Digital Signature

Introduction

An electronic signature is essentially the equivalent of a hand-written signature, with data in electronic form being attached to other electronic subject data (Invoice, Payment slip, Contract, etc.) as a means of authentication.

An electronic seal ensures origin and integrity of data.

Both electronic signatures and electronic seals can be supported technically by digital signatures which are data appended to, or a cryptographic transformation of a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient.

With first the European Commission e-sign Directive (1999/93/EC) and now with the Regulation (EU) No 910/2014, electronic signatures and electronic seals have legal effect. Similar effect is provided by the June 2000, U.S. government E-sign bill.

On 28 November 2008 the European Commission adopted an 'Action Plan on e-signatures and e-identification to facilitate the provision of cross-border public services in the Single Market' (COM(2008) 798).

On 22nd December 2009, the European Commission issued a standardization mandate on electronic signatures (M/460) for the definition of a rationalized standardization framework.

In 2014, the Regulation No 910/2104, called eIDAS Regulation, on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC was adopted.

Our Role & Activities

ETSI activity on digital signatures is coordinated by technical committee Electronic Signatures and Infrastructures (ESI).

ETSI ESI is the committee dealing with digital signatures (signature format, certificates, CSPs, trusted list) and ancillary services (Registered email, Registered e-delivery, Time-Stamping, Long-term data preservation).

Their activity covers signature creation and verification based on CAdES (CMSdigital signatures), XAdES (XML digital Signatures), PAdES (PDF digital Signatures), and ASiC (Associated Signature Container). ESI also deals with cryptographic suites, trust service providers supporting e-signatures (e.g. certification authorities, time-stamping authorities), trust application providers (e.g. Registered Emails (REM) providers, Information preservation providers), and Trust-service Status List (TSL). TSL is defined to enhance the confidence of parties relying on certificates or other services related to digital signatures since they have access to information that will allow them to know whether a given Trust Service Provider was operating under the approval of any recognized scheme at the time of providing their services and of any dependent transaction that took place.

In order to prove interoperability of implementations and enhance standards robustness, ETSI is running regular CAdES/XAdES/PAdES PlugtestsTM events. ETSI also organizes Plugtests events on signature validation.

Latest ESI activities on the ETSI Portal.

Standards

The following is a list of the 20 latest published ETSI standards on electronic signatures.

A full list of related standards in the public domain is accessible via the ETSI standards search. Via this interface you can also subscribe for alerts on updates of ETSI standards.

For work in progress see the ETSI Work Programme on the Portal.

Standard No. Standard title.
TR 119 164-1 Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC) - Testing Conformance and Interoperability; Part 1: Overview
TS 119 164-2 Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC) - Testing Conformance and Interoperability; Part 2: Test suites for testing interoperability of ASiC baseline containers
TS 119 164-3 Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC) - Testing Compliance and Interoperability; Part 3: Test suites for testing interoperability of ASiC containers other than baseline
TS 119 164-4 Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC) - Testing Compliance and Interoperability; Part 4: Testing Conformance of ASiC baseline containers
TS 119 164-5 Electronic Signatures and Infrastructures (ESI); Associated Signature Containers (ASiC) - Testing Compliance and Interoperability; Part 5: Testing Conformance of additional ASiC containers
TS 119 614-1 Electronic Signatures and Infrastructures (ESI); Testing Conformance and Interoperability of Trusted Lists; Part 1: Specifications for testing conformance of XML representation of Trusted Lists
TR 119 124-1 Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 1: Overview
TR 119 134-1 Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Conformance and Interoperability; Part 1: Overview
TR 119 144-1 Electronic Signatures and Infrastructures (ESI); PAdES digital signatures - Testing Conformance and Interoperability; Part 1: Overview
TS 119 124-2 Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 2: Test suites for testing interoperability of CAdES baseline signatures
TS 119 124-3 Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 3: Test suites for testing interoperability of extended CAdES signatures
TS 119 124-4 Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 4: Testing Conformance of CAdES baseline signatures
TS 119 124-5 Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 5: Testing Conformance of extended CAdES signatures
TS 119 134-2 Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Conformance and Interoperability; Part 2: Test suites for testing interoperability of XAdES baseline signatures
TS 119 134-3 Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Conformance and Interoperability; Part 3: Test suites for testing interoperability of extended XAdES signatures
TS 119 134-4 Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Conformance and Interoperability; Part 4: Testing Conformance of XAdES baseline signatures
TS 119 134-5 Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Conformance and Interoperability; Part 5: Testing Conformance of extended XAdES signatures
TS 119 144-2 Electronic Signatures and Infrastructures (ESI); PAdES digital signatures - Testing Conformance and Interoperability; Part 2: Test suites for testing interoperability of PAdES baseline signatures
TS 119 144-3 Electronic Signatures and Infrastructures (ESI); PAdES digital signatures - Testing Conformance and Interoperability; Part 3: Test suites for testing interoperability of additional PAdES signatures
TS 119 144-4 Electronic Signatures and Infrastructures (ESI); PAdES digital signatures - Testing Conformance and Interoperability; Part 4: Testing Conformance of PAdES baseline signatures