Content

ETSI supports EC regulations for secure electronic signatures

2011-01-11

ETSI's test activities in the area of Electronic Signatures have resulted in a newly-published European Commission Decision and the creation of on-line test facilities that will enable Member States to confirm compliance with European regulations, thus facilitating cross-border transactions. 

ETSI Headquarters, Sophia Antipolis, France – 1 December 2010

A new European Commission (EC) Decision comes into effect today which is intended to help the European Member States meet their obligations for ensuring secure electronic signatures in accordance with the EC Directive 1999/93/EC, the Community framework for electronic signatures. The new Decision (2010/425/EU) amends an existing one concerning "the establishment, maintenance and publication of trusted lists of certification service provides supervised/accredited by Member States."  In practice this means ensuring effective and secure electronic signatures within Member States and across borders.

The new Directive is a result of tests carried out by the European Telecommunications Standards Institute (ETSI), designed to allow Member States to check the conformity of their "trusted lists" with the specifications referenced in the earlier Decision. Those tests took place at the end of 2009, with ETSI and the EC working together to set up and conduct interoperability tests on the Trust-service Status List (TSL) signatures. These enabled EU Member States to check the interoperability of their TSL implementations using a portal infrastructure provided by ETSI's Centre for Testing and Interoperability (CTI). This portal proposed different test cases and tools for conformance and interoperability testing, and also on-line Public Key Infrastructure (PKI)-related services. Using this facility, each Member State was able to check that their published TSL conformed to the relevant specification, and also to verify that the different Member States were able to validate signatures by using each other’s TSL lists in cross-border use.

The ETSI TSL Interoperability event revealed that some technical changes were needed in the technical specifications cited in the earlier Decision (2009/767/EC). Today's amendment makes the necessary changes to the earlier document.

ETSI and the EC will continue to maintain a "TSL Conformance Checker" on the portal which will allow Member States to modify their Trusted Lists to make them compliant with the amended Decision and to check their conformity to the new Trusted List Technical Specifications.

The reference for Electronic Signature testing

ETSI's testing experience and innovative approach has led to the Institute becoming the testing reference for Electronic Signatures. A series of ETSI Plugtests™ interoperability testing events focusing on Electronic Signatures has responded to growing demands – from just six companies for the first event in 2003 to 27 companies (from 18 countries) for the latest event, which spanned four weeks in October and November this year. The latest event was originally planned for two weeks but had to be extended because of demand. It was a combined event, providing testing for two Electronic Signature technologies, XAdES (XML Advanced Electronic Signatures) and CAdES (Cryptographic Message Syntax Advanced Electronic Signatures). Unlike most other ETSI Plugtests™ events, this one allowed remote participation and the portal was one of the principal means of facilitating this. The portal has been evolved to be adaptable to the various technologies, originally for XAdES, then CAdES, and now TSL.

ETSI believes that the combination of portal and remote Plugtests™ events has no equivalent anywhere in the world.

For general ETSI press enquiries:

 

 

Paul Reid

Events & Communications, ETSI

Tel: +33 4 92944219

Email: paul.reid@etsi.org