SIST EN 319 411-2 V2.5.1:2023
(Main)Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 2: Requirements for trust service providers issuing EU qualified certificates
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 2: Requirements for trust service providers issuing EU qualified certificates
The present document specifies policy and security requirements for the issuance, maintenance and life-cycle
management of EU qualified certificates as defined in Regulation (EU) No 910/2014 [i.1]. These policy and security
requirements support reference certificate policies for the issuance, maintenance and life-cycle management of EU
qualified certificates issued to natural persons (including natural persons associated with a legal person or a website)
and to legal persons (including legal persons associated with a website), respectively.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
assessors.
NOTE: See ETSI EN 319 403 [i.6] for guidance on assessment of TSP's processes and services. The present
document references ETSI EN 319 411-1 [2] for general requirements on TSP issuing certificates.
Elektronski podpisi in infrastruktura (ESI) - Zahteve politike in varnosti za ponudnike storitev zaupanja, ki izdajajo digitalna potrdila - 2. del: Zahteve za ponudnike storitev zaupanja, ki izdajajo kvalificirana digitalna potrdila v EU
Ta dokument določa zahteve politike in varnosti za izdajanje, vzdrževanje ter upravljanje življenjskega cikla kvalificiranih digitalnih potrdil v EU, kot je določeno v Uredbi (EU) št. 910/2014 [i.1]. Te zahteve politike in varnosti podpirajo referenčne politike digitalnih potrdil za izdajanje, vzdrževanje ter upravljanje življenjskega cikla kvalificiranih digitalnih potrdil v EU, izdanih fizičnim osebam (vključno s fizičnimi osebami, povezanimi s pravno osebo ali spletnim mestom) in pravnim osebam (vključno s pravnimi osebami, povezanimi s spletnim mestom).
Ta dokument ne določa, kako lahko opredeljene zahteve oceni neodvisna stran, vključno z zahtevami glede informacij, ki jih je treba razkriti takim neodvisnim ocenjevalcem, ali zahtevami glede takih ocenjevalcev.
OPOMBA: Glej standard ETSI EN 319 403 [i.6] za navodila v zvezi z ocenjevanjem procesov in storitev ponudnikov storitev zaupanja. Ta dokument se sklicuje na standard ETSI EN 319 411-1 [2] za splošne zahteve v zvezi s certifikati, ki jih izdajajo ponudniki storitev zaupanja.
General Information
Buy Standard
Standards Content (Sample)
Draft ETSI EN 319 411-2 V2.5.0 (2023-07)
EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 2: Requirements for trust service providers issuing
EU qualified certificates
---------------------- Page: 1 ----------------------
2 Draft ETSI EN 319 411-2 V2.5.0 (2023-07)
Reference
REN/ESI-0019411-2v251
Keywords
e-commerce, electronic signature, security,
trust services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.
Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2023.
All rights reserved.
ETSI
---------------------- Page: 2 ----------------------
3 Draft ETSI EN 319 411-2 V2.5.0 (2023-07)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology . 5
Introduction . 6
1 Scope . 7
2 References . 7
2.1 Normative references . 7
2.2 Informative references . 7
3 Definition of terms, symbols, abbreviations and notations .
...
ETSI EN 319 411-2 V2.5.1 (2023-10)
EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 2: Requirements for trust service providers issuing
EU qualified certificates
---------------------- Page: 1 ----------------------
2 ETSI EN 319 411-2 V2.5.1 (2023-10)
Reference
REN/ESI-0019411-2v251
Keywords
e-commerce, electronic signature, security, trust
services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.
Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2023.
All rights reserved.
ETSI
---------------------- Page: 2 ----------------------
3 ETSI EN 319 411-2 V2.5.1 (2023-10)
Contents
Intellectual Property Rights . 6
Foreword . 6
Modal verbs terminology . 6
Introduction . 7
1 Scope . 8
2 References . 8
2.1 Normative references . 8
2.2 Informative references . 8
3 Definition of terms, symbols, abbreviations and notations . 9
...
SLOVENSKI STANDARD
SIST EN 319 411-2 V2.5.1:2023
01-december-2023
Elektronski podpisi in infrastruktura (ESI) - Zahteve politike in varnosti za
ponudnike storitev zaupanja, ki izdajajo digitalna potrdila - 2. del: Zahteve za
ponudnike storitev zaupanja, ki izdajajo kvalificirana digitalna potrdila v EU
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for
Trust Service Providers issuing certificates - Part 2: Requirements for trust service
providers issuing EU qualified certificates
Ta slovenski standard je istoveten z: ETSI EN 319 411-2 V2.5.1 (2023-10)
ICS:
03.080.99 Druge storitve Other services
35.030 Informacijska varnost IT Security
35.040.01 Kodiranje informacij na Information coding in general
splošno
SIST EN 319 411-2 V2.5.1:2023 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
SIST EN 319 411-2 V2.5.1:2023
---------------------- Page: 2 ----------------------
SIST EN 319 411-2 V2.5.1:2023
ETSI EN 319 411-2 V2.5.1 (2023-10)
EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 2: Requirements for trust service providers issuing
EU qualified certificates
---------------------- Page: 3 ----------------------
SIST EN 319 411-2 V2.5.1:2023
2 ETSI EN 319 411-2 V2.5.1 (2023-10)
Reference
REN/ESI-0019411-2v251
Keywords
e-commerce, electronic signature, security, trust
services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.
Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2023.
All rights reserved.
ETSI
---------------------- Page: 4 ----------------------
SIST EN 319 411-2 V2.5.1:2023
3 ETSI EN 319 411-2 V2.5.1 (2023-10)
Contents
Intellectual Property Rights . 6
Foreword .
...
SLOVENSKI STANDARD
oSIST prEN 319 411-2 V2.5.0:2023
01-september-2023
Elektronski podpisi in infrastruktura (ESI) - Zahteve politike in varnosti za
ponudnike storitev zaupanja, ki izdajajo digitalna potrdila - 2. del: Zahteve za
ponudnike storitev zaupanja, ki izdajajo kvalificirana digitalna potrdila v EU
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for
Trust Service Providers issuing certificates - Part 2: Requirements for trust service
providers issuing EU qualified certificates
Ta slovenski standard je istoveten z: ETSI EN 319 411-2 V2.5.0 (2023-07)
ICS:
03.080.99 Druge storitve Other services
35.030 Informacijska varnost IT Security
35.040.01 Kodiranje informacij na Information coding in general
splošno
oSIST prEN 319 411-2 V2.5.0:2023 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
oSIST prEN 319 411-2 V2.5.0:2023
---------------------- Page: 2 ----------------------
oSIST prEN 319 411-2 V2.5.0:2023
Draft ETSI EN 319 411-2 V2.5.0 (2023-07)
EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 2: Requirements for trust service providers issuing
EU qualified certificates
---------------------- Page: 3 ----------------------
oSIST prEN 319 411-2 V2.5.0:2023
2 Draft ETSI EN 319 411-2 V2.5.0 (2023-07)
Reference
REN/ESI-0019411-2v251
Keywords
e-commerce, electronic signature, security,
trust services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871
Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.
Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2023.
All rights reserved.
ETSI
---------------------- Page: 4 ----------------------
oSIST prEN 319 411-2 V2.5.0:2023
3 Draft ETSI EN 319 411-2 V2.5.0 (2023-07)
Contents
Intellectual Property Rights . 5
Foreword .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.