Press Release

A digital Europe built on trust – ENISA guidelines on uptake of Qualified Trust Services

ENISA has developed a concise set of six technical guidelines on trust services with the purpose of providing technical guidance and promoting the uptake of qualified trust services (QTS).

Published on December 19, 2017

© Copyright: Shutterstock

In order to ensure a high-level security of qualified trust services, the electronic identification, authentication and trust services regulation (eIDAS) foresees an active supervision scheme of qualified trust service providers (QTSP) and the qualified trust services (QTS) they provide by the national competent supervisory bodies (SB). The SB supervise, ex ante and ex post, the fulfilment of the regulation’s legal requirements and obligations.

eIDAS aims to ensure that the QTSP and the QTS they provide meet the requirements laid down from initiation up to termination of such services. The following reports provide recommendations and guidelines to eIDAS stakeholders:

Working towards a harmonized adoption of the eIDAS regulation, further guidance is needed in order to support the fulfilment of requirements originating from the non-mandatory articles of the regulation. QTSP should therefore take appropriate technical and organisational measures to manage the risks posed to the security of the trust services they provide and to prevent and minimise the impact of security incidents.

Moreover, guidelines are needed to support the QTSP to prepare for the conformity assessment with respect to the eIDAS regulation requirements and obligations. Within this scope, ENISA has prepared the following reports:

The eIDAS regulation provides a regulatory environment for the electronic identification of natural and legal persons and for a set of electronic trust services, namely electronic signatures, seals, time stamps, registered delivery services and certificates for website authentication.

The eIDAS regulation sets the principle of non-discrimination of the legal effects and admissibility of electronic signatures, electronic seals, electronic time stamps, electronic registered delivery services and electronic documents as evidence in legal proceedings. Courts (or other bodies in charge of legal proceedings) cannot discard them as evidence only because they are electronic, but have to assess these tools in the same way they would do for their paper equivalent.

To further enhance the trust of small and medium-sized enterprises and consumers in the internal market and to promote the use of trust services and products, the eIDAS regulation introduces the notions of quality trust service and quality trust service provider with a view to indicating requirements and obligations that ensure high-level security and a higher presumption of their legal effect.

For more information on ENISA’s activities on trust services, please visit www.enisa.europa.eu/topics/trust-services or contact us at trust@enisa.europa.eu.

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more