Technical Committee (TC) Electronic Signatures and Infrastructures (ESI) Activity Report 2023
Chair: Nick Pope, Security & Standards Associates
Developing standards for electronic signatures and trust services to protect electronic transactions and ensure trust with business partners.
ETSI’s committee on Electronic Signatures and Trust Infrastructures (TC ESI) addresses the requirements of digital signatures, including formats and procedures and policies for creation and validation, as well as trust service supporting the authenticity of transactions.
The committee’s scope covers policy, security, and technical requirements for trust service providers (TSPs) such as certification authorities, time-stamping authorities, TSPs providing remote signature creation or validation functions, registered e-delivery providers, and long‑term data preservation providers. The committee’s work supports the eIDAS (electronic ID, authentication, and signature) regulation EU 910/2014, as well as general requirements of the international community to provide confidence in electronic transactions. This sees ETSI coordinating its eIDAS-related activities with CEN/CENELEC.
The primary purpose of TC ESI is to:
- Develop generic standards, guides and reports relating to electronic signatures and related trust infrastructures to protect electronic transactions and ensure trust and confidence with business partners.
- Laise with other ETSI bodies in relation to electronic signatures and related trust infrastructures.
- Liaise with bodies external to ETSI in relation to electronic signatures and related trust infrastructures.
- Establish a continuing work plan in relation to electronic signatures and related trust infrastructures.
In 2023 the committee augmented its suite of Technical Specifications (TS) and Technical Reports (TR) with these new publications:
- TR 119 411-5 V1.1.1 ‘Policy and security requirements for Trust Service Providers issuing certificates; Part 5: Guidelines for the coexistence of web browser and EU trust controls’
- TS 119 411-6 V1.1.1 ‘Policy and security requirements for Trust Service Providers issuing certificates; Part 6: Requirements for Trust Service Providers issuing publicly trusted S/MIME certificates’ – see the press release here
- TR 119 476 V1.1.1 ‘Analysis of selective disclosure and zero-knowledge proofs applied to Electronic Attestation of Attributes’
- TR 119 404 V1.1.1 ‘NIS2 and its impact on eIDAS standards’
Revisions to a number of existing European Standards, specifications and reports were also published, notably:
- EN 319 421 V1.2.1 ‘Policy and Security Requirements for Trust Service Providers issuing Time-Stamps’
- EN 319 412-5 V2.4.1 ‘Certificate Profiles; Part 5: QCStatements’
- EN 319 412-4 V1.3.1 ‘Certificate Profiles; Part 4: Certificate profile for web site certificates
- EN 319 412-3 V1.3.1 ‘Certificate Profiles; Part 3: Certificate profile for certificates issued to legal persons’
- EN 319 412-2 V2.3.1 ‘Certificate Profiles; Part 2: Certificate profile for certificates issued to natural persons’
- EN 319 412-1 V1.5.1 ‘Certificate Profiles; Part 1: Overview and common data structures’
- EN 319 411-2 V2.5.1 ‘Policy and security requirements for Trust Service Providers issuing certificates; Part 2: Requirements for trust service providers issuing EU qualified certificates’
- EN 319 411-1 V1.4.1 ‘Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements’
- EN 319 122-1 V1.3.1 ‘CAdES digital signatures; Part 1: Building blocks and CAdES baseline signatures’
- TS 119 615 V1.2.1 ‘Trusted lists; Procedures for using and interpreting European Union Member States national trusted lists’
- TS 119 534-2 V1.2.1 ‘Testing Conformance and Interoperability of Registered Electronic Mail Services; Part 2: Test suites for interoperability testing of providers using same format and transport protocols’
- TS 119 534-1 V1.2.1 ‘Testing Conformance and Interoperability of Registered Electronic Mail Services; Part 1: Testing conformance’
- TS 119 524-2 V1.2.1 ‘Testing Conformance and Interoperability of Electronic Registered Delivery Services; Part 2: Test suites for interoperability testing of Electronic Registered Delivery Service Providers’
- TS 119 524-1 V1.2.1 ‘Testing Conformance and Interoperability of Electronic Registered Delivery Services; Part 1: Testing conformance’
- TS 119 512 V1.2.1 ‘Protocols for trust service providers providing long-term data preservation services’
- TS 119 441 V1.2.1 ‘Policy requirements for TSP providing signature validation services’;
- TS 119 431-2 V1.2.1 ‘Policy and security requirements for trust service providers; Part 2: TSP service components supporting AdES digital signature creation’
- TS 119 403-2 V1.3.1 ‘Trust Service Provider Conformity Assessment; Part 2: Additional requirements for Conformity Assessment Bodies auditing Trust Service Providers that issue Publicly-Trusted Certificates’
- TS 119 312 V1.4.3 ‘Cryptographic Suites’
- TS 119 192 V1.2.1 ‘AdES related Uniform Resource Identifier’
- TS 119 102-2 V1.4.1 ‘Procedures for Creation and Validation of AdES Digital Signatures; Part 2: Signature Validation Report’
- TR 119 000 V1.3.1 ‘Framework for standardization of digital signatures and trust services; Overview’
See the full list of TC ESI Work Items currently in development here.
Organized by ETSI’s Centre for Testing and Interoperability (CTI) on behalf of TC ESI with the support of the European Commission (EC) and European Free Trade Association (EFTA), the LTA Signature Augmentation and Validation Plugtests™ event took place from October to December 2023. The remote interoperability event focused on augmentation of digital signatures to LTA (Long-Term Archive) level and validation of LTA level digital signatures. Participants were able to test their digital signature augmentation and validation tools and to augment and cross-validate ETSI Electronic Signatures/Seals relying on EU Member States' Trusted Lists.
During the year on 21st September, TC ESI also contributed to a Workshop organized by the Bureau of Indian Standards (BIS) on India’s adoption of ETSI digital signature standards.
The committee meanwhile liaised on PKI related trusted services with other sector or regional bodies including:
- CA/Browser Forum
- Asia PKI
- PKI Consortium
- Arab ICT Organisation
- Direct Trust (formerly Safe Identity)
- Japan Network Security Association
- CSC (Cloud Signature Consortium)