Presentation is loading. Please wait.

Presentation is loading. Please wait.

Telia Research AB György Endersz 2001-05-08 1 European Electronic Signature Standardisation Initiative EESSI Budapest Seminar at the Hungarian Communication.

Published byFernanda Tanguay Modified over 10 years ago

Similar presentations

Presentation on theme: "Telia Research AB György Endersz 2001-05-08 1 European Electronic Signature Standardisation Initiative EESSI Budapest Seminar at the Hungarian Communication."— Presentation transcript:

1 Telia Research AB György Endersz 2001-05-08 1 European Electronic Signature Standardisation Initiative EESSI Budapest Seminar at the Hungarian Communication Authority 2001 05-08 György Endersz, Telia Research AB, Sweden Chairman ETSI ESI Working Group gyorgy.g.endersz@telia.se Deliverables and Current Activities

2 Telia Research AB György Endersz 2001-05-08 2 EESSI SG EESSI: European Electronic Signature Standardization Initiative European Telecommunications Standards Institute Industry and business, assisted by European standard bodies

3 Telia Research AB György Endersz 2001-05-08 3 EESSI Program Implementation Phase 2 (2000) completed 2Q2001 Phase 3 (2001) deliverables to be published by the end of 2001 ETSI ESI Working Group 40-50 Participants, funded Specialist Task Force, STF155, 178 Result: ETSI Technical Specifications Chairman: gyorgy.g.endersz@telia.se CEN/ISSS E-SIGN Workshop 50-70 participants, funded Expert Teams Result: CEN Workshop Agreements Chairman: riccardo.genghini@sng.it

4 Telia Research AB György Endersz 2001-05-08 4 Directive “on a Community framework for electronic signatures, 13 Dec ‘99” Ensures legal recognition of electronic signatures Security and quality requirements in Annexes I-III Qualified certificates+secure signature-creation device+ advanced signatures hand-written signature Other signatures recognised as well (Art 5.2) Voluntary accreditation of service providers (tScheme, TTP.NL, Italy, Austria, Germany, Spain….) Technology-neutral framework To be in place within 18 months

5 Telia Research AB György Endersz 2001-05-08 5 Annexes of the Directive Annex I: Requirements for qualified certificates Annex II: Requirements for certification-service-providers issuing qualified certificates Annex III: Requirements for secure signature-creation devices Annex IV: Recommendations for secure signature verification

6 Telia Research AB György Endersz 2001-05-08 6 Strategy and Work Process Focus on Directive Annexes and interoperability Market driven Open, transparent and co-operative Re-use of existing work Funded support for timeliness European with global ambition

7 Telia Research AB György Endersz 2001-05-08 7 Roadmap of EESSI Standards Signature creation process and environment (A.III) Signature valida- tion process and environment - A.IV Signature format and syntax (Advanced ES) Creation device A.III Requirements for CSPs - A.II Trustworthy system- A.II.f Certification Service Provider User/signer Relying party/ verifier CEN E-SIGN ETSI ESI Qualified certificate - A.I Time Stamp

8 Telia Research AB György Endersz 2001-05-08 8 Phase 2 Deliverables Published in 4Q2000: Policies for CSPs, ETSI TS 101 456 Profile for Qualified Certificates, ETSI TS 101 862 Electronic Signature Formats, ETSI TS 101 733 Target: Annex I-IV requirements and interoperability

9 Telia Research AB György Endersz 2001-05-08 9 Deliverables... Published in 1-2Q2001: Security Requirements for Trustworthy Systems CEN/ISSS CWA Security Requirements for SSCDs, CEN/ISSS CWA Signature Creation Process and Environment CEN/ISSS CWA Signature Verification Process and Environment CEN/ISSS CWA

10 Telia Research AB György Endersz 2001-05-08 10 Deliverables... Time Stamping Profile ETSI TS 101 861, waiting for IETF RFC number of mother document, by early 1Q2001 Conformity Assessment Guidance, Part 1 CEN/ISSS CWA

11 Telia Research AB György Endersz 2001-05-08 11 Requirements for Certification Service Providers (CSPs) Functional, quality and security requirements expressed in Certificate Policy and security controls Consistent requirements to provide the basis for implementation, audit and approval Current work responds to Directive requirements for CSPs issuing Qualified Certificates, Annex II Requirements for other class(es) to meet market needs

12 Telia Research AB György Endersz 2001-05-08 12 Baseline Requirements Security Management PKI Organisational Obligations & Liability Issuing CSP Relying Party Subscriber RADirectory Qualified Certificate Policies - QCP Public - QCP Public + SSCD - Framework for other QCPs

13 Telia Research AB György Endersz 2001-05-08 13 Trustworthy Systems for CSPs Technical security requirements for products and technology components used by CSPs to create certificates for the use of advanced signatures. To meet security requirements stated in the work area „Requirements for CSPs“. Seek consistent overlap of specifications. The use of FIPS 140-1 is considered for the cryptographic module requirements until European specifications become available (Phase 3 action).

14 Telia Research AB György Endersz 2001-05-08 14 Profile for Qualified Certificate (QC) Standard for the use of X.509 public key certificates as qualified certificates European profile based on current IETF PKIX draft as required by Annex I of the Directive

15 Telia Research AB György Endersz 2001-05-08 15 Qualified Certificate Statements The profile uses, as an option, the private extension defined in the IETF QC profile, to include the following explicit statements of the Issuer: Statement claiming that the certificate is issued as a Qualified certificate. OID will point to relevant policy standard Statement regarding limits on the value of transactions for which the certificate can be used Statement regarding the retention time of identification data

16 Telia Research AB György Endersz 2001-05-08 16 SSCD: the trusted element at the user EU-directive requires SSCD to be evaluated and „confirmed“ by national bodies A specific Common Criteria Protection Profile will address appropriateness It reflects the requirements regulated in Annex III of the signature Directive It is aimed to remain technology neutral as long as security is not impaired Use of SSCD to be represented in QC SSCD: Secure Signature Creation Device

17 Telia Research AB György Endersz 2001-05-08 17 The Scenario TOE The SSCD is the device „getting in touch“ with the private key. The SSCD comprises the whole lifecycle. The SSCD assumes an appropriate environment for its application. Trusted paths are offered to meet security requirements.

18 Telia Research AB György Endersz 2001-05-08 18 Electronic Signature Formats Defines interoperable syntax and encoding for signature, validation data and signature policy. Builds on exiting PKI and digital signature standards Format part approved by the IETF as an Informational RFC, the Signature Policy part as an IETF Experimental Protocol Co-operative implementation project in preparation to validate standard and provide free software Aim: to harmonise development with XML signatures and create XML version (Phase 3) action.

19 Telia Research AB György Endersz 2001-05-08 19 ES = The ETSI Electronic Signature as generated by the signer. ETSI Electronic Signature Signers Structures

20 Telia Research AB György Endersz 2001-05-08 20 ES-T = The ETSI Timestamp Electronic Signature. Timestamp attribute may be absent, if secure records prove the time of the ES ES-C = The ETSI complete Electronic Signature with references to all information needed to check its validity ETSI ES-T and ES-C Verifiers Structures Unsigned attributes added for long term verification

21 Telia Research AB György Endersz 2001-05-08 21 Format and Protocol for Time Stamp Profile based on current IETF PKIX draft Time stamps used for signature validation, e.g. in ES 201 733 Electronic Signature Formats Harmonisation of ISO-IETF activities: IETF draft may become a compatible subset of the ISO specifications

22 Telia Research AB György Endersz 2001-05-08 22 Roadmap of Phase 3 Activities (2001) Signature creation process and environment Signature valida- tion process and environment Signature format * and syntax in XML Signature Creation device * Alternative Requirements for CSPs * Trustworthy Systems * Certification Service Provider User/Signer Relying Party/ Verifier Qualified certificate Time Stamping Format&Protocol Time Stamping Authority Requirements for TSAs * * Phase 3 CA status and validation by RP *

23 Telia Research AB György Endersz 2001-05-08 23 EESSI Phase 3 Activities (2001) CEN/ISSS: Security Requirements for Trustworthy systems - Finalisation of the General Security Requirements - Protection Profile for Cryptographic Modules used by CSPs Security requirements for Signature Creation Devices in different environments and types of use - Guidance for writing Security Targets for different types of SSCDs, such as smart cards, mobile phones and PDAs - Security requirements for SCDs in e-commerce using 5.2 signatures

24 Telia Research AB György Endersz 2001-05-08 24 Phase 3 Activities….. Security Requirements for Cryptographic Modules - Common Criteria PP to protect the CA private key and the certificate signing process - International harmonisation: the aim is to liase with NIST - CC MRA: Arrangement on the Mutual Recognition of CC Certificates in the Field of IT Security

25 Telia Research AB György Endersz 2001-05-08 25 Phase 3 Activities….. ETSI ESI WG: Security management and certificate policy for CSP issuing Trusted Time-Stamps Requirements for CSPs issuing certificates, which meet classes of requirements different from those for qualified certificates Electronic Signature syntax and encoding formats in XML Technical aspects of signature policies Harmonised provision of CSP status information

26 Telia Research AB György Endersz 2001-05-08 26 CSP status information for Relying Parties National schemes include procedures to make such information available, e.g. CSP not able to fulfill obligations, failed audit, etc. Gray zone between accreditation/supervision and technical interoperation A framework and simple formats and mechanisms are needed to store and retrieve such information so as to become available (on-line) over domain borders Work item to assess infrastructure and interoperability requirements and suggest solutions. Co-operation with national schemes via EESSI and ESI membership

27 Telia Research AB György Endersz 2001-05-08 27 CA (TSP) Status information Signature creation process and environment Signature valida- tion process and environment Signature Creation device * User/Signer Relying Party/ Verifier Qualified certificate CA status and validation by RP CA CA status info provider

28 Telia Research AB György Endersz 2001-05-08 28 CA (TSP) Status information Items to harmonise regarding status info: Content and format Distribution, storage and management Technical means to find, access and validate information Measures to ensure trust and security

29 Telia Research AB György Endersz 2001-05-08 29 Phase 3 Activities……. Algorithm Group Expert group providing guidance on cryptographic algorithms and parameters in EESSI standards. Regular review and maintenance of specifications Reference implementation of ES Format standard Funded activity with the aim of validating the standards ES-format, QC-profile and Time Stamp. Promote applications by releasing source code.

30 Telia Research AB György Endersz 2001-05-08 30 Phase 3 Activities…… Currently discussed Use of smart cards for creating electronic signatures Requirements for CSPs issuing attribute certificates Signature policy for common business practices

31 Telia Research AB György Endersz 2001-05-08 31 International Perspectives Recognition of conformance to SSCD requirements CC MRA: Arrangement on the Mutual Recognition of CC Certificates in the Field of IT Security Similar ambition with Trustworthy Systems Cross-recognition of “certification policy” Assessment of policy mapping between US Federal PKI and ETSI-EESSI requirements Harmonization of interoperability standards Use of existing standards (ISO, IETF), liaisons under development (W3C, WAP Forum, EDI/XML) and submissions to IETF

32 Telia Research AB György Endersz 2001-05-08 32 References ETSI: http://www.etsi.org/sec/el-sign.htm Sign up from Web-site to open El Sign mailing list CEN: http://www.cenorm.be/isss/workshop/e-sign EESSI: http://www.ict.etsi.org/eessi/EESSI-homepage.htm

Download ppt "Telia Research AB György Endersz 2001-05-08 1 European Electronic Signature Standardisation Initiative EESSI Budapest Seminar at the Hungarian Communication."

Similar presentations

Universal Electronic Signatures Tarvi Martens ESTONIA.

Universal Electronic Signatures Tarvi Martens ESTONIA.
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.
Bundesamt für Sicherheit in der Informationstechnik EESSI - WS May 11.-12., 2000, Paris, Folie 1/18Klaus J. Keus, BSI Electronic Signatures in Germany,

Bundesamt für Sicherheit in der Informationstechnik EESSI - WS May , 2000, Paris, Folie 1/18Klaus J. Keus, BSI Electronic Signatures in Germany,
Practical Digital Signature Issues. Paving the way and new opportunities. www.oasis-open.org Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
Telia Research AB György Endersz 2000-09-26 1 European Electronic Signature Standardisation Initiative EESSI Workshop Barcelona, 2000-09-26 György Endersz,

Telia Research AB György Endersz European Electronic Signature Standardisation Initiative EESSI Workshop Barcelona, György Endersz,
1 European Standardisation and the Identification of ICT Technical Specifications 13th XBRL Europe Day Rome, 6 May 2014 Antonio Conte, Project Manager.

1 European Standardisation and the Identification of ICT Technical Specifications 13th XBRL Europe Day Rome, 6 May 2014 Antonio Conte, Project Manager.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
Electronic Submission of Medical Documentation (esMD) Face to Face Informational Session esMD Requirements, Priorities and Potential Workgroups – 2:00pm.

Electronic Submission of Medical Documentation (esMD) Face to Face Informational Session esMD Requirements, Priorities and Potential Workgroups – 2:00pm.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.

Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.
Jaroslav Pinkava May 2001 Certification Authority in Praxis. Security Aspects. Conference Security and Protection of Information Ing. Jaroslav Pinkava,

Jaroslav Pinkava May 2001 Certification Authority in Praxis. Security Aspects. Conference Security and Protection of Information Ing. Jaroslav Pinkava,
© ETSI 2012 All rights reserved EUROPEAN UNION MANDATE/460 Kloster Banz 11.09.2013 Presented by Arno Fiedler, Member of European Telecommunications Standards.

© ETSI 2012 All rights reserved EUROPEAN UNION MANDATE/460 Kloster Banz Presented by Arno Fiedler, Member of European Telecommunications Standards.
2002 10 21 Implementation of Electronic Signature Law Kęstutis Andrijauskas Information Society Development Committee under the Government of the Republic.

Implementation of Electronic Signature Law Kęstutis Andrijauskas Information Society Development Committee under the Government of the Republic.
TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.

TechSec WG: Related activities overview Information and discussion TechSec WG, RIPE-45 May 14, 2003 Yuri Demchenko.
1 Bridge/Gateway CA Project Status Gzim OCAKOGLU European Commission – DG ENTR / IDABC Reykjavik – 27 May 2005.

1 Bridge/Gateway CA Project Status Gzim OCAKOGLU European Commission – DG ENTR / IDABC Reykjavik – 27 May 2005.
1 ESTIO 21/05/2015 Electronic Signature Testsuit for Inter-Operability A project supported by the EU ISIS programme.

1 ESTIO 21/05/2015 Electronic Signature Testsuit for Inter-Operability A project supported by the EU ISIS programme.
21 mai 2015 Bridges between Certification Authorities.

21 mai 2015 Bridges between Certification Authorities.
Host of the 13 th ECRF Annual Conference - Budapest 2010.

Host of the 13 th ECRF Annual Conference - Budapest 2010.
PAPERLESS BUSINESS in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE - Advisor to the Governor.

PAPERLESS BUSINESS in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE - Advisor to the Governor.

Similar presentations

Ads by Google