extra_toc

Introduction

An electronic (digital) signature is essentially the equivalent of a hand-written signature, with data in the electronic form being attached to other electronic subject data (e.g. Invoice, Payment slip, Contract) as a means of authentication.

An electronic seal is technically similar to an electronic signature. It ensures the origin and integrity of data but is not recognised as equivalent to a handwritten signature. Is it more equivalent to a company stamp.

Both electronic (digital) signatures and electronic seals can be supported technically by digital signatures which are data appended to, or a cryptographic transformation of a data unit that allows a recipient of the data unit to prove its source and integrity.

With the Regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market, electronic signatures and electronic seals have legal effects.

Our Role & Activities

ETSI activity on digital signatures is coordinated by the technical committee Electronic Signatures and Trust Infrastructures (ESI). This is expanded to cover other trust services including trust services supporting electronic identities such as EU Digital Identity Wallet as being established under amendments current legislation for signatures and trust services.

ETSI TC ESI is the committee dealing with digital signatures (signature format, certificates), trust service providers and ancillary trust services (see Certification Authorities and other Trust Service Providers for more details).

Their activity covers signature creation and verification based on CAdES (CMS digital signatures), XAdES (XML digital Signatures), PAdES (PDF digital Signatures), and ASiC (Associated Signature Container). A further standard for JAdES (JSON Web Signatures) is under development. ETSI ESI also defines technical profiles and policy requirements for trust service providers for a range of services including services supporting signature (e.g. certification authorities, Timestamping authorities), remote signature creation or validation functions, registered e-delivery, Registered Emails (REM), and information preservation. ESI also recommends cryptographic suites for digital signatures. The committee’s work supports the eIDAS (electronic ID, authentication and signature) regulation as well as general requirements of the international community to provide confidence in electronic transactions. Work accordingly commenced on three most urgent activities: Attribute Attestation Profiles; Policy and Security Requirements for issuing Attribute Attestations; and EU Digital ID Wallet interfaces with trust service providers.

ETSI standards assure the confidence of parties relying on certificates or other services related to digital signatures with conformance assessment requirements for auditing schemes and a trust service status list (called Trusted List under the EU regulatory framework) to indicate the results of the audit and related supervision of the trust service provider. This provides information that will allow relying parties to know whether a given Trust Service Provider was operating under the approval through a recognized audit and supervisory scheme.

To prove interoperability of implementations and enhance standards robustness, ETSI is running regular CAdES/XAdES/PAdES PlugtestsTM events. ETSI also organizes Plugtests events on signature validation.

Latest ESI activities on the ETSI Member Portal.

Standards

A full list of related standards in the public domain is accessible via the ESI committee page.