Since 1 July 2016 the major part of the European Union’s (EU) eIDAS regulation applies. The eIDAS regulation is Regulation (EU) N°910/2014 on electronic identification and trust services for electronic transactions in the internal market. To support this new regulation in Europe as well as the needs of the international community to provide trust and confidence in electronic transactions, ETSI’s Technical Committee on Electronic Signatures and Infrastructures (TC ESI) has published a set of standards for trust services providers (TSP), electronic signatures, electronic seals and electronic time-stamps. The set includes a total of 19 European Standards along with guidance documents and test specifications.
A first series of European Standards, which addresses security and policy requirements, is used by conformity assessment bodies to audit trust service providers and assess their conformity with relevant requirements of the eIDAS Regulation. These standards also form an audit scheme recognized by CA / Browser Forum for certification authorities issuing certificates for website authentication.
A second series of European Standards covers digital signature creation and validation. Digital signatures specified in these standards aim at supporting electronic signatures, advanced electronic signatures, qualified electronic signatures, electronic seals, advanced electronic seals, and qualified electronic seals as defined in the regulation. The well-known signature formats CAdES, XAdES, PAdES and the signature container format ASiC have now become European Standards.
To facilitate the implementation and the use of products and services based on digital signatures, provide mutual recognition and cross-border interoperability, ETSI TC ESI has released an update of Technical Report TR 119 000 describing the general structure for digital signature standardization and outlining existing and potential standards for such signatures. Stakeholders benefit as well from the publication of test specifications for interoperability and conformance testing.
ETSI is now working on complementing this set of standards with specifications on e-Delivery trust services, registered e-mail trust services, signature creation and signature validation by trust service providers.