non-Public orExtended Policies
Public UsePublic Usewith SSCD
Electronic Signature Electronic Signature
+ Validation DataElectronic Signature
+Val Data +Time stamp
Lower Level Qualified Level Higher Level
Lower Level Qualified Level
EESSI Standard
Qualified Certificate Policy
Electronic SignatureFormat
Qualified Certificate Format
TimestampingProtocol
Security Reqt’sfor Trustworthy Systems
SSCD
Qualified Certificate Profile
Profile from IETF Timestamping Protocol
Option Within Standard
Nov. 2000 EESSI Overview
“Qualified Electronic Signature with long term Validity”
Non-Public orExtended Policies
Public UsePublic Usewith SSCD
Electronic Signature Electronic Signature
+ Validation DataElectronic Signature
+Val Data +Time stamp
Lower Level Qualified Level Higher Level
Lower Level Qualified Level
EESSI Standard
Qualified Certificate Policy
Electronic SignatureFormat
Qualified Certificate Format
TimestampingProtocol
Security Reqt’sfor Trustworthy Systems
SSCD
Qualified Certificate Profile
Profile from IETF Timestamping Protocol
Option Within Standard
Nov. 2000 EESSI Overview
“Electronic signatures using Qualified Certificates”
Non-Public orExtended Policies
Public UsePublic Usewith SSCD
Electronic Signature Electronic Signature
+ Validation DataElectronic Signature
+Val Data +Time stamp
Lower Level Qualified Level Higher Level
Lower Level Qualified Level
EESSI Standard
Qualified Certificate Policy
Electronic SignatureFormat
Qualified Certificate Format
TimestampingProtocol
Security Reqt’sfor Trustworthy Systems
SSCD
Qualified Certificate Profile
Profile from IETF Timestamp Protocol
Option Within Standard
Nov. 2000 EESSI Overview
Contributing to International Cooperation
EESSI organised an international seminar in Barcelona (Spain) 26 September 2000
Purpose of the seminar to share EESSI draft specifications to discuss how to achieve a more general model for
cross-border recognition of electronic signatures to agree on implementation principles: who and how
Nov. 2000 EESSI Overview
Contributing to International Cooperation
Representatives from: Identrus GTA ECOM from Japan Radicchio PKI Forum U.S. Federal PKI Steering Committee ISO/IEC JTC1 APEC WAP Forum W3C The Open Forum
Nov. 2000 EESSI Overview
Join us on the EESSI Home Page
http://www.ict.etsi.org/eessi/EESSI-homepage.htm