Trust-Service Status List Based Signature Verification
Interoperability and cross-border services are on the top of the agenda of the Digital Agenda for Europe and the e-Government action plan. Here, electronic signatures and their verification play a major role. Especially electronic signatures relying on qualified certificates and produced by secure signature creation devices are of special interest – as they are legally equivalent to handwritten signatures. To facilitate the recognition of such qualified signatures, trust-service status lists have been established. Current signature verification applications lack on a sufficient support of trust-service status lists. To solve this problem, we propose an efficient, adaptable and easy to use trust-service status list enabled signature verification application. Our solution bases on the Austrian signature verification component MOA-SP. It extends the existing architecture to support trust-service status list functionalities. Finally, our implementation is evaluated in real life scenarios and we give a survey about the implementation status of trust-service status lists in Europe.
KeywordsTrust-service Status List Signature Verification Qualified Certificate Secure Signature Creation Device Cross-Border Services
Unable to display preview. Download preview PDF.
- 1.European Union, Directive 2006/123/EC of the European Parliament and of the Council of 12 December 2006 on services in the internal market, Official Journal L 376, pp. 36–68 (December 27, 2006) Google Scholar
- 2.European Commission Decision, Establishing minimum requirements for the cross-border processing of documents signed electronically by competent authorities under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market, notified under document C(2011) 1081, 2011/130/EU (February 25, 2011) Google Scholar
- 3.European Community, European Union Public Licence (EUPL v.1.1) (2007), http://joinup.ec.europa.eu/software/page/eupl/licence-eupl
- 4.Posch, R., Orthacker, C., et al.: Open Source Bausteine als Kooperationsgrundlage. In: Eixelsberger, W., Stember, J. (eds.) E-Government - Zwischen Partizipation und KooperationGoogle Scholar
- 5.Stranacher, K., Tauber, A., et al.: The Austrian Identity Ecosystem – An e-Government Experience. In: Martínez, A.R. (ed.) Architectures and Protocols for Secure Information Technology (Note: in press)Google Scholar
- 6.Cooper, D., Santesson, S., et al.: RFC 5280, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile (May 2008) Google Scholar
- 7.European Union, Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures, Official Journal L 13, pp. 12–20 (January 19, 2000) Google Scholar
- 8.ETSI, Technical Specification 102 231, Electronic Signatures and Infrastructures (ESI); Provision of harmonized Trust-service status information, V2.1.1 (2006) Google Scholar
- 9.European Commission, Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions A Digital Agenda for Europe, COM/2010/0245 (May 19, 2010) Google Scholar
- 10.European Commission, The European eGovernment Action Plan 2011-2015 Harnessing ICT to promote smart, sustainable & innovative Government, COM/2010/743 (December 15, 2010)Google Scholar