Navigation and service

BSI - Federal Office for Information Security (Link to homepage)

Standards

The following figure provides a good overview of the standards generally used in the context of electronic signatures and seals.

Die abgebildeten Normen und Standards decken vollständig den Life-Cycle der elektronischen Signaturen und Siegel sowie die Beweiswerterhaltung kryptographisch signierter Dokumente ab.

The standards shown cover the complete lifecycle of electronic signatures and seals as well as the preservation of the evidential value of cryptographically signed documents.

ISO 14721 together with DIN 31644 to DIN 31646 deal with aspects of the preservation of information of electronic documents. The corresponding European standards (EN) and ETSI specifications consider aspects of the technical design of signatures and seals.

RFC4998 and RFC6283 specify the syntax of evidence records and the associated processes for preserving the integrity, authenticity and "proof of existence" for one or more documents.

The ISO 14533 standard consists of two parts:

  1. Part 1: Long term signature profile for CMS-Advanced Electronic Signatures (CAdES) and
  2. Part 2: Long term signature profile for XML-Advanced Electronic Signatures (XAdES).

The purpose of the ISO-14533 standard is to specify the elements that enable verification of electronic signatures over a long period, based on C/XAdES and evidence records.
DIN 31647 and the technical guideline of BSI TR-03125 (TR-ESOR) describe the measures on the basis of RFC4998 and RFC6283 that are required to preserve the evidential value of cryptographically protected data. With regard to the signature and time stamp format, TR 03125 TR-ESOR of the BSI is based on the latest "COMMISSION IMPLEMENTING DECISION (EU) 2015/1506 dated 8 September 2015 laying down specifications relating to formats of advanced electronic signatures and advanced seals" pursuant to eIDAS.

eIDAS Regulation

Regulation (EU) No 910/2014 has thus far been supplemented by four implementing acts in the field of trust services:

  • (EU) 2015/806 relating to the form of the EU trust mark for qualified trust services,
  • (EU) 2015/1505 laying down technical specifications and formats relating to trusted lists,
  • (EU) 2015/1506 laying down specifications relating to formats of advanced electronic signatures and advanced seals to be recognised by public sector bodies for electronic transactions in the internal market,
  • (EU) 2016/650 laying down standards for the security assessment of qualified signature and seal creation devices,
    The implementing acts above specify the technical framework in more precise terms.

Chapter 2 of “basics of Digital Signature Techniques and Trust Services” gives an overview on the eIDAS Standards.

  • 2.1 Introduction
  • 2.2 Overview eIDAS ecosystem
  • 2.3 General Standards
  • 2.4 Trust Services and Formats for (qualified) electronic signatures and seals
  • 2.5 Trust services (creation)
  • 2.6 Trust services (Validation)
  • 2.7 Trust services – Preservation

Downloads

Similar topics

Back to Electronic signatures