Technical Committee (TC) Electronic Signatures and Infrastructures (ESI) Activity Report 2019

Chair: Riccardo Genghini, Studio Notarile Genghini, eWitness SA

Responsible for the standardization of electronic signatures and related trust infrastructures.

The primary responsibility of our Electronic Signatures and Infrastructures committee (TC ESI) is to develop generic standards, guides and reports relating to electronic signatures and related trust infrastructures to protect electronic transactions and ensure trust and confidence with business partners.

TC ESI published several deliverables during 2019.

We updated our Technical Specification [TS 119 495] that defines Qualified Certificate Profiles and TSP Policy Requirements for Payment Services under the payment services Directive 2015/2366/EU (called PSD2).

Revisions were made to our Technical Specification [TS 119 102-2] on Procedures for Creation and Validation of AdES Digital Signatures (Part 2: Signature Validation Report). 

We published protocols for remote digital signature creation and validation as TS 119 432 and TS 119 442 respectively.

A further Technical Specification was published [TS 119 511], defining policy and security requirements for trust service providers providing long-term preservation of digital signatures or general data using digital signature techniques.

We published TS 119 403-2 and TS 119 403-3, defining additional requirements for conformity assessment bodies assessing EU qualified trust service providers and auditing Trust Service Providers that issue Publicly-Trusted Certificates.

Remaining deliverables under the scope of STF 523 were published in February. These included two policy documents for Electronic Registered Delivery Providers and Registered Electronic Mail (REM) Providers, test specifications and a feasibility study on an interoperability profile between REM systems and UPU (Universal Postal Union) PReM-based systems [EN 319 521, EN 319 531, TS 119 524 Part 2, TS 119 534 Part 2 and TR 119 530].

The EC/EFTA-funded STF 560 worked on two topics. One considers two machine processable formats for signature policies [TS 119 172 Part 2 and TS 119 172 Part 3] that were published in December 2019. In the second, the STF made a study on the global acceptance of EU Trust Services. Supporting this, TC ESI hosted a series of four workshops in Dubai (May), Tokyo (May), Mexico City (June) and New York (September) as part of the ETSI study to investigate existing PKI-based trust services schemes operating in different regions of the world, and their possible mutual recognition/global acceptance. The study aims to identify further steps which could be taken to facilitate cross recognition between EU trust services, based on ETSI standards supporting the eIDAS Regulation and trust services from other schemes.

During 2019 interaction was maintained with a number of external bodies. In relation to deliverables on e-delivery, we worked with the European Commission / CEF (Connecting Europe Facility), CEN TC 331 WG2 (working on postal services) and UPU (Universal Postal Union).

We coordinated with OASIS DSS-X TC to ensure alignment and complementarity of specifications for remote signature creation and validation, building on the new OASIS DSS-X V2 specification that was published in July 2019.

Work progressed on protocols for remote signature creation, in alignment with the Cloud Signature Consortium’s (CSC) own work covering the JSON binding. 

In cooperation with the European Banking Authority and Open Banking Europe, we adapted our Technical Specification [TS 119 495] for trust infrastructure to meet the needs of new payment services.

 We shared information relevant to trust service providers with the Forum of European Supervisory Authorities.

 We interacted with ISO TC 154 WG6, which is defining profiles of signatures formats building on the ESI formats.

 We continued our liaison with the European cooperation for Accreditation, in particular for the maintenance of EN 319 403.

 An MoU was established with ACAB'c, the Accredited Conformity Assessment Bodies' Council.

 A new co-operation agreement was established with the Cloud Signature Consortium.

 In January 2019 the TC ESI Vice Chair spoke – alongside the TC CYBER Chair and Vice Chair – at a second workshop in Brussels on the Cybersecurity Act and its link with standardization, jointly organized by ENISA, CEN, CENELEC and ETSI.

During October and November TC ESI conducted a remote Digital Signature Validation PlugtestsTM event. 

Look out for in 2020 – TC ESI work in progress

  • Revision to standard (EN) on Trust Service Provider Conformity Assessment; Part 1: Requirements for conformity assessment bodies assessing Trust Service Providers
  • Revision to EN on Procedures for Creation and Validation of AdES Digital Signatures; Part 1: Creation and Validation
  • Revision to EN on Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements
  • Revision to EN on CAdES digital signatures; Part 1: Building blocks and CAdES baseline signatures
  • Revision to EN on certificate profiles
    • Part 1: Overview and common data structures
    • Part 2: Certificate profile for certificates issued to natural persons
    • Part 3: Certificate profile for certificates issued to legal persons
    • Part 5: QCStatements
  • Technical Specification (TS) on JAdES digital signatures; Part 1: Building blocks and JAdES baseline signatures
  • TS on AdES related Uniform Resource Identifier
  • TS on incorporation of Evidence Record Syntax (ERS) mechanisms in XAdES signatures
  • TS on use of information within a trusted list
  • TS on policy and security requirements for a trust service component providing identity proofing of trust service subjects
  • TS on schema for machine-readable cryptographic algorithm catalogues – to reflect requirements posed by existing human-readable algorithm (and cipher suites) catalogues, increase interoperability, and support backwards compatibility for long-term preservation systems
  • TS on Policy and security requirements for TSP service components supporting AdES digital signature augmentation
  • TS on signature policies; Part 4: Signature validation policy for European qualified electronic signatures/seals using trusted lists
  • Identity proofing survey (TR) and policy requirements TS for identity proofing
  • TS on protocols for long-term preservation
  • Revision to TS on procedures for creation and validation of AdES digital signatures; Part 2: Signature Validation Report
  • Revision to TS on policy and security requirements for applications for signature creation and signature validation
  • Revision to TS on protocols for remote digital signature creation
  • Revision to TS on certificate profiles; Part 1: Overview and common data structures
  • Technical Report (TR) addressing existing trust service infrastructures that operate in different regions of the world and their possible mutual recognition/global acceptance – identifies ways to facilitate cross recognition between EU trust services and trust services from other schemes
  • Revision to TR on framework for standardization of signatures; definitions and abbreviations