7/24/2019 twg-00-25
1/27
1
Electronic Signature and PKIStandardisation in Europe
FPKI TWG Meeting, 7 JuneGaithersburg
Gyrgy Endersz, Telia Research AB, SwedenChairman ETSI ESI Working Group
Work-plan & Current Status
7/24/2019 twg-00-25
2/27
2
The Program and the Actors(Who is Who)
EU (European Commission) Electronic SignatureDirective provides a common framework for electronicsignatures. Harmonization of the aspects:
- legal- trust- technical
Industry and business, assisted by European standard bodies,will provide a framework for an open, market-orientedimplementation of the Directive
Information & Communications Technologies Standards Board:
co-operation between European standards bodies
G Endersz7 June 2000
7/24/2019 twg-00-25
3/27
3
EESSI
EESSI: European Electronic Signature Standardization Initiative,
launched by ITCSB
G Endersz
7 June 2000
European TelecommunicationsStandards Institute
7/24/2019 twg-00-25
4/27
4
EESSI Program Implementation
All deliverables to be published by the end of 2000
ETSI ESI Working Group
40-50 Participants, funded Specialist Task Force of 8
Result: ETSI Standards/Technical Specifications 2-4Q2000
Chairman: [email protected]
CEN/ISSS E-SIGN Workshop
70 participants, funded Expert Team of 12
Result: CEN Workshop Agreements 3-4Q2000 Chairman: [email protected]
G Endersz7 June 2000
7/24/2019 twg-00-25
5/27
5
Directive on a Community framework forelectronic signatures, 13 Dec 99
Ensures legal recognition of electronic signatures
Security and quality requirements in Annexes I-IV
Qualified certificates+secure signature-creation device=
advanced signatures hand-written signature
Other signatures recognised as well (Art 5.2)
Voluntary accreditation of service providers (tScheme,
NL.TTP, Italy, Austria, Germany.)
Technology-neutral
To be in place within 18 months
G Endersz7 June 2000
7/24/2019 twg-00-25
6/27
6
Annexes of the Directive
Annex I: Requirements for qualified certificates
Annex II: Requirements for certification-service-providers
issuing qualified certificates
Annex III: Requirements for secure signature-creation devices
Annex IV: Recommendations for secure signature verification
G Endersz7 June 2000
7/24/2019 twg-00-25
7/27
7
EESSI Standards overview
Signature
creation process
andenvironment
Signature
validation
process andenvironment
Signature
format
and syntax
Creation
device
Requirements
for CSPs
Trustworthy
system
Certification Service Provider
User/signer Relying party/
verifier
CEN E-SIGN
ETSI ESI
Qualified certificate
Time
Stamp
7/24/2019 twg-00-25
8/27
8
Requirements for CertificationService Providers (CSPs)
Functional, quality and security requirements expressedin Certificate Policy and security controls
Consistent requirements to provide the basis forimplementation, audit and accreditation
Current work responds to Directive requirements forCSPs issuing Qualified Certificates, Annex II
Requirements for other class(es) to meet market needs
G Endersz7 June 2000
7/24/2019 twg-00-25
9/27
7/24/2019 twg-00-25
10/27
10
Requirements for CSPs: Main headings
Obligations and liability
Requirements on CSP practice- CSP Environment- Key Management Life Cycle- Certificate Life Cycle
Definition of a specific QC policy
Annex: Cross-references to Directive and to RFC 2527
G Endersz
7 June 2000
7/24/2019 twg-00-25
11/27
11
Trustworthy Systems for CSPs
G Endersz
7 June 2000
Technical security requirements for products and
technology components used by CSPs to createcertificates for the use of advanced signatures.
To meet security requirements stated in the work
area Requirements for CSPs. Seek consistentoverlap of specifications.
Describe requirements as one or more ProtectionProfiles using Common Criteria. The use of FIPS
140-1 is considered for the cryptographic modulerequirements.
7/24/2019 twg-00-25
12/27
12
Profile for QualifiedCertificate (QC)
Standard for the use of X.509 public key certificates asqualified certificates
European profile based of current IETF PKIX draft asrequired by Annex I of the Directive
Draft to be approved by ETSI SEC in 4Q2000
G Endersz7 June 2000
7/24/2019 twg-00-25
13/27
13
G Endersz
7 June 2000
Qualified Certificate Statements
The profile uses the private extension defined in the IETF
Qualified Certificates profile, to include the following explicitstatements of the Issuer:
Statement claiming that the certificates is issued as a Qualifiedcertificate
Statement regarding limits on the value of transactions forwhich the certificate can be used
Statement regarding the type and identifier of the moduleprotecting the corresponding signature creation device(the private key)
G Endersz7 June 2000
7/24/2019 twg-00-25
14/27
14
SSCD: the trusted element at the
user
EU-directive requires SSCD to be evaluated andconfirmed by national bodies
A specific Common Criteria Protection Profile willaddress appropriateness
It reflects the requirements regulated in Annex IIIof the signature Directive
It is aimed to remain technology neutral as long assecurity is not impaired
Use of SSCD to be represented in QC
SSCD: Secure Signature Creation Device
7/24/2019 twg-00-25
15/27
15
The Scenario
SSCD
SSCD
HI
HI
I/O
I
trusted path
HI
I/O
trusted
trusted
Addressed by PPRerquirements toenvironment
SSCA Secure signaturecreation application
SSCDGA Secure signature creationdata generation application
Install
ation
O
peration
SCOPE
OFPP
TOE
TOE
The SSCD is the devicegetting in touch with theprivate key.
The SSCD comprises thewhole lifecycle.
The SSCD assumes anappropriate environmentfor its application.
Trusted paths are offered to
meet securityrequirements.
7/24/2019 twg-00-25
16/27
16
Methods of Use
SCD / SVG Generation
SVD Export
Signature-Creation
Trusted
PathSVD Import
Trusted
Path
SVD Import
PersonalisationUser
Authentication
Trusted
Path*
Trusted
Path**
Trusted
Path**
SSCD MoU1
SSCD MoU2
SCAUDO / SDO
SCDGASVD into Cert.
HIVerification Data
SCD / SVG Generation
SVD Export
Signature-Creation
Trusted
Path
PersonalisationUser
Authentication
Trusted
Path*
Trusted
Path**
Trusted
Path**
SSCD MoU3
SCAUDO / SDO
SCDGASVD into Cert.
HIVerification Data
7/24/2019 twg-00-25
17/27
17
Electronic Signature (ES)
Formats
Defines interoperable syntax and encoding for signature,
validation data and signature policyBuilds on exiting PKI and digital signature standards
Published as ETSI Standard (ES) 201 733 in 2Q2000
Proposed to IETF in March 2000 as an Informational RFC,based on the ES
Co-operative implementation project in preparation
to validate standard and provide software
Aim: to harmonise development with XML signatures
G Endersz7 June 2000
7/24/2019 twg-00-25
18/27
18
Forms OF ETSI ES
Electronic Signature (ES), which includes the digitalsignature and other basic information provided by the
signer ES with Timestamp (ES-T), which adds a timestamp to
the Electronic Signature, to take initial steps towardsproviding long term validity
ES with Complete validation data (ES-C), which adds tothe ES-T references to the complete set of datasupporting the validity of the electronic signature (i.e.revocation status information)
Extended ES-X to append and/or timestamp PKIverification data
Archive ES-A to overlay an ES-C or ES-X using strongeralgorithms
7/24/2019 twg-00-25
19/27
19
ETSI ES Signed Attributes
ETSI ES Mandatory Signed Attributes: Content Type {also mandatory in RFC 2630}
Message Digest {also mandatory as RFC 2630}
Signing Time
Signing Certificate (identification of) Signature Policy Identifier
This CMS signature structure is generated by the signer
Called the ETSI ES (Electronic signature)
7/24/2019 twg-00-25
20/27
20
.
Id-of signing
Certificate att
Digital
Signature
Elect. Signature (CMS with signed attributes)
Signature
Policy ID att
Signing time
Attribute
Content Type
Attributes
MessageDigest
Attributes
ES = The ETSI Electronic Signature as generated by the signer.
ETSI Electronic SignatureSigners Structures
7/24/2019 twg-00-25
21/27
21
. ES-C
Other SignedAttributes
DigitalSignature
ES-TElect. Signature(CMS signed attributes)
SignaturePolicy ID att
UnsignedAttribute:Complete
certificateand
revocationreferences
Unsignedattribute:
Timestampover digitalsignature
ES-T = The ETSI timestamp Electronic Signature
ES-C = The ETSI complete Electronic Signature with references to allinformation needed to check its validity
ETSI ES-T and ES-CVerifiers Structures
Unsigned attributes added for long term verification
7/24/2019 twg-00-25
22/27
22
Time-stamped ES-C
ES-C
Elect. Signature (ES) Completecertificate
andrevocation
references
Timestampover digital
signature
ES-X
Timestampover ES-COther Signed
AttributesDigital
Signature
Signature
Policy ID
7/24/2019 twg-00-25
23/27
23
Format and Protocol for Time Stamp
Profile based on current IETF PKIX draft
Time stamps used for signature validation, e.g. in ES
201 733
Draft to be approved by ETSI SEC in 4Q2000
G Endersz7 June 2000
7/24/2019 twg-00-25
24/27
24
Issues
Identification of subjects: in person?
Naming: the need for unique, permanent, border-less electronic identity
Management of cryptographic requirements
How can the relying party verify (on-line) the CAsliving conformance with the requirements
Requirements for other than QC: alternative trustlevels
Harmonisation of activities on Signing Policy withIETF and on XML version of ES with W3C
Timeliness: do IETF drafts for QC and Time Stampbecome stable this fall?
G Endersz
7 June 2000
7/24/2019 twg-00-25
25/27
25
Coming Events
Stable drafts to be presented at CEN/ISSS and ETSImeetings in Stockholm, 19-21 June. Joint session onRequirements for CSPs, 20 June
Requirements for CSPs available for public comments
from ETSI El-Sign Website early July
EESSI full day Workshop in Barcelona, 26 September.Co-located with the Information Security Solutions
Europe (ISSE) conference, 27-29 September
G Endersz7 June 2000
7/24/2019 twg-00-25
26/27
26
References
ETSI:http://www.etsi.org/sec/el-sign.htm
Sign up from Web-site to open El Sign mailing list
CEN:http://www.cenorm.be/isss/workshop/e-sign
EESSI:http://www.ict.etsi.org/eessi/EESSI-homepage.htm
ISSE Conference & Workshops:http://www.eema.org/isse
G Endersz7 June 2000
7/24/2019 twg-00-25
27/27
27
G Endersz7 June 2000
Acknowledgements
To my colleagues in the ETSI ESI WG, in particular to JohnRoss and Nick Pope of Security & Standards (#9, 18-22 ),and in the CEN E-Sign WS to Reinhard Posch, Universiry of
Graz (# 14-16 ) and Hans Nilsson of iD2, who all havecontributed to this presentation in one or another way