Technical Committee (TC) Electronic Signatures and Infrastructures (ESI) Activity Report 2020

Chair: Riccardo Genghini, eWitness SA

Our committee on Electronic Signatures and Infrastructures (TC ESI) develops standards for electronic signatures and trust services to protect electronic transactions and ensure trust with business partners.

The activities of ETSI’s committee on Electronic Signatures and Infrastructures (TC ESI) address the requirements of digital signatures, including formats and procedures and policies for creation and validation, as well as trust service supporting the authenticity of transactions. The committee’s scope covers policy, security and technical requirements for trust service providers (TSPs) such as certification authorities, time-stamping authorities, TSPs providing remote signature creation or validation functions, registered e-delivery providers, and long-term data preservation providers. The committee’s work supports the eIDAS (electronic ID, authentication and signature) regulation as well as general requirements of the international community to provide confidence in electronic transactions.

In 2020 we published and subsequently revised a new specification [TS 119 512] on protocols for providers of long-term data preservation services. We also revised the first part of our standard [EN 319 403-1] on Trust Service Provider Conformity Assessment, addressing requirements for conformity assessment bodies assessing TSPs.

Our Technical Report [TR 103 684] on Global Acceptance of EU Trust Services examines services operating in different regions of the world, and their possible mutual recognition/global acceptance. Focusing on existing PKI-based trust services, the study identifies steps which could be taken to facilitate cross-recognition between trust services based on ETSI standards and other non-EU schemes. 

Building on this survey we liaised with representatives from Japan, ASIA PKI and the Arab ICT organization about future harmonization of their trust services with EU standards.

We also revised our multi-part standard on certificate profiles [EN 319 412-1 to -5]. Enhancements included the specification of how eIDAS minimum data set for electronic identities can also be included in signing certificates issued to legal or natural persons. In addition the committee agreed updates to clarify requirements for trust services issuing certificates, anticipating publication in 2021.

Work neared completion with Open Banking Europe on the internationalization of the current EU centred standard for payment services [subsequently published in 2021 as TS 119 495].

Supported by STF 588, we conducted a survey of identity proofing solutions in Europe and around the world, with the results subsequently being published in 2021 as a Technical Report [TR 119 460]. This was used of the basis of a draft technical specification for identity proofing to verify claimed identities at registration on trusted services such as signing certificates, electronic identities and, potentially, banking services which is currently under public review.

TC ESI has extended its range of signature format standards for digital signatures aimed at supporting European advanced electronic signature to include a signature format based on JSON Web Signatures (IETF RFC 7515) called JAdES [TS 119 182‑1]. 

During the year the committee continued to maintain a number of its existing standards including:

  • EN 319 401 on general policy requirements for trust services
  • EN 319 411-1 and EN 319 411-2 on policy requirements for issuing certificates
  • EN 319 412 on certificate profiles (Part 1)
  • EN 319 403-1 on requirements for conformity assessment of trust service providers following on ETSI standards for trust services, with additional parts in TS 119 403-2 for publicly trusted services and TS 119 403-2 qualified trust services.

We launched work on development of a schema for cataloguing acceptable cryptographic algorithms in a machine-readable form that can be used by implementations to control the algorithms that may be used.

LOOK OUT FOR IN 2021 – TC ESI WORK IN PROGRESS:

See the full list of current TC ESI Work Items here.

  • Updates to signature policy requirements for Qualified Website Authentication Certificates in EN 319 411-1 and associated certificate profile in EN 319 412-4
  • Updates to the interoperability profile for Registered Electronic Mail (REM) in EN 319 532-4
  • Completion of update to EN 319 102-1 on procedures for AdES signature creation and validation
  • Completion of TS 119 461 for identity proofing to verify claimed identities at registration on trusted services such as signing certificates, electronic identities and, potentially, banking services following feedback from public review
  • Completion of updates for the internationalisation of the current EU centred standard for payment services TS 119 495
  • Completion of TS 119172-4 and TS 119 615 on signature policy requirements for EU qualified signatures and use of EU Trusted list
  • Development of a multipart document on extended validation procedures for AdES signatures to be TS 119 102-3 sub-parts 1 to 4
  • Completion of Technical Specification for augmentation of signatures to maintain their validity in TS 119 451
  • Plugtests™ for JAdES TS 119 182-1 signature format based on JSON Web signatures RFC 7515
  • Study into requirements for use of distributed ledger technology on digital signatures and trust services
  • Start of work on framework for standardisation on electronic identities following expected updates to European regulation of electronic identities, authentication and signatures (eIDAS Regulation (EU) No 910/2014)