FutureTrust pilots portal presents eIDAS-related innovations
To support the broad adoption of electronic identification (eID) and trusted services for elec-tronic transactions in the internal market according to the eIDAS-Regulation (EU) No 910/2014, the EU-funded FutureTrust project has explored major parts of the “eIDAS-Ecosystem” in order to create innovative components, services and applications, which are expected to shape the “Future of Trust”. The recently launched FutureTrust Pilots Portal (https://pilots.FutureTrust.eu) continously presents eIDAS-related innovations, which will simplify the utilisation of eID and electronic signature technology in real world applications. After the initial release of the pan-European eID-Broker, which is powered by SkIDentity technology and supports electronic identification means and eID cards from Germany, Estonia, Luxembourg, Belgium, Portugal, Serbia and Georgia, the FutureTrust project has now released two important trust service com-ponents for the generation and validation of electronic signatures and related cryptographically protected data objects.
“An important goal of ‘FutureTrust’ was to simplify the use of eIDAS-related technologies in practice. Against this background it is a great pleasure to see how easy it is to use the Signa-ture Generation & Sealing Service (SigS) for the creation of signatures and seals in standard-ised formats using a variety of signature creation devices,” explains Jon Shamah, Chair of EEMA and Leader of the FutureTrust Dissemination Work Package. “That it is now even pos-sible to use the German eID card to create advanced electronic signatures is particularly nice for German citizens,” adds Dr. Detlef Hühnlein, CEO and founder of ecsec GmbH and leader of the FutureTrust Pilots Work Package. “The novel combination of eID and sealing technology to create smart advanced electronic signatures demonstrates that there are large intrinsic syn-ergies between the various eIDAS services, which only need to be exploited.“
FutureTrust Signature Generation & Sealing Service (SigS)
The FutureTrust Signature Generation & Sealing Service (SigS) makes it possible to generate advanced and qualified electronic signatures and seals using a large variety of signature and seal creation devices from different issuers across Europe. Among the supported signing to-kens is the German eID card, the German Health Professional Card (HPC), the qualified sig-nature cards issued by the German Chambers of Industry and Commerce (“IHK-Signatur-karte”) and various qualified signature creation devices from Luxembourg, Estonia, Belgium and Portugal for example. The SigS operates in a specially secured environment and supports standardised signature formats and the interface standards recently developed at ETSI ESI and OASIS DSS-X as well as the ChipGateway protocol jointly developed by ecsec GmbH and LuxTrust SA. A distinctive feature of the SigS is the close integration with the pan-European eID-Broker, which allows to create smart advanced electronic signatures based on a suitable electronic identification processes, which do not only enable advanced electronic signatures with the German eID card, but also smart signing processes based on arbitrary identity man-agement systems. Depending on the signing or sealing device and the format of the provided document (PDF, XML or other format), SigS produces advanced or qualified electronic signa-tures and seals in standardised formats, such as CAdES, XAdES or PAdES. In order to support a variety of application scenarios and compliance requirements, SigS allows to add time-stamps and supports the different baseline signature conformance levels standardised by ETSI (B – Basic Signature, T – Signature with Time, LT Signatures with Long-Term validation Material and LTA – Signatures providing Long Term Availability and Integrity of Validation Material).
FutureTrust Validation Service (ValS)
While most currently available components for validating advanced and qualified electronic signatures and seals are limited to specific document and signature formats, are not available as Open Source or even have been shown to be vulnerable, the FutureTrust project has de-veloped the comprehensive FutureTrust Validation Service (ValS), which is able to validate electronic signatures, seals, certificates and evidence records and will become Open Source within the FutureTrust piloting phase.
Potentially the most important application of the FutureTrust Validation Service is the validation of Advanced and Qualified Electronic Signatures and Seals generated with the SigS or other signature generation and sealing services in standardised formats, such as CAdES, XAdES or PAdES. Furthermore, the FutureTrust Validation Service is also able to validate related signa-ture objects including X.509 Certificates, for which the revocation status and the
trustworthiness according to a provided set of trust anchors in a Trusted List is checked, and Evidence Records (ERS), which enable efficient long-term preservation of digital signatures. The rules for validation are determined by configurable “Signature Validation Policies” and ValS returns the validation result in a machine-readable, XML- or JSON-based, validation re-port. Last but not least, the FutureTrust Validation Service is designed in an extensible manner, such that modules for other not (yet) standardised signature formats or validation policies can be easily plugged into the ValS in a well-defined manner.
About the FutureTrust project
Against the background of the Regulation (EU) No. 910/2014 on electronic identification (eID) and trusted services for electronic transactions in the internal market (eIDAS), the FutureTrust project (https://futuretrust.eu), which is funded within the EU Framework Programme for Research and Innovation (Horizon 2020) under Grant Agreement No. 700542, aimed at supporting the practical implementation of the regulation in Europe and beyond.
For this purpose the FutureTrust project addressed the need for globally interoperable solutions through basic re-search with respect to the foundations of trust and trustworthiness, actively support the standardisation process in relevant areas, and provide Open Source software components and trustworthy services, which will ease the use of eID and electronic signature technology in real world applications. The FutureTrust project has developed nu-merous innovative services and applications, which are now gradually piloted and released to the public for produc-tive use.
Dr. Detlef Hühnlein Jon Shamah
FutureTrust c/o ecsec GmbH
FutureTrust c/o EEMA