60 likes | 155 Views
EESSI Panel Session 2: Development and market uptake of standards of the EESSI programme. International harmonisation of CA practices and policies through standards. Nick Pope – Security & Standards pope@secstan.com. Annex II: Requirements for CA issuing qualified certificate.
E N D
EESSI Panel Session 2: Development and market uptake of standards of the EESSI programme International harmonisation of CA practices and policies through standards Nick Pope – Security & Standards pope@secstan.com
Annex II: Requirements for CA issuing qualified certificate Electronic Signature Directive National Legislation EU Directive 1999/93/EC “A Community Framework for Electronic Signatures”
ETSI Policy Requirements for CAs Issuing Qualified Certificates EU Directive Annex II“Requirements for Certification Service Providers” Other CA Practices & Standards (e.g. RFC 2527, ANSI X9.29) European CSP Accreditation Schemes ETSI TS 101 456 Qualified Certificate Policy
Qualified Certificate Policies (QCP) • QCP for CAs issuing qualified certificates to the public • QCP for CAs issuing qualified certificates to the public requiring a secure signature creation device • Framework for the definition of other QCPs
Future Standardisation: Generic Policy Requirements ETSI Qualified CertificatePolicy (TS 101 456) Requirement Specific to QC General Requirements For CAs
International Harmonisation through Standards Users: Provides recognised reference for Certificate quality CAs: Code of practice providing a recognised level of quality Accreditation authorities: Provides recognised criteria for assessing CA International Interoperability: Harmonised with other international standards