Telia Research ABGyörgy Endersz

2000-09-26

1

European Electronic Signature Standardisation Initiative

EESSI WorkshopBarcelona, 2000-09-26

György Endersz, Telia Research AB, SwedenChairman ETSI ESI Working Group

gyorgy.g.endersz@telia.se

Status & International Issues

Telia Research ABGyörgy Endersz

2000-09-26

2

The Program and the Actors(Who is Who)

European Directive for Electronic Signatures (“The Directive”) provides a common framework for electronic signatures. Harmonization of the aspects:

- legal- trust- technical

Industry and business, assisted by European standard bodies, will provide a framework for an open, market-oriented implementation of the Directive

Information & Communications Technologies Standards Board: co-operation between European standards bodies

Article 9 Committee, as defined by the Directive

Telia Research ABGyörgy Endersz

2000-09-26

3

EESSI SG

EESSI: European Electronic Signature Standardization Initiative

European Telecommunications Standards Institute

Telia Research ABGyörgy Endersz

2000-09-26

4

EESSI Program Implementation

All deliverables to be published by the end of 2000

ETSI ESI Working Group 40-50 Participants, funded Specialist Task Force

of 8 Result: ETSI Technical Specifications 4Q2000 Chairman: gyorgy.g.endersz@telia.se

CEN/ISSS E-SIGN Workshop 70 participants, funded Expert Team of 12 Result: CEN Workshop Agreements 4Q2000 Chairman: hans.nilsson@id2tech.com

Telia Research ABGyörgy Endersz

2000-09-26

5

Directive “on a Community framework for electronic signatures, 13 Dec ‘99”

Ensures legal recognition of electronic signatures

Security and quality requirements in Annexes I-III

Qualified certificates+secure signature-creation device+

advanced signatures hand-written signature

Other signatures recognised as well (Art 5.2)

Voluntary accreditation of service providers (tScheme,

NL.TTP, Italy, Austria, Germany, Spain….)

Technology-neutral framework

To be in place within 18 months

Telia Research ABGyörgy Endersz

2000-09-26

6

Annexes of the Directive

Annex I: Requirements for qualified certificates

Annex II: Requirements for certification-service-providers

issuing qualified certificates

Annex III: Requirements for secure signature-creation devices

Annex IV: Recommendations for secure signature verification

Telia Research ABGyörgy Endersz

2000-09-26

7

EESSI Standards overview

Signature creation process and environment

Signature validation process and environment

Signature formatand syntax

Creationdevice

Requirements for CSPs

Trustworthy system

Certification Service Provider

User/signer Relying party/verifier

CEN E-SIGN

ETSI ESI

Qualified certificate

Time Stamp

Telia Research ABGyörgy Endersz

2000-09-26

8

Requirements for Certification Service Providers (CSPs) Functional, quality and security requirements expressed

in Certificate Policy and security controls

Consistent requirements to provide the basis for implementation, audit and approval

Current work responds to Directive requirements for CSPs issuing Qualified Certificates, Annex II

Requirements for other class(es) to meet market needs

Telia Research ABGyörgy Endersz

2000-09-26

9

Baseline Requirements• Security Management• PKI• Organisational

Obligations & Liability

Issuing CSP

Relying PartySubscriber

RADirectory

Qualified Certificate Policies- QCP Public- QCP Public + SSCD- Framework for other QCPs

Telia Research ABGyörgy Endersz

2000-09-26

10

Requirements for CSPs: Main Parts

Obligations and liability

Requirements on CSP practice- Key Management Life Cycle- Certificate Life Cycle

- CSP Management & Operation- Organisational

Definition of QC policies

Annex: Cross-references to Directive and to RFC 2527

Telia Research ABGyörgy Endersz

2000-09-26

11

Trustworthy Systems for CSPs

Technical security requirements for products and technology components used by CSPs to create certificates for the use of advanced signatures.

To meet security requirements stated in the work area „Requirements for CSPs“. Seek consistent overlap of specifications.

Describe requirements as one or more Protection Profiles using Common Criteria. The use of FIPS 140-1 is considered for the cryptographic module requirements.

Telia Research ABGyörgy Endersz

2000-09-26

12

Profile for Qualified Certificate (QC)

Standard for the use of X.509 public key certificates as qualified certificates

European profile based on current IETF PKIX draft as required by Annex I of the Directive. Mandates that the certificate is indicated as a QC either by policy identifier or QC extension.

Base IETF PKIX standard in IETF approval process. Ended IESG last call period 22 September.

Draft Technical Specification for approval by ETSI SEC in 4Q2000

Telia Research ABGyörgy Endersz

2000-09-26

13

Qualified Certificate Statements

The profile uses a private extension defined in the IETFQualified Certificates profile, to include the following explicit statements of the Issuer:

Statement claiming that the certificates is issued as a Qualified certificate

Statement regarding limits on the value of transactions for which the certificate can be used

Statement indicating the duration of the retention period during which registration information is archived

Telia Research ABGyörgy Endersz

2000-09-26

14

SSCD: the trusted element at the user

EU-directive requires SSCD to be evaluated and „confirmed“ by national bodies

A specific Common Criteria Protection Profile will address appropriateness

It reflects the requirements regulated in Annex III of the signature Directive

It is aimed to remain technology neutral as long as security is not impaired

Use of SSCD to be represented in QC

SSCD: Secure Signature Creation Device

Telia Research ABGyörgy Endersz

2000-09-26

15

The Scenario

SSCD

SSCD

HI

HI

I/O

I

trusted path

HI

I/O

trusted

trusted

Addressed by PPRerquirements toenvironment

SSCA Secure signature creation application

SSCDGA Secure signature creationdata generation application

Inst

alla

tion

Ope

ratio

n

SCO

PE O

F PP

TOE

TOE

The SSCD is the device „getting in touch“ with the private key.

The SSCD comprises the whole lifecycle.

The SSCD assumes an appropriate environment for its application.

Trusted paths are offered to meet security requirements.

Telia Research ABGyörgy Endersz

2000-09-26

16

Electronic Signature Formats

•Defines interoperable syntax and encoding for signature, validation data and signature policy. Builds on exiting PKI and digital signature standards

•Published as ETSI Standard (ES) 201 733 in May 2000. Amended version without mandatory time stamp for approval as ETSI Technical Specification in 4Q2000

•Submitted to IETF in July 2000 as Informational/Experimental RFCs, in two parts, based on the ES

•Co-operative implementation project in preparation to validate standard and provide free software

•Aim: to harmonise development with XML signatures. First working draft of XML-version: September 2000

Telia Research ABGyörgy Endersz

2000-09-26

17

.

Id-of signingCertificate att

DigitalSignature

Elect. Signature (CMS with signed attributes)

SignaturePolicy ID att

Signing timeAttribute

Content TypeAttributes

MessageDigest

Attributes

ES = The ETSI Electronic Signature as generated by the signer.

ETSI Electronic Signature

Signers Structures

Telia Research ABGyörgy Endersz

2000-09-26

18

. ES-C

Other SignedAttributes

DigitalSignature

ES-TElect. Signature (CMS signed attributes)

SignaturePolicy ID att

UnsignedAttribute:Completecertificate

andrevocationreferences

Unsignedattribute:

Timestampover digitalsignature

ES-T = The ETSI Timestamp Electronic Signature. Timestamp attribute may be absent, if secure records prove the time of the ESES-C = The ETSI complete Electronic Signature with references to all information needed to check its validity

ETSI ES-T and ES-C

Verifiers Structures

Unsigned attributes added for long term verification

Telia Research ABGyörgy Endersz

2000-09-26

19

Format and Protocol for Time Stamp

Profile based on current IETF PKIX draft

Time stamps used for signature validation, e.g. in ES 201 733 Electronic Signature Formats

Harmonisation of ISO-IETF activities: IETF draft may become a compatible subset of the ISO specifications

Draft Technical Specification to be approved by ETSI SEC in 4Q2000

Telia Research ABGyörgy Endersz

2000-09-26

20

EESSI Orientations

The standards should support different classes of requirements reflecting market needs for different security/quality levels

In this model the standards, where applicable, will offer alternative levels

Consistent sets chosen from the alternatives will meet a class of requirement, as illustrated in the following examples

Input by stakeholders needed

Telia Research ABGyörgy Endersz

2000-09-26

21

Non-Public orExtended Policies

Public UsePublic Usewith SSCD

Electronic Signature Electronic Signature

+ Validation DataElectronic Signature

+Val Data +Time stamp

Lower Level Qualified Level Higher Level

Lower Level Qualified Level

EESSI Standard

Qualified Certificate Policy

Electronic SignatureFormat

Qualified Certificate Format

Time-stampingProtocol

Security Requirementsfor Trustworthy Systems

SSCD

Qualified Certificate Profile

Time Stamping Profile

Option Within Standard

Qualified Electronic Signature

Telia Research ABGyörgy Endersz

2000-09-26

22

Non-Public orExtended Policies

Public UsePublic Usewith SSCD

Electronic Signature Electronic Signature

+ Validation DataElectronic Signature

+Val Data +Time stamp

Lower Level Qualified Level Higher Level

Lower Level Qualified Level

EESSI Standard

Qualified Certificate Policy

Electronic SignatureFormat

Qualified Certificate Format

Time-stampingProtocol

Security Requirementsfor Trustworthy Systems

SSCD

Qualified Certificate Profile

Time Stamping Profile

Option Within Standard

Qualified Electronic Signature with Long-term Validity

Telia Research ABGyörgy Endersz

2000-09-26

23

Non-Public orExtended Policies Public Use

Public Usewith SSCD

Electronic Signature Electronic Signature

+ Validation DataElectronic Signature

+Val Data +Time stamp

Lower Level Qualified Level Higher Level

Lower Level Qualified Level

EESSI Standard

Qualified Certificate Policy

Electronic SignatureFormat

Qualified Certificate Format

Time-stampingProtocol

Security Requirementsfor Trustworthy Systems

SSCD

Qualified Certificate Profile

Profile from IETF Timestamp Protocol

Option Within Standard

Electronic Signature Using Qualified Certificate

Telia Research ABGyörgy Endersz

2000-09-26

24

International Issues

Recognition of conformance to SSCD requirements

Cross-recognition of “certification policy”

On-line validation of CSP status

Harmonization of interoperability standards

Telia Research ABGyörgy Endersz

2000-09-26

25

Cross-recognition of conformance to SSCD requirements

In general: CC MRA: Arrangement on the Mutual Recognition

of CC Certificates in the Field of IT Security

The Directive: Designated Body (Art. 3.4) issues statement that

the SSCD conforms to Annex III requirements Can be based on certificate obtained by the CC

MRA but formally independent decision

Telia Research ABGyörgy Endersz

2000-09-26

26

Cross-recognition of ‘certification policy’

The aim is establishment of trust, optimally at the time of

the transaction policy mapping

Cross recognition provides equivalent quality. Can be represented in machine-readable form

Cross-certification, the “bridge-CA” concept

“Foreign” certificates = qualified certificates if….

Review and update of cryptographic requirements will affect cross-recognition at the international level

Telia Research ABGyörgy Endersz

2000-09-26

27

On-line validation of CSP status

National schemes include procedures to make such information available, e.g. CSP not bale to fulfill obligations, failed audit, etc

Agreed, simple formats and mechanisms are needed to store and retrieve such information

Not addressed yet: gray zone between accreditation/approval and technical interoperation

Telia Research ABGyörgy Endersz

2000-09-26

28

Harmonization of interoperability standards

Profiles based on IETF RFCs: Qualified Certificate and Time Stamp: the consistency issue

Partial interoperability of ISO and IETF standards for time stamping

ES Formats standard: harmonisation of activities - on Signing Policy with IETF and - on XML version of ES Formats with W3C and EDI/XML

Telia Research ABGyörgy Endersz

2000-09-26

29

Other Issues

•Identification of subjects: in person?

•Management of cryptographic requirements

•Requirements for other than QC: alternative trust levels. Impact on SSCD, CSP Policy and trustworthy system

•The need for unique, permanent, borderless electronic identity

Telia Research ABGyörgy Endersz

2000-09-26

30

Events Calendar

Drafts of amended ES Format, Qualified Certificate and Time Stamp posted by on Web-site for public consultation 22 September. Comments period ends 13 October.

Drafts of SSCD, Trustworthy Systems, Signature Creation and Verification posted on Web-site for public consultation end of September. Comments period ends 31 October.

EESSI Workshop in Barcelona, 26 September. Co-located with the Information Security Solutions Europe (ISSE) conference, 27-29 September

CEN/ISSS E-Sign meeting: 2-3 October, Barcelona ESI WG meeting: 16-17 October, Milan CEN/ISSS E-Sign WS and ETSI ESI WG meetings, including

Joint session, 20-22 November, Brussels

Telia Research ABGyörgy Endersz

2000-09-26

31

References

ETSI:http://www.etsi.org/sec/el-sign.htmSign up from Web-site to open El Sign mailing list

CEN:http://www.cenorm.be/isss/workshop/e-sign

EESSI: http://www.ict.etsi.org/eessi/EESSI-homepage.htm

ISSE Conference & Workshops:http://www.eema.org/isse