Skip to main content
main-content
Top

Hint

Swipe to navigate through the chapters of this book

2013 | OriginalPaper | Chapter

A Practical Signature Policy Framework

Author: Jon Ølnes

Published in: ISSE 2013 Securing Electronic Business Processes

Publisher: Springer Fachmedien Wiesbaden

share
SHARE

Abstract

An electronic signature is always used in a context. In the EU, a lot of emphasis has been placed on legal admissibility of at least qualified signatures, and on standards for technical interoperability of esignatures. The main obstacles to use of esignatures today are probably a lack of mutual understanding of how to use them in a given process (organisational interoperability) and missing specifications on the semantic interpretation (the meaning and implications) of esignatures in the process. A signature policy is a means to specify the conditions for use of esignatures. This paper suggests a framework for specification of practically useful signature policies to simplify interoperability, emphasising that the formation of a single signature policy document for all conditions may not be the best option.
Literature
[CEN-16073-1]
go back to reference CEN CWA 16703-1, Business Interoperability Interfaces for Public Procurement in Europe - Part 1: Profile Overview. January 2010. CEN CWA 16703-1, Business Interoperability Interfaces for Public Procurement in Europe - Part 1: Profile Overview. January 2010.
[COMM12]
go back to reference Commission of the European Communities, Proposal for a Regulation on Electronic Identification and Trust Services for Electronic Transactions in the Internal Market, COM(2012) 238/2, June 2012. Commission of the European Communities, Proposal for a Regulation on Electronic Identification and Trust Services for Electronic Transactions in the Internal Market, COM(2012) 238/2, June 2012.
[CROBIES5.1]
go back to reference Study on Cross-Border Interoperability of eSignatures (CROBIES), Guidelines and Guidance for Cross-border and Interoperable Implementation of Electronic Signatures. CROBIES deliverable 5.1, July 2010. Study on Cross-Border Interoperability of eSignatures (CROBIES), Guidelines and Guidance for Cross-border and Interoperable Implementation of Electronic Signatures. CROBIES deliverable 5.1, July 2010.
[EIF10]
go back to reference ISA programme, European Interoperability Framework for European Public Services, v2.0, December 2010. ISA programme, European Interoperability Framework for European Public Services, v2.0, December 2010.
[ETSI-001-604]
go back to reference ETSI SR 001 604 v1.1.1 (2012-07). Rationalised Framework for Electronic Signature Standardisation. ETSI SR 001 604 v1.1.1 (2012-07). Rationalised Framework for Electronic Signature Standardisation.
[ETSI-102-038]
go back to reference ETSI TR 102 038 V.1.1.1 (2002-04) Electronic Signature and Infrastructure (ESI) - XML Format for Signature Policies. ETSI TR 102 038 V.1.1.1 (2002-04) Electronic Signature and Infrastructure (ESI) - XML Format for Signature Policies.
[ETSI-102-041]
go back to reference ETSI TR 102 041 V.1.1.1 (2002-02) Electronic Signature and Infrastructure (ESI) - Signature Policies Report. ETSI TR 102 041 V.1.1.1 (2002-02) Electronic Signature and Infrastructure (ESI) - Signature Policies Report.
[ETSI-102-045]
go back to reference ETSI TR 102 045 V.1.1.1 (2003-03) Electronic Signature and Infrastructure (ESI) - Signature Policy for Extended Business Model ETSI TR 102 045 V.1.1.1 (2003-03) Electronic Signature and Infrastructure (ESI) - Signature Policy for Extended Business Model
[ETSI-102-272]
go back to reference ETSI TR 102 272 V.1.1.1 (2003-12) Electronic Signature and Infrastructure (ESI) - ASN.1 Format for Signature Policies. ETSI TR 102 272 V.1.1.1 (2003-12) Electronic Signature and Infrastructure (ESI) - ASN.1 Format for Signature Policies.
[ETSI-101-733]
go back to reference ETSI TS 101 733 V. 1.7.4 (2008-07) Electronic Signature and Infrastructure (ESI) - CMS Advanced Electronic Signature (CAdES). ETSI TS 101 733 V. 1.7.4 (2008-07) Electronic Signature and Infrastructure (ESI) - CMS Advanced Electronic Signature (CAdES).
[ETSI-101-903]
go back to reference ETSI TS 101 903 V1.3.2 (2006-03) Electronic Signature and Infrastructure (ESI) - XML Advanced Electronic Signatures (XAdES). ETSI TS 101 903 V1.3.2 (2006-03) Electronic Signature and Infrastructure (ESI) - XML Advanced Electronic Signatures (XAdES).
[ETSI-102-778]
go back to reference ETSI TS 102 778 V.1.1.1 (2009-07). Electronic Signature and Infrastructure (ESI) - PDF Advanced Electronic Signature Profiles (PAdES), Parts 1-5. ETSI TS 102 778 V.1.1.1 (2009-07). Electronic Signature and Infrastructure (ESI) - PDF Advanced Electronic Signature Profiles (PAdES), Parts 1-5.
[EU99]
go back to reference EU: Community Framework for Electronic Signatures. Directive 1999/93/EC of the European Parliament and of the Council, 1999. EU: Community Framework for Electronic Signatures. Directive 1999/93/EC of the European Parliament and of the Council, 1999.
[IDABC09]
go back to reference IDABC, Preliminary Study on Mutual Recognition of eSignatures for eGovernment Applications (Final Study and 32 National Profiles), December 2009. IDABC, Preliminary Study on Mutual Recognition of eSignatures for eGovernment Applications (Final Study and 32 National Profiles), December 2009.
[Olnes12]
go back to reference J.0lnes, PEPPOL - Experience from Four Years Work on eSignature Interoperability, Proceedings of the ISSE 2012 Conference, October 2012. J.0lnes, PEPPOL - Experience from Four Years Work on eSignature Interoperability, Proceedings of the ISSE 2012 Conference, October 2012.
[OlBuAn09]
go back to reference J.0lnes, L.Buene, A.Andresen, H.Grindheim, J.Apitzsch, A.Rossi, A General Quality Classification System for eIDs and e-Signatures, Proceedings of the ISSE 2009 Conference, October 2009. J.0lnes, L.Buene, A.Andresen, H.Grindheim, J.Apitzsch, A.Rossi, A General Quality Classification System for eIDs and e-Signatures, Proceedings of the ISSE 2009 Conference, October 2009.
[PEPPOL-D1.3]
go back to reference PEPPOL Deliverable D1.3: Demonstrator and Functional Specifications for Cross-Border Use of eSignatures in Public Procurement. September 2011. PEPPOL Deliverable D1.3: Demonstrator and Functional Specifications for Cross-Border Use of eSignatures in Public Procurement. September 2011.
[SVK-SP-QES]
go back to reference Slovak National Security Agency, Signature Policies for QES, version 1.1, December 2007. Slovak National Security Agency, Signature Policies for QES, version 1.1, December 2007.
Metadata
Title
A Practical Signature Policy Framework
Author
Jon Ølnes
Copyright Year
2013
Publisher
Springer Fachmedien Wiesbaden
DOI
https://doi.org/10.1007/978-3-658-03371-2_9

Premium Partner