eessi june 2000slide 1 european electronic signature standardization hans nilsson, id2 technologies,...
TRANSCRIPT
EESSI June 2000 Slide 1
European Electronic Signature
Standardization
Hans Nilsson, iD2 Technologies, Sweden
EESSI June 2000 Slide 2
The two main objectives of the directive
Free internal market for electronicsignatures and certification services
Legal equivalence of electronicsignatures with hand-written signatures
All kinds of electronic signatures
All kinds of certification services
All kinds of signature products
Only under certain conditions
Only for specific purposes
with many exceptions
Broad scope
Limited scope
Scope of the EU Directive on Electronic Signatures
EESSI June 2000 Slide 3
Legal Recognition • General principle (art. 5.2): Legal effect for all electronic
signatures• Second principle (art.5.1): Certain electronic signatures
get the same legal effect as hand-written signatures
Electronic signatures
Advanced electronic signatures
Qualified electronic signature: advanced electronic signature + qualified certificate (annex II)+ secure signature creation device (annex III)
Qualified electronicsignatures
EESSI June 2000 Slide 4
European Electronic Signature Standardization Initiative
• Abbreviated: EESSI• Based on a mandate from European Commission to
– Support the requirements of the EU Directive and– the requirements for standards from users and industry
• First phase: Inventory and work programme– Reported on July 1 1999
• Current phase: Implementation of work programme by – CEN/ISSS: Electronic Signature Workshop– ETSI TC Security: Electronic Signature and Infrastructure WG
• Final drafts: September 25, 2000• Approval: November 2000• More information:
http://www.ict.etsi.fr/eessi/EESSI-homepage.htmhttp://www.cenorm.be/isss/workshop/e-sign/http://www.etsi.org/SEC/el-sign.htm
EESSI June 2000 Slide 5
EESSI standards overview
Signature creation process and environment
Signature validation process and environment
Signature formatand syntax
Creationdevice
Qualified Certificate policy
Trustworthy system
Certification Service Provider
User/signer Relying party/verifierCEN E-SIGN
ETSI ESI
Qualified certificateTime Stamp
EESSI June 2000 Slide 6
CSP Services provided by a CA
RevocationIssuance
CertificationIssuance
Certificate
Publishing
Certificate Revo-cation status
Time StampingService
Signed Transaction
Certification Authority (ultimate responsibility)
Subscriber Relying Party
CSP ResponseService Request Service Request CSP Response
External Trust Relations
Core Services
SupplementaryServices
Key
Registration Subscriber SCDProvision
EESSI June 2000 Slide 7
Qualified Certificate Policy
Subscriber Obligations
RA Obligations
RepositoryObligations
Liability
Relying PartyObligations
Environment
Requirements on CSP Practice
CA Obligations
Obligations and Liability
Key Life Cycle Management
Certificate Life Cycle Management
• Requirements specified in Directive’s Annex II
EESSI June 2000 Slide 8
Standards for Trustworthy Systems used by Certification Service Providers
Annex II: Certification service providers must:
(f) use trustworthy systems and products which are protected against modification and which must ensure the technical and cryptographic security of the processes supported by them
1. „Common Criteria Protection Profile“-style description for the entire CA system
2. Formal CC-PP for the Certification issuance subsystem
3. Formal CC-PP for the Registration subsystem
EESSI June 2000 Slide 10
What is a secure signature creation device?
• Signature-creation device ’means configured software or hardware used to implement the signature-creation data
• A secure signature creation device is a set of HW / SW elements capable to ensure ANNEX III to be matched.
• This includes those elements getting in touch with the „key“ [signature creation data] and the elements handling the „key“ access.
• The standard will focus on the more critical elements getting in touch with the „key“.
EESSI June 2000 Slide 11
Functions to be considered in the standard
• Key generation• When and where the signature creation data are composed• What constraints signature creation data have
• Key management• How the signature creation data are stored handled• How signature creation date relate to signature verification data •Initialisation/Personalisation
• If signature creation data are transferred in this phase• How the secrecy of the signature creation data is assured
•Lifecycle• How signature creation data are disposed
• Signature creation process• How signature creation data are handled
EESSI June 2000 Slide 12
What is the target for a Secure Signature Creation Device?
• The goal is to remain as technology neutral as possible.
• The standards must be as clear and as applicable as possible.
– Technical implementations might be• SMART CARDS• OTHER STAND ALONE DEVICE (USB ...)• ELECTRONIC WALLETS• PERSONAL DIGITAL ASSISTANTS• MOBILE COMMUNICATIN DEVICES• SECURE LAPTOPS OR COMPUTERS• ......?........
EESSI June 2000 Slide 13
Signature process and environment
Signature-DeviceSignature-Device
PKIPKI
Private KeyPrivate Key
CertificatesCertificates
Signature Environment’s Signature Environment’s Operating System & Operating System & Signature Application Signature Application ProcessesProcesses
IntentIntent
Pin-Pad +Pin-Pad +
AuthenticationAuthentication
Signature ParSignature Par
DocumentDocument
SignatureSignature
= Scope of standardization= Scope of standardization
Signature PolicySignature Policy
Cryptographic Profile
Other (un-trusted) Processes Other (un-trusted) Processes Other un-trusted inputs/outputsOther un-trusted inputs/outputs
UserUser
LocalLocalStorageStorage
• No mandatory requirements in the directive, i.e. voluntary to follow standard (manufacturer’s declaration)
EESSI June 2000 Slide 14
Different requirements in different physical locations
Signature ApplicationSystem
HomeHome
OfficeOffice
Public EnvironmentPublic Environment
UserUser
Signature Creation Device
EESSI June 2000 Slide 15
Signature verification:process and environment
• Only recommendations specified in Directive’s Annex IV• The standard introduces the concept of a Signature Policy• Validation process requirements
– Rules for Use of Certification Authorities and Trust Points– Certification Path– Revocation Rules– Rules for the Use of Timestamping and Timing– Rules for Verification Data to be followed– Rules for Algorithm Constraints and Key Lengths
• Validation environment requirements– Validation by human– Validation by machine
– Validation by Third Party
EESSI June 2000 Slide 16
EESSI standards overview
Signature creation process and environment
Signature validation process and environment
Signature formatand syntax
Creationdevice
Qualified Certificate policy
Trustworthy system
Certification Service Provider
User/signer Relying party/verifierCEN E-SIGN
ETSI ESI
Qualified certificateTime Stamp
EESSI June 2000 Slide 17
Electronic Signature Formats
. ES-C
Other SignedAttributes
DigitalSignature
ES-TElect. Signature (ES)
SignaturePolicy ID
Completecertificate
andrevocationreferences
Timestampover digitalsignature
• ETSI ES 201 733 recently approved• Based on CMS (RFC 2630)
EESSI June 2000 Slide 18
Profile for Qualified Certificates
• Requirements specified in Directive’s Annex I
• Standard for the use of X.509 public key certificates as qualified certificates
• European profile based on current IETF PKIX draft
• Draft to be approved by ETSI SEC in 4Q2000
EESSI June 2000 Slide 19
Conformity assessment
• Certificate Policy– Self-declared (but supervised), or– 3rd party audit (voluntary accreditation)
• Secure signature creation devices:– Mandatory 3rd party evaluation
• Signature creation environment products: – Manufacturer’s declarations
• Signature verification products:– Manufacturer’s declarations
EESSI June 2000 Slide 20
How can YOU participate??
• CEN/ISSS E-SIGN Workshop– Result: CEN Workshop Agreements– Chairman: [email protected]
• ETSI ESI Working Group– Result: ETSI Standards– Chariman: [email protected]
• For more information:– http://www.ict.etsi.org/eessi/EESSI-homepage.htm