1 / 9

Summary of ETSI/ESI activities

Summary of ETSI/ESI activities. Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author. ETSI - European Telecommunications Standards Institute. produce globally applicable standards for Information & Communications Technologies

faraji
Download Presentation

Summary of ETSI/ESI activities

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author

  2. ETSI - European Telecommunications Standards Institute • produce globally applicable standards for Information & Communications Technologies • is recognised as an official European Standards Organisation by the European Union • international reputation is built on openness, discussion, consensus and direct input from members • Agreements with External Bodies • CAB (Certification Authority/Browser) Forum: Letter of Intent • ENISA (European Network and Information Security Agency): Memorandum of Understanding • ISO: Liaison Category A with ISO TC 154 (Processes, data elements and documents in commerce, industry and administration), Liaison Category D with ISO TC171/SC 2/WG 8 (PDF specification) • ISOC/IETF: Active working relationships • OASIS: Memorandum of Understanding • UPU (Universal Postal Union): Memorandum of Understanding

  3. ETSI Electronic Signatures and Infrastructures (ESI) TC • TC ESI is responsible for Electronic Signatures and Infrastructures standardization within ETSI • ETSI/ESI plays a key role in the development of electronic signature related standards: • Signature formats: XAdES (TS 101 903) ->ISO, CAdES (TS 101 733) ->ISO, PAdES (TS 102 778) ->ISO and ASiC (TS 102 918) and related profiles • Trust Service Provider (TSP) Status Information (TSL, TS 102 231) • Policy requirements for CAs: TS 102 042, TS 101 456 (Qual. Cert.) • TSA policy requirements: TS 102 023 • Certificate profiles: TS 101 862 (Qual. Cert.), TS 102 280 (Nat. Persons) • Registered Electronic Mail (eDelivery): TS 102 640 (multipart) • Data preservation: TS 101 533-1, TR 101 533-2 • Algo paper: TS 102 176 • Collaborates with ETSI CTI, Centre for Testing and Interoperability for Plugtests events

  4. M460 European Commission mandate • EC founded eSignatures standardization activities • 4 years: 2011-2014 • 1st phase (executed) • definition of a rationalized standardization framework, in collaboration with CEN • several specifications upgrades primarily aimed at providing quick technical fixes to existing electronic signatures standards, and definition of test specifications • 2nd phase (starting by end 2012) • implement the rationalized standardization framework • support the new EU Regulation on electronic identification and trust services for electronic transactions in the internal market (exp. approval by end 2013)

  5. Details on M460 phase 1 • Rationalised Framework definition (STF 425) • Inventory of eSignature Standards (worldwide) • Rationalised Framework Definition • Gap Analysis & Work Plan • Quick Fixes • STF 427 (CSP Conformity Assessment, QC profile, Sig. Validation Procedures, Sig. algorithms maintenance) • STF 426 (X/C/PAdES & ASiC baseline profiles) • STF 428 (XAdES conformance testing, PAdES & ASiC interoperability tests) • CEN (Update CWA 14169 & CWA 14167 towards EN’s) • Stakeholders Workshop

  6. M460 Phase2: the new standardization framework CEN

  7. ETSI REM TS 102 640 overview • Registered Electronic Mail: • Secure Electronic Mail service • able to generate trusted electronic evidence attesting that certain relevant events (submission by sender, delivery to the recipient, right fowarding, etc) have actually occurred. • Added value: Electronic evidences, which, when supported by legislation, have also legal value • Technical Specification for achieving interoperability on evidential services based on S/MIME on SMTP and services built on SOAP on HTTP (UPU Postal Registered Electronic Mail, BUSDOX networks)

  8. Electronic Evidence • Sender and REM Management Domain related events: original message acceptance/rejection, object relay acceptance/rejection, etc. • Recipient related events: delivery/non delivery to recipient, download/non download by recipient, etc. • Interaction with non REM systems. • Specified evidence core components. Syntaxes: XML, ASN.1 and PDF. • May be individually signed (each one in its own format) or/and collectively signed through a S/MIME signature. Specified signature profile.

  9. References • General information: • http://portal.etsi.org/esi/esi_activities.asp • Stakeholders involvement • http://www.e-signatures-standards.eu • Mailing list

More Related