EESSI Panel Session 2: Development and market uptake of standards of the EESSI programme

1. EESSI Panel Session 2: Development and market uptake of standards of the EESSI programme International harmonisation of CA practices and policies through standards Nick Pope – Security & Standards pope@secstan.com

2. Annex II: Requirements for CA issuing qualified certificate Electronic Signature Directive National Legislation EU Directive 1999/93/EC “A Community Framework for Electronic Signatures”

3. ETSI Policy Requirements for CAs Issuing Qualified Certificates EU Directive Annex II“Requirements for Certification Service Providers” Other CA Practices & Standards (e.g. RFC 2527, ANSI X9.29) European CSP Accreditation Schemes ETSI TS 101 456 Qualified Certificate Policy

4. Qualified Certificate Policies (QCP) • QCP for CAs issuing qualified certificates to the public • QCP for CAs issuing qualified certificates to the public requiring a secure signature creation device • Framework for the definition of other QCPs

5. Future Standardisation: Generic Policy Requirements ETSI Qualified CertificatePolicy (TS 101 456) Requirement Specific to QC General Requirements For CAs

6. International Harmonisation through Standards Users: Provides recognised reference for Certificate quality CAs: Code of practice providing a recognised level of quality Accreditation authorities: Provides recognised criteria for assessing CA International Interoperability: Harmonised with other international standards