Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 1: General requirements

The present document specifies generally applicable policy and security requirements for Trust Service Providers
(TSPs) issuing public key certificates, including trusted web site certificates.
The policy and security requirements are defined in terms of requirements for the issuance, maintenance and life-cycle
management of certificates. These policy and security requirements support several reference certificate policies,
defined in clauses 4 and 5.
A framework for the definition of policy requirements for TSPs issuing certificates in a specific context where
particular requirements apply is defined in clause 7.
The present document covers requirements for CA hierarchies, however this is limited to supporting the policies as
specified in the present document. It does not include requirements for root CAs and intermediate CAs for other
purposes.
The present document is applicable to:
• the general requirements of certification in support of cryptographic mechanisms, including digital signatures
for electronic signatures and seals;
• the general requirements of certification authorities issuing TLS/SSL certificates;
• the general requirements of the use of cryptography for authentication and encryption.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
assessors.
NOTE: See ETSI EN 319 403 [i.2] for guidance on assessment of TSP's processes and services. The present
document references ETSI EN 319 401 [9] for general policy requirements common to all classes of
TSP's services.
The present document includes provisions consistent with the requirements from the CA/Browser Forum in EVCG [4]
and BRG [6].

Elektronski podpisi in infrastruktura (ESI) - Zahteve politike in varnosti za ponudnike storitev zaupanja, ki izdajajo digitalna potrdila - 1. del: Splošne zahteve

Ta dokument določa splošno veljavne zahteve politike in varnosti za ponudnike storitev zaupanja (TSP), ki izdajajo digitalna potrdila javnih ključev, vključno s potrdili zaupanja vrednih spletnih mest.
Zahteve politike in varnosti so določene v smislu zahtev za izdajanje, vzdrževanje in upravljanje življenjskega cikla digitalnih potrdil. Te zahteve politike in varnosti podpirajo več referenčnih politik digitalnih potrdil, določenih v točkah 4 in 5.
Okvir za opredelitev zahtev politike za ponudnike storitev zaupanja, ki izdajajo digitalna potrdila v posebnem kontekstu, v katerem veljajo določene zahteve, je določen v točki 7.
Ta dokument zajema zahteve za hierarhije overiteljev digitalnih potrdil, vendar je to omejeno na podporo politik, opredeljenih v tem dokumentu. Ne vključuje zahtev za overitelje korenskih digitalnih potrdil in overitelje vmesnih digitalnih potrdil za druge namene.
Ta dokument se uporablja za:
• splošne zahteve za izdajanje digitalnih potrdil za podporo kriptografskih mehanizmov, vključno z digitalnimi podpisi za elektronske podpise in pečate;
• splošne zahteve za overitelje digitalnih potrdil, ki izdajajo digitalna potrdila TLS/SSL;
• splošne zahteve za uporabo kriptografije za preverjanje pristnosti in šifriranje.
Ta dokument ne določa, kako lahko opredeljene zahteve oceni neodvisna stran, vključno z zahtevami glede informacij, ki jih je treba razkriti takim neodvisnim ocenjevalcem, ali zahtevami glede takih ocenjevalcev.
OPOMBA: Glej standard ETSI EN 319 403 [i.2] za navodila v zvezi z ocenjevanjem procesov in storitev ponudnikov storitev zaupanja. Ta dokument se sklicuje na standard ETSI EN 319 401 [9] za splošne zahteve politike, ki so skupne vsem razredom storitev ponudnikov storitev zaupanja.
Ta dokument vsebuje določbe, skladne z zahtevami organa CA/Browser Forum v smernicah EVCG [4] in BRG [6].

General Information

Status
Published
Public Enquiry End Date
30-Sep-2023
Publication Date
13-Nov-2023
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
09-Nov-2023
Due Date
14-Jan-2024
Completion Date
14-Nov-2023
Mandate

Buy Standard

Standard
ETSI EN 319 411-1 V1.4.0 (2023-07) - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements
English language
58 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ETSI EN 319 411-1 V1.4.1 (2023-10) - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements
English language
59 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
EN 319 411-1 V1.4.1:2023
English language
59 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Draft
prEN 319 411-1 V1.4.0:2023
English language
58 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

Draft ETSI EN 319 411-1 V1.4.0 (2023-07)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 1: General requirements

---------------------- Page: 1 ----------------------
2 Draft ETSI EN 319 411-1 V1.4.0 (2023-07)

Reference
REN/ESI-0019411-1v141
Keywords
e-commerce, electronic signature, extended
validation certificate, public key, security, trust
services

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871

Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2023.
All rights reserved.

ETSI

---------------------- Page: 2 ----------------------
3 Draft ETSI EN 319 411-1 V1.4.0 (2023-07)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology . 6
Introduction . 6
1 Scope . 7
2 References . 7
2.1 Normative references . 7
2.2 Informative references . 8
3 Definition of terms, symbols, abbreviations and notations .
...

ETSI EN 319 411-1 V1.4.1 (2023-10)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 1: General requirements

---------------------- Page: 1 ----------------------
2 ETSI EN 319 411-1 V1.4.1 (2023-10)

Reference
REN/ESI-0019411-1v141
Keywords
e-commerce, electronic signature, extended
validation certificate, public key, security, trust
services

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871

Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2023.
All rights reserved.

ETSI

---------------------- Page: 2 ----------------------
3 ETSI EN 319 411-1 V1.4.1 (2023-10)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology . 6
Introduction . 6
1 Scope . 7
2 References . 7
2.1 Normative references . 7
2.2 Informative references . 8
3 Definition of terms, symbols, abbreviations and notations . 10
3.1 Terms
...

SLOVENSKI STANDARD
SIST EN 319 411-1 V1.4.1:2023
01-december-2023
Elektronski podpisi in infrastruktura (ESI) - Zahteve politike in varnosti za
ponudnike storitev zaupanja, ki izdajajo digitalna potrdila - 1. del: Splošne zahteve
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for
Trust Service Providers issuing certificates - Part 1: General requirements
Ta slovenski standard je istoveten z: ETSI EN 319 411-1 V1.4.1 (2023-10)
ICS:
03.080.99 Druge storitve Other services
35.030 Informacijska varnost IT Security
35.040.01 Kodiranje informacij na Information coding in general
splošno
SIST EN 319 411-1 V1.4.1:2023 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN 319 411-1 V1.4.1:2023

---------------------- Page: 2 ----------------------
SIST EN 319 411-1 V1.4.1:2023
ETSI EN 319 411-1 V1.4.1 (2023-10)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 1: General requirements

---------------------- Page: 3 ----------------------
SIST EN 319 411-1 V1.4.1:2023
 2 ETSI EN 319 411-1 V1.4.1 (2023-10)

Reference
REN/ESI-0019411-1v141
Keywords
e-commerce, electronic signature, extended
validation certificate, public key, security, trust
services

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871

Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2023.
All rights reserved.

ETSI

---------------------- Page: 4 ----------------------
SIST EN 319 411-1 V1.4.1:2023
 3 ETSI EN 319 411-1 V1.4.1 (2023-10)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology .
...

SLOVENSKI STANDARD
oSIST prEN 319 411-1 V1.4.0:2023
01-september-2023
Elektronski podpisi in infrastruktura (ESI) - Zahteve politike in varnosti za
ponudnike storitev zaupanja, ki izdajajo digitalna potrdila - 1. del: Splošne zahteve
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for
Trust Service Providers issuing certificates - Part 1: General requirements
Ta slovenski standard je istoveten z: ETSI EN 319 411-1 V1.4.0 (2023-07)
ICS:
03.080.99 Druge storitve Other services
35.030 Informacijska varnost IT Security
35.040.01 Kodiranje informacij na Information coding in general
splošno
oSIST prEN 319 411-1 V1.4.0:2023 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN 319 411-1 V1.4.0:2023

---------------------- Page: 2 ----------------------
oSIST prEN 319 411-1 V1.4.0:2023
Draft ETSI EN 319 411-1 V1.4.0 (2023-07)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 1: General requirements

---------------------- Page: 3 ----------------------
oSIST prEN 319 411-1 V1.4.0:2023

2 Draft ETSI EN 319 411-1 V1.4.0 (2023-07)

Reference
REN/ESI-0019411-1v141
Keywords
e-commerce, electronic signature, extended
validation certificate, public key, security, trust
services

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871

Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2023.
All rights reserved.

ETSI

---------------------- Page: 4 ----------------------
oSIST prEN 319 411-1 V1.4.0:2023

3 Draft ETSI EN 319 411-1 V1.4.0 (2023-07)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.