EESSI European Electronic Signature Standardisation Initiative

1. EESSIEuropean Electronic Signature Standardisation Initiative Implementing Electronic Signatures Overview - Nov. 2000

2. EESSI Charter • Electronic Signature Directive is providing a common EU framework for electronic signatures • Industry, with the assistance of European Standards Bodies, to provide an agreed framework for an open, market-oriented implementation of the Directive • EESSI put in place to co-ordinate this task Nov. 2000

3. EESSI Objectives • Analyse needs for standards in support of minimum essential legal requirements as stated by the Directive • Assess available standards and current initiatives at national, European and international levels • Set up and implement a Programme of Work, built on international co-operation Nov. 2000

4. Classes of General Qualified electronic Enhanced electronic signature: electronic signature - signature as specified (applicable to signature as in 5.1 (Annex I, II, III) both general and required in 5.2 qualified electronic signatures) Level of legal Can not be denied Same legal effect as Enhancement of certainty: legal effect (art hand-written signature technical evidence 5.2) (art 5.1) Explanation: Any electronic Minimum technical level Additional technical signature that is required for the signer requirements for a not a qualified so that his electronic verifier, such as time- electronic signature can be stamping, but also for signature. considered as legally the signer, to enhance equivalent with a hand- technical security and written signature. obtain protection against certain threats. Classes of Electronic Signatures Nov. 2000

5. EESSI Timetable JUN’00 DEC.’98 FEB. ‘99 JUNE ‘99 JULY ‘99 OCT ‘99 NOV/DEC ‘99 MAR’00 MAY’00 SEP’00 DEC’00 Draft Report for Consultation EESSI Launch Open Consultation Meeting: Presentation of EESSI Deliverables Implementation Review 1 Implementation Review 2 Design Review 2nd Open Consultation Meeting: Report Presentation 1st July 1st Open Consultation Meeting: Market Assessment 24 February ETSI SEC Kick-Off Meeting Open Seminar EESSI & National Initiatives Paris 11-12 May EESSI International Seminar Barcelona 26 Sept. ICTSB Recommendations Endorsement CEN ISSS E-Sign Kick-off Meeting Nov. 2000

6. EESSI Organisation • Steering Committee • Standard Bodies and Consensus Bodies involved in standardisation: CEN, ETSI, ISO, ECBS, EEMA, EURESCOM • Market Players: ACE/Telefonica, Belgacom, BT, Bull, Globalsign, iD2/Sonera, Telia, Utimaco • Public Authorities and Consumers Rep’s: BSI (D), PRC (FIN), AIPA (I), DSTI (F), ECP.NL (NL), ANEC • Commission as observer: DG Enterprise, DG Information Society, DG Internal Market • Open WGs with assistance of CEN/ISSS and ETSI TC Security Nov. 2000

7. EESSI Mode of Operation • SC defining the Programme of Work • CEN and ETSI: • proposing programme split: WGs • calling for experts and editors • setting up open meetings for consensus building • calling for public comment (60 days) to reach TS (Technical Specifications) • managing reference deliverables Nov. 2000

8. EESSI Commitment to International Co-operation • ETSI TC SEC, ISO/JTC1/SC27, IETF-PKIX, W3C, EURESCOM • EEMA/ECAF, ICC, ABA, ILPF • UNCITRAL Model of Law, AGB • European Projects: IST and ISIS programmes • National activities in Germany (BSI, INDI), Nordic Countries (SEIS, SAT, FDS), Italy (AIPA), Austria, Spain (FESTE), Netherlands (TTP.NL), UK (tScheme), ... Nov. 2000

9. EESSI Programme Overview Certification Service Provider Qualified Certificate policy Trustworthy system Qualified certificate Signature validation process and environment Signature creation process and environment Signature formatand syntax Creationdevice Relying party Subscriber/signer Nov. 2000

10. Present Priorities • Three short term Priorities • Policies rqmt’s for CSP’s issuing Qualified Certificates • Trustworthy Systems • SSCD • Avoid divergences in MS’s implementation • Supervision • Voluntary accreditation • The Next Step • How to implement “5.2” ? • How to launch active cooperation on “international aspects”? Nov. 2000

11. “Qualified Electronic Signature” EESSI Standard Option Within Standard Qualified Certificate Policy Non-Public or Extended Policies Public Use Public Use with SSCD Electronic Signature Format Electronic Signature Electronic Signature + Validation Data Electronic Signature +Val Data +Time stamp Qualified Certificate Format Qualified Certificate Profile Timestamping Protocol Profile from IETF Timestamping Protocol Security Reqt’s for Trustworthy Systems Lower Level Qualified Level SSCD Lower Level Qualified Level Higher Level Nov. 2000

12. “Qualified Electronic Signature with long term Validity” EESSI Standard Option Within Standard Qualified Certificate Policy Non-Public or Extended Policies Public Use Public Use with SSCD Electronic Signature Format Electronic Signature Electronic Signature + Validation Data Electronic Signature +Val Data +Time stamp Qualified Certificate Format Qualified Certificate Profile Timestamping Protocol Profile from IETF Timestamping Protocol Security Reqt’s for Trustworthy Systems Lower Level Qualified Level SSCD Lower Level Qualified Level Higher Level Nov. 2000

13. “Electronic signatures using Qualified Certificates” EESSI Standard Option Within Standard Qualified Certificate Policy Non-Public or Extended Policies Public Use Public Use with SSCD Electronic Signature Format Electronic Signature Electronic Signature + Validation Data Electronic Signature +Val Data +Time stamp Qualified Certificate Format Qualified Certificate Profile Timestamping Protocol Profile from IETF Timestamp Protocol Security Reqt’s for Trustworthy Systems Lower Level Qualified Level SSCD Lower Level Qualified Level Higher Level Nov. 2000

14. Contributing to International Cooperation • EESSI organised an international seminar in Barcelona (Spain) 26 September 2000 • Purpose of the seminar • to share EESSI draft specifications • to discuss how to achieve a more general model for cross-border recognition of electronic signatures • to agree on implementation principles: who and how Nov. 2000

15. Contributing to International Cooperation • Representatives from: • Identrus • GTA • ECOM from Japan • Radicchio • PKI Forum • U.S. Federal PKI Steering Committee • ISO/IEC JTC1 • APEC • WAP Forum • W3C • The Open Forum Nov. 2000

16. Join us on the EESSI Home Pagehttp://www.ict.etsi.org/eessi/EESSI-homepage.htm Nov. 2000