Sophia Antipolis, 20 September 2023

ETSI has published a new standard on “Requirements for trust service providers issuing publicly trusted S/MIME certificates” (ETSI TS 119 411-6 ) helping Trust Service Providers comply with new standards for S/MIME certificates that are enforced since 1 September 2023. Secure MIME (S/MIME) certificates are used to sign, verify, encrypt, and decrypt email messages. 

Since the 1st of September 2023, all TSPs issuing digital certificates used for S/MIME that are publicly trusted in certain operating systems and root certificate programs must comply with the S/MIME Baseline Requirements published by the CA/Browser Forum. The new ETSI standard will assist Trust Service Providers in asserting their compliance, when required. It will enable the same public key certificate used for signing electronic mail accepted by major IT solution providers (e.g., Microsoft, Apple, Google) to be also recognized as meeting the EU requirements for electronic signatures, issued to individual persons, and electronic seals, issued to organizations.

This new standard supports the EU regulation for electronic identities, authentication, and signatures (eIDAS – Regulation (EU) 910/2014) and builds on the policy requirements for Trust Service Providers (TSPs), the ETSI EN 319 411 series of standards used for eIDAS audits.