CAB Forum Certification Authorities, Web Browsers, and Interested Parties Working to Secure the Web

Home » ETSI – European Telecommunications Standards Institute

ETSI – European Telecommunications Standards Institute

https://portal.etsi.org/tbsitemap/esi/trustserviceproviders.aspx

News Updates from the Electronic Signatures and Infrastructures (ESI) Technical Committee

Revisions of EN 319 401, EN 319 411-1, and EN 319 411-2 will be available soon. EN 319 411-3 is to be merged into EN 319 411-1 in order to align it with the latest EU regulation on eID and trust services (eIDAS – EU 910/2014). It should be available for public review by the end of 2014. Further information on standards for Certification Authorities and other Trust Service Providers can be found at:

http://www.etsi.org/index.php/technologies-clusters/technologies/security/certification-authorities-and-other-trust-service-providers

For the most current version of the following published standards, you can also use the number for that ETSI standard on this search page:

http://www.etsi.org/standards-search

Specialist Task Force 457 works on Framework and Coordination Activities – coordinating the fulfilment of the Rationalised Framework for electronic signature standards across all areas as defined in Phase 1a and in line with mandate M/460, and at executing tasks that requires joint ETSI-CEN activities with regards to the fulfilment of the Rationalised Framework. It also addresses cryptographic suites which overlap with standardisation addressed by both CEN and ETSI.

STF 458 works on Trust Service Providers (TSP) Supporting electronic signatures: To align specifications for TSP supporting electronic signatures with the rationalised framework, addressing any gaps identified in the rationalised framework work plan, and the progression of all the relevant specifications to EN status.

Past Year’s Report on ESI Activities

Specialist Task Force 438: Guidance on TS 102 042 for CAB Forum Baseline Certificates

Conformity Assessment – TS 119-403 (to be converted into EN 319 403)

Trust Service Provider Conformity Assessment – Requirements for conformity assessment bodies assessing Trust Service Providers – TS 119 403 V2.1.1 (2014-11) (pdf)

General Policy Requirements for CAs – EN 319 401 and EN 319 411-1

General Policy Requirements for Trust Service Providers supporting Electronic Signatures – Final draft EN 319 401 V1.1.1 (2012-11) (pdf)

General Policy Requirements for Trust Service Providers supporting Electronic Signatures – Draft EN 319 401 V1.1.1 (2012-03) (pdf)

Part 1: Policy requirements for Certification Authorities issuing web site certificates – Stable Draft EN 319 411-1 V0.0.4 (2013-11) (pdf)

Data and Record Systems Security – TS 101 533-1

Data Preservation Systems Security; Part 1: Requirements for Implementation and Management – TS 101 533-1 V1.2.1 (2011-12) (pdf)

Information Preservation Systems Security; Part 1: Requirements for Implementation and Management – TS 101 533-1 V1.1.1 (2011-05) (pdf)

Qualified Certificates – EN 319 411-2 (replaces TS 101 456)

Policy requirements for certification authorities issuing qualified certificates – TS 101 456 V1.4.3 (2007-05) (pdf)

Guidance on TS 101 456 (Policy Requirements for certification authorities issuing qualified certificates) – TR 102 437 V1.1.1 (2006-10) (pdf)

Mapping Comparison Matrix between the US Federal Bridge CA Certificate Policy and the European Qualified Certificate Policy (TS 101 456) – TR 102 458 V1.1.1 (2006-04) (pdf)

Part 2: Policy requirements for certification authorities issuing qualified certificates – EN 319 411-2 V1.1.1 (2013-01) (pdf)

Publicly Trusted Certificates – EN 319 411-3 (replaces TS 102 042)

Technical Specification: Policy requirements for certification authorities issuing public key certificates – TS 102 042 V2.4.1 (2013-02) (pdf)

Guidance for Auditors and CSPs on ETSI TS 102 042 for Issuing Publicly-Trusted TLS/SSL Certificates – TR 103 123 V.1.1.1 (2012-11) (pdf)

Final draft ETSI EN 319 411-3 V1.1.0 (2012-11)

Draft ETSI EN 319 411-3 V1.0.0 (2012-04)

Extended Validation Certificates – TS 103 090 and TR 101 564

Guidance for assessment of CAs issuing EV Certificates against TS 102 042 and the EV Guidelines – ETSI TR 101 564 V1.1.1 (2011-09) (pdf)

Conformity Assessment for Trust Service Providers (TSP) issuing EV Certificates – ETSI TS 103 090 V1.1.1 (2012-04) (pdf)

Certificate Profiles – TS 119 412 and EN 319 412

Part 1: Overview and common data structures- EN 319 412-1 V0.0.4 (2013-09) (pdf)

Part 2: Certificate Profile for certificates issued to natural persons – TS 119 412-2 V1.2.1(2013-08) (pdf)

Part 2: Certificate Profile for certificates issued to natural persons – TS 119 412-2 V1.1.1 (2012-04) (pdf)

Part 3: Certificate profile for certificates issued to legal persons – EN 319 412-3 V0.0.4 (2013-09) (pdf)

Part 4: Certificate profile for web site certificates issued to organisations -EN 319 412-4 V0.0.5 (2013-09) (pdf)

Part 5: Extension for Qualified Certificate profile – EN 319 412-5 V1.1.1 (2013-01) (pdf)

(Replaces TS 101 862 – Qualified certificate profile)

Time Stamping – EN 319 421 (replaces TS 101 861)

Time-stamping protocol and electronic time-stamp profiles – EN 319 422 (pdf)

will replace

Time stamping profile -TS 101 861 V1.4.1 (2011-07) (pdf)

Policy and Security Requirements for Trust Service Providers issuing Electronic Time-Stamps – EN 319 421 (pdf)

will replace

Policy requirements for time-stamping authorities – TS 102 023 V1.2.2 (2008-10) (pdf)

Electronic signature formats – TS 101 733 V1.3.1 (2002-02) (pdf)

CEN is also working on a security Protection Profile (PP) for time-stamping systems.

Trusted Lists – Harmonization of Status Information

Human-Readable Trust List

EU Lists of Lists

Technical Specification for Trusted Lists – TS 119 612 (pdf)

Technical Specification for Harmonized Trust-service status information – TS 102 231 (pdf)

Technical Report: Provision of harmonized Trust Service Provider status information – TR 102 030 V1.1.1 (2002-03) (pdf)

International Harmonization of Policy Requirements for CAs issuing Certificates -TR 102 040 V1.3.1 (2005-03) (pdf)