Telia Research ABGyörgy Endersz
2000-09-26
1
European Electronic Signature Standardisation Initiative
EESSI WorkshopBarcelona, 2000-09-26
György Endersz, Telia Research AB, SwedenChairman ETSI ESI Working Group
Status & International Issues
Telia Research ABGyörgy Endersz
2000-09-26
2
The Program and the Actors(Who is Who)
European Directive for Electronic Signatures (“The Directive”) provides a common framework for electronic signatures. Harmonization of the aspects:
- legal- trust- technical
Industry and business, assisted by European standard bodies, will provide a framework for an open, market-oriented implementation of the Directive
Information & Communications Technologies Standards Board: co-operation between European standards bodies
Article 9 Committee, as defined by the Directive
Telia Research ABGyörgy Endersz
2000-09-26
3
EESSI SG
EESSI: European Electronic Signature Standardization Initiative
European Telecommunications Standards Institute
Telia Research ABGyörgy Endersz
2000-09-26
4
EESSI Program Implementation
All deliverables to be published by the end of 2000
ETSI ESI Working Group 40-50 Participants, funded Specialist Task Force
of 8 Result: ETSI Technical Specifications 4Q2000 Chairman: [email protected]
CEN/ISSS E-SIGN Workshop 70 participants, funded Expert Team of 12 Result: CEN Workshop Agreements 4Q2000 Chairman: [email protected]
Telia Research ABGyörgy Endersz
2000-09-26
5
Directive “on a Community framework for electronic signatures, 13 Dec ‘99”
Ensures legal recognition of electronic signatures
Security and quality requirements in Annexes I-III
Qualified certificates+secure signature-creation device+
advanced signatures hand-written signature
Other signatures recognised as well (Art 5.2)
Voluntary accreditation of service providers (tScheme,
NL.TTP, Italy, Austria, Germany, Spain….)
Technology-neutral framework
To be in place within 18 months
Telia Research ABGyörgy Endersz
2000-09-26
6
Annexes of the Directive
Annex I: Requirements for qualified certificates
Annex II: Requirements for certification-service-providers
issuing qualified certificates
Annex III: Requirements for secure signature-creation devices
Annex IV: Recommendations for secure signature verification
Telia Research ABGyörgy Endersz
2000-09-26
7
EESSI Standards overview
Signature creation process and environment
Signature validation process and environment
Signature formatand syntax
Creationdevice
Requirements for CSPs
Trustworthy system
Certification Service Provider
User/signer Relying party/verifier
CEN E-SIGN
ETSI ESI
Qualified certificate
Time Stamp
Telia Research ABGyörgy Endersz
2000-09-26
8
Requirements for Certification Service Providers (CSPs) Functional, quality and security requirements expressed
in Certificate Policy and security controls
Consistent requirements to provide the basis for implementation, audit and approval
Current work responds to Directive requirements for CSPs issuing Qualified Certificates, Annex II
Requirements for other class(es) to meet market needs
Telia Research ABGyörgy Endersz
2000-09-26
9
Baseline Requirements• Security Management• PKI• Organisational
Obligations & Liability
Issuing CSP
Relying PartySubscriber
RADirectory
Qualified Certificate Policies- QCP Public- QCP Public + SSCD- Framework for other QCPs
Telia Research ABGyörgy Endersz
2000-09-26
10
Requirements for CSPs: Main Parts
Obligations and liability
Requirements on CSP practice- Key Management Life Cycle- Certificate Life Cycle
- CSP Management & Operation- Organisational
Definition of QC policies
Annex: Cross-references to Directive and to RFC 2527
Telia Research ABGyörgy Endersz
2000-09-26
11
Trustworthy Systems for CSPs
Technical security requirements for products and technology components used by CSPs to create certificates for the use of advanced signatures.
To meet security requirements stated in the work area „Requirements for CSPs“. Seek consistent overlap of specifications.
Describe requirements as one or more Protection Profiles using Common Criteria. The use of FIPS 140-1 is considered for the cryptographic module requirements.
Telia Research ABGyörgy Endersz
2000-09-26
12
Profile for Qualified Certificate (QC)
Standard for the use of X.509 public key certificates as qualified certificates
European profile based on current IETF PKIX draft as required by Annex I of the Directive. Mandates that the certificate is indicated as a QC either by policy identifier or QC extension.
Base IETF PKIX standard in IETF approval process. Ended IESG last call period 22 September.
Draft Technical Specification for approval by ETSI SEC in 4Q2000
Telia Research ABGyörgy Endersz
2000-09-26
13
Qualified Certificate Statements
The profile uses a private extension defined in the IETFQualified Certificates profile, to include the following explicit statements of the Issuer:
Statement claiming that the certificates is issued as a Qualified certificate
Statement regarding limits on the value of transactions for which the certificate can be used
Statement indicating the duration of the retention period during which registration information is archived
Telia Research ABGyörgy Endersz
2000-09-26
14
SSCD: the trusted element at the user
EU-directive requires SSCD to be evaluated and „confirmed“ by national bodies
A specific Common Criteria Protection Profile will address appropriateness
It reflects the requirements regulated in Annex III of the signature Directive
It is aimed to remain technology neutral as long as security is not impaired
Use of SSCD to be represented in QC
SSCD: Secure Signature Creation Device
Telia Research ABGyörgy Endersz
2000-09-26
15
The Scenario
SSCD
SSCD
HI
HI
I/O
I
trusted path
HI
I/O
trusted
trusted
Addressed by PPRerquirements toenvironment
SSCA Secure signature creation application
SSCDGA Secure signature creationdata generation application
Inst
alla
tion
Ope
ratio
n
SCO
PE O
F PP
TOE
TOE
The SSCD is the device „getting in touch“ with the private key.
The SSCD comprises the whole lifecycle.
The SSCD assumes an appropriate environment for its application.
Trusted paths are offered to meet security requirements.
Telia Research ABGyörgy Endersz
2000-09-26
16
Electronic Signature Formats
•Defines interoperable syntax and encoding for signature, validation data and signature policy. Builds on exiting PKI and digital signature standards
•Published as ETSI Standard (ES) 201 733 in May 2000. Amended version without mandatory time stamp for approval as ETSI Technical Specification in 4Q2000
•Submitted to IETF in July 2000 as Informational/Experimental RFCs, in two parts, based on the ES
•Co-operative implementation project in preparation to validate standard and provide free software
•Aim: to harmonise development with XML signatures. First working draft of XML-version: September 2000
Telia Research ABGyörgy Endersz
2000-09-26
17
.
Id-of signingCertificate att
DigitalSignature
Elect. Signature (CMS with signed attributes)
SignaturePolicy ID att
Signing timeAttribute
Content TypeAttributes
MessageDigest
Attributes
ES = The ETSI Electronic Signature as generated by the signer.
ETSI Electronic Signature
Signers Structures
Telia Research ABGyörgy Endersz
2000-09-26
18
. ES-C
Other SignedAttributes
DigitalSignature
ES-TElect. Signature (CMS signed attributes)
SignaturePolicy ID att
UnsignedAttribute:Completecertificate
andrevocationreferences
Unsignedattribute:
Timestampover digitalsignature
ES-T = The ETSI Timestamp Electronic Signature. Timestamp attribute may be absent, if secure records prove the time of the ESES-C = The ETSI complete Electronic Signature with references to all information needed to check its validity
ETSI ES-T and ES-C
Verifiers Structures
Unsigned attributes added for long term verification
Telia Research ABGyörgy Endersz
2000-09-26
19
Format and Protocol for Time Stamp
Profile based on current IETF PKIX draft
Time stamps used for signature validation, e.g. in ES 201 733 Electronic Signature Formats
Harmonisation of ISO-IETF activities: IETF draft may become a compatible subset of the ISO specifications
Draft Technical Specification to be approved by ETSI SEC in 4Q2000
Telia Research ABGyörgy Endersz
2000-09-26
20
EESSI Orientations
The standards should support different classes of requirements reflecting market needs for different security/quality levels
In this model the standards, where applicable, will offer alternative levels
Consistent sets chosen from the alternatives will meet a class of requirement, as illustrated in the following examples
Input by stakeholders needed
Telia Research ABGyörgy Endersz
2000-09-26
21
Non-Public orExtended Policies
Public UsePublic Usewith SSCD
Electronic Signature Electronic Signature
+ Validation DataElectronic Signature
+Val Data +Time stamp
Lower Level Qualified Level Higher Level
Lower Level Qualified Level
EESSI Standard
Qualified Certificate Policy
Electronic SignatureFormat
Qualified Certificate Format
Time-stampingProtocol
Security Requirementsfor Trustworthy Systems
SSCD
Qualified Certificate Profile
Time Stamping Profile
Option Within Standard
Qualified Electronic Signature
Telia Research ABGyörgy Endersz
2000-09-26
22
Non-Public orExtended Policies
Public UsePublic Usewith SSCD
Electronic Signature Electronic Signature
+ Validation DataElectronic Signature
+Val Data +Time stamp
Lower Level Qualified Level Higher Level
Lower Level Qualified Level
EESSI Standard
Qualified Certificate Policy
Electronic SignatureFormat
Qualified Certificate Format
Time-stampingProtocol
Security Requirementsfor Trustworthy Systems
SSCD
Qualified Certificate Profile
Time Stamping Profile
Option Within Standard
Qualified Electronic Signature with Long-term Validity
Telia Research ABGyörgy Endersz
2000-09-26
23
Non-Public orExtended Policies Public Use
Public Usewith SSCD
Electronic Signature Electronic Signature
+ Validation DataElectronic Signature
+Val Data +Time stamp
Lower Level Qualified Level Higher Level
Lower Level Qualified Level
EESSI Standard
Qualified Certificate Policy
Electronic SignatureFormat
Qualified Certificate Format
Time-stampingProtocol
Security Requirementsfor Trustworthy Systems
SSCD
Qualified Certificate Profile
Profile from IETF Timestamp Protocol
Option Within Standard
Electronic Signature Using Qualified Certificate
Telia Research ABGyörgy Endersz
2000-09-26
24
International Issues
Recognition of conformance to SSCD requirements
Cross-recognition of “certification policy”
On-line validation of CSP status
Harmonization of interoperability standards
Telia Research ABGyörgy Endersz
2000-09-26
25
Cross-recognition of conformance to SSCD requirements
In general: CC MRA: Arrangement on the Mutual Recognition
of CC Certificates in the Field of IT Security
The Directive: Designated Body (Art. 3.4) issues statement that
the SSCD conforms to Annex III requirements Can be based on certificate obtained by the CC
MRA but formally independent decision
Telia Research ABGyörgy Endersz
2000-09-26
26
Cross-recognition of ‘certification policy’
The aim is establishment of trust, optimally at the time of
the transaction policy mapping
Cross recognition provides equivalent quality. Can be represented in machine-readable form
Cross-certification, the “bridge-CA” concept
“Foreign” certificates = qualified certificates if….
Review and update of cryptographic requirements will affect cross-recognition at the international level
Telia Research ABGyörgy Endersz
2000-09-26
27
On-line validation of CSP status
National schemes include procedures to make such information available, e.g. CSP not bale to fulfill obligations, failed audit, etc
Agreed, simple formats and mechanisms are needed to store and retrieve such information
Not addressed yet: gray zone between accreditation/approval and technical interoperation
Telia Research ABGyörgy Endersz
2000-09-26
28
Harmonization of interoperability standards
Profiles based on IETF RFCs: Qualified Certificate and Time Stamp: the consistency issue
Partial interoperability of ISO and IETF standards for time stamping
ES Formats standard: harmonisation of activities - on Signing Policy with IETF and - on XML version of ES Formats with W3C and EDI/XML
Telia Research ABGyörgy Endersz
2000-09-26
29
Other Issues
•Identification of subjects: in person?
•Management of cryptographic requirements
•Requirements for other than QC: alternative trust levels. Impact on SSCD, CSP Policy and trustworthy system
•The need for unique, permanent, borderless electronic identity
Telia Research ABGyörgy Endersz
2000-09-26
30
Events Calendar
Drafts of amended ES Format, Qualified Certificate and Time Stamp posted by on Web-site for public consultation 22 September. Comments period ends 13 October.
Drafts of SSCD, Trustworthy Systems, Signature Creation and Verification posted on Web-site for public consultation end of September. Comments period ends 31 October.
EESSI Workshop in Barcelona, 26 September. Co-located with the Information Security Solutions Europe (ISSE) conference, 27-29 September
CEN/ISSS E-Sign meeting: 2-3 October, Barcelona ESI WG meeting: 16-17 October, Milan CEN/ISSS E-Sign WS and ETSI ESI WG meetings, including
Joint session, 20-22 November, Brussels
Telia Research ABGyörgy Endersz
2000-09-26
31
References
ETSI:http://www.etsi.org/sec/el-sign.htmSign up from Web-site to open El Sign mailing list
CEN:http://www.cenorm.be/isss/workshop/e-sign
EESSI: http://www.ict.etsi.org/eessi/EESSI-homepage.htm
ISSE Conference & Workshops:http://www.eema.org/isse