-
7/24/2019 twg-00-25
1/27
1
Electronic Signature and PKIStandardisation in Europe
FPKI TWG Meeting, 7 JuneGaithersburg
Gyrgy Endersz, Telia Research AB, SwedenChairman ETSI ESI
Working Group
[email protected]
Work-plan & Current Status
-
7/24/2019 twg-00-25
2/27
2
The Program and the Actors(Who is Who)
EU (European Commission) Electronic SignatureDirective provides
a common framework for electronicsignatures. Harmonization of the
aspects:
- legal- trust- technical
Industry and business, assisted by European standard bodies,will
provide a framework for an open, market-orientedimplementation of
the Directive
Information & Communications Technologies Standards
Board:
co-operation between European standards bodies
G Endersz7 June 2000
-
7/24/2019 twg-00-25
3/27
3
EESSI
EESSI: European Electronic Signature Standardization
Initiative,
launched by ITCSB
G Endersz
7 June 2000
European TelecommunicationsStandards Institute
-
7/24/2019 twg-00-25
4/27
4
EESSI Program Implementation
All deliverables to be published by the end of 2000
ETSI ESI Working Group
40-50 Participants, funded Specialist Task Force of 8
Result: ETSI Standards/Technical Specifications 2-4Q2000
Chairman: [email protected]
CEN/ISSS E-SIGN Workshop
70 participants, funded Expert Team of 12
Result: CEN Workshop Agreements 3-4Q2000 Chairman:
[email protected]
G Endersz7 June 2000
-
7/24/2019 twg-00-25
5/27
5
Directive on a Community framework forelectronic signatures, 13
Dec 99
Ensures legal recognition of electronic signatures
Security and quality requirements in Annexes I-IV
Qualified certificates+secure signature-creation device=
advanced signatures hand-written signature
Other signatures recognised as well (Art 5.2)
Voluntary accreditation of service providers (tScheme,
NL.TTP, Italy, Austria, Germany.)
Technology-neutral
To be in place within 18 months
G Endersz7 June 2000
-
7/24/2019 twg-00-25
6/27
6
Annexes of the Directive
Annex I: Requirements for qualified certificates
Annex II: Requirements for certification-service-providers
issuing qualified certificates
Annex III: Requirements for secure signature-creation
devices
Annex IV: Recommendations for secure signature verification
G Endersz7 June 2000
-
7/24/2019 twg-00-25
7/27
7
EESSI Standards overview
Signature
creation process
andenvironment
Signature
validation
process andenvironment
Signature
format
and syntax
Creation
device
Requirements
for CSPs
Trustworthy
system
Certification Service Provider
User/signer Relying party/
verifier
CEN E-SIGN
ETSI ESI
Qualified certificate
Time
Stamp
-
7/24/2019 twg-00-25
8/27
8
Requirements for CertificationService Providers (CSPs)
Functional, quality and security requirements expressedin
Certificate Policy and security controls
Consistent requirements to provide the basis forimplementation,
audit and accreditation
Current work responds to Directive requirements forCSPs issuing
Qualified Certificates, Annex II
Requirements for other class(es) to meet market needs
G Endersz7 June 2000
-
7/24/2019 twg-00-25
9/27
-
7/24/2019 twg-00-25
10/27
10
Requirements for CSPs: Main headings
Obligations and liability
Requirements on CSP practice- CSP Environment- Key Management
Life Cycle- Certificate Life Cycle
Definition of a specific QC policy
Annex: Cross-references to Directive and to RFC 2527
G Endersz
7 June 2000
-
7/24/2019 twg-00-25
11/27
11
Trustworthy Systems for CSPs
G Endersz
7 June 2000
Technical security requirements for products and
technology components used by CSPs to createcertificates for the
use of advanced signatures.
To meet security requirements stated in the work
area Requirements for CSPs. Seek consistentoverlap of
specifications.
Describe requirements as one or more ProtectionProfiles using
Common Criteria. The use of FIPS
140-1 is considered for the cryptographic
modulerequirements.
-
7/24/2019 twg-00-25
12/27
12
Profile for QualifiedCertificate (QC)
Standard for the use of X.509 public key certificates
asqualified certificates
European profile based of current IETF PKIX draft asrequired by
Annex I of the Directive
Draft to be approved by ETSI SEC in 4Q2000
G Endersz7 June 2000
-
7/24/2019 twg-00-25
13/27
13
G Endersz
7 June 2000
Qualified Certificate Statements
The profile uses the private extension defined in the IETF
Qualified Certificates profile, to include the following
explicitstatements of the Issuer:
Statement claiming that the certificates is issued as a
Qualifiedcertificate
Statement regarding limits on the value of transactions forwhich
the certificate can be used
Statement regarding the type and identifier of the
moduleprotecting the corresponding signature creation device(the
private key)
G Endersz7 June 2000
-
7/24/2019 twg-00-25
14/27
14
SSCD: the trusted element at the
user
EU-directive requires SSCD to be evaluated andconfirmed by
national bodies
A specific Common Criteria Protection Profile willaddress
appropriateness
It reflects the requirements regulated in Annex IIIof the
signature Directive
It is aimed to remain technology neutral as long assecurity is
not impaired
Use of SSCD to be represented in QC
SSCD: Secure Signature Creation Device
-
7/24/2019 twg-00-25
15/27
15
The Scenario
SSCD
SSCD
HI
HI
I/O
I
trusted path
HI
I/O
trusted
trusted
Addressed by PPRerquirements toenvironment
SSCA Secure signaturecreation application
SSCDGA Secure signature creationdata generation application
Install
ation
O
peration
SCOPE
OFPP
TOE
TOE
The SSCD is the devicegetting in touch with theprivate key.
The SSCD comprises thewhole lifecycle.
The SSCD assumes anappropriate environmentfor its
application.
Trusted paths are offered to
meet securityrequirements.
-
7/24/2019 twg-00-25
16/27
16
Methods of Use
SCD / SVG Generation
SVD Export
Signature-Creation
Trusted
PathSVD Import
Trusted
Path
SVD Import
PersonalisationUser
Authentication
Trusted
Path*
Trusted
Path**
Trusted
Path**
SSCD MoU1
SSCD MoU2
SCAUDO / SDO
SCDGASVD into Cert.
HIVerification Data
SCD / SVG Generation
SVD Export
Signature-Creation
Trusted
Path
PersonalisationUser
Authentication
Trusted
Path*
Trusted
Path**
Trusted
Path**
SSCD MoU3
SCAUDO / SDO
SCDGASVD into Cert.
HIVerification Data
-
7/24/2019 twg-00-25
17/27
17
Electronic Signature (ES)
Formats
Defines interoperable syntax and encoding for signature,
validation data and signature policyBuilds on exiting PKI and
digital signature standards
Published as ETSI Standard (ES) 201 733 in 2Q2000
Proposed to IETF in March 2000 as an Informational RFC,based on
the ES
Co-operative implementation project in preparation
to validate standard and provide software
Aim: to harmonise development with XML signatures
G Endersz7 June 2000
-
7/24/2019 twg-00-25
18/27
18
Forms OF ETSI ES
Electronic Signature (ES), which includes the digitalsignature
and other basic information provided by the
signer ES with Timestamp (ES-T), which adds a timestamp to
the Electronic Signature, to take initial steps towardsproviding
long term validity
ES with Complete validation data (ES-C), which adds tothe ES-T
references to the complete set of datasupporting the validity of
the electronic signature (i.e.revocation status information)
Extended ES-X to append and/or timestamp PKIverification
data
Archive ES-A to overlay an ES-C or ES-X using
strongeralgorithms
-
7/24/2019 twg-00-25
19/27
19
ETSI ES Signed Attributes
ETSI ES Mandatory Signed Attributes: Content Type {also
mandatory in RFC 2630}
Message Digest {also mandatory as RFC 2630}
Signing Time
Signing Certificate (identification of) Signature Policy
Identifier
This CMS signature structure is generated by the signer
Called the ETSI ES (Electronic signature)
-
7/24/2019 twg-00-25
20/27
20
.
Id-of signing
Certificate att
Digital
Signature
Elect. Signature (CMS with signed attributes)
Signature
Policy ID att
Signing time
Attribute
Content Type
Attributes
MessageDigest
Attributes
ES = The ETSI Electronic Signature as generated by the
signer.
ETSI Electronic SignatureSigners Structures
-
7/24/2019 twg-00-25
21/27
21
. ES-C
Other SignedAttributes
DigitalSignature
ES-TElect. Signature(CMS signed attributes)
SignaturePolicy ID att
UnsignedAttribute:Complete
certificateand
revocationreferences
Unsignedattribute:
Timestampover digitalsignature
ES-T = The ETSI timestamp Electronic Signature
ES-C = The ETSI complete Electronic Signature with references to
allinformation needed to check its validity
ETSI ES-T and ES-CVerifiers Structures
Unsigned attributes added for long term verification
-
7/24/2019 twg-00-25
22/27
22
Time-stamped ES-C
ES-C
Elect. Signature (ES) Completecertificate
andrevocation
references
Timestampover digital
signature
ES-X
Timestampover ES-COther Signed
AttributesDigital
Signature
Signature
Policy ID
-
7/24/2019 twg-00-25
23/27
23
Format and Protocol for Time Stamp
Profile based on current IETF PKIX draft
Time stamps used for signature validation, e.g. in ES
201 733
Draft to be approved by ETSI SEC in 4Q2000
G Endersz7 June 2000
-
7/24/2019 twg-00-25
24/27
24
Issues
Identification of subjects: in person?
Naming: the need for unique, permanent, border-less electronic
identity
Management of cryptographic requirements
How can the relying party verify (on-line) the CAsliving
conformance with the requirements
Requirements for other than QC: alternative trustlevels
Harmonisation of activities on Signing Policy withIETF and on
XML version of ES with W3C
Timeliness: do IETF drafts for QC and Time Stampbecome stable
this fall?
G Endersz
7 June 2000
-
7/24/2019 twg-00-25
25/27
25
Coming Events
Stable drafts to be presented at CEN/ISSS and ETSImeetings in
Stockholm, 19-21 June. Joint session onRequirements for CSPs, 20
June
Requirements for CSPs available for public comments
from ETSI El-Sign Website early July
EESSI full day Workshop in Barcelona, 26 September.Co-located
with the Information Security Solutions
Europe (ISSE) conference, 27-29 September
G Endersz7 June 2000
-
7/24/2019 twg-00-25
26/27
26
References
ETSI:http://www.etsi.org/sec/el-sign.htm
Sign up from Web-site to open El Sign mailing list
CEN:http://www.cenorm.be/isss/workshop/e-sign
EESSI:http://www.ict.etsi.org/eessi/EESSI-homepage.htm
ISSE Conference & Workshops:http://www.eema.org/isse
G Endersz7 June 2000
-
7/24/2019 twg-00-25
27/27
27
G Endersz7 June 2000
Acknowledgements
To my colleagues in the ETSI ESI WG, in particular to JohnRoss
and Nick Pope of Security & Standards (#9, 18-22 ),and in the
CEN E-Sign WS to Reinhard Posch, Universiry of
Graz (# 14-16 ) and Hans Nilsson of iD2, who all havecontributed
to this presentation in one or another way
