LIGHTest logo

An ever increasing number of transactions are conducted virtually over the internet. How can you be sure that the person making the transaction is who thye say they are?

LIGHTest develops a global lightweight trust infrastructure providing parties of electronic transactions with automatic validation of trust based on their individual trust policies through the publication, querying and cross-jurisdiction translation of information relevant in making decisions.

  • Creation of a Global Trust Infrastructure at Feasible Effort
    LIGHTest addresses this possibly most difficult challenge through reuse of the existing Domain Name System (DNS). In particular, LIGHTest employs the global DNS system as-is. Only marginal additions render it usable as a global trust infrastructure. It does so by following well-established strategies of other kinds of trust management.
  • Global Acceptance of the Approach Beyond Europe
    LIGHTest addresses this challenge by embedding its technical innovations into an inclusive and collaborative strategy that positions LIGHTest from the start as a global initiative, open to extra-European collaboration.
  • Support for Heterogeneous Trust Models, since Homogeneous Models Fail to Scale Globally
    LIGHTest supports heterogeneous models of trust by moving the decision point for who is trusted to the verifier’s trust policy. It typically selects and combines few existing large scale trust schemes (such as that of EU qualified signature) and can further personalize it with local black- and white-lists.
  • Automatic Handling of Subsidiarity Principle in Trust Schemes
    LIGHTest addresses this challenge by using the native and massively proven DNS mechanism to delegate the management of sub-domains to third parties. The mechanism can support an arbitrary depth of the hierarchy and the LIGHTest client libraries render the hierarchical structure of trust schemes transparent to verifiers.
  • Access to Trust Schemes based on Human-Readable Names
    LIGHTest addresses this challenge by using DNS domain names to identify trust schemes. For example, the European trust scheme of qualified signatures may be named “”. Here, qualified is the scheme name, the authority responsible for the scheme, and TRUST a standardized constant word used across the trust infrastructure. Using the existing DNS, this name can then be used by software to locate and access the data that is contained in the named trust scheme.
  • Use of a Single Trust Root to Replace a Multitude of trust Anchors
    LIGHTest addresses this challenge by applying the existing, unique, and globally accepted trust root of the DNS. The standard mechanism of the DNS (with DNSSEC extension) allows to derive trust in trust scheme data from this single trust root and the (domain) name of the trust scheme.
  • Integration of Multiple Types of Trust Schemes in a Single Infrastructure
    LIGHTest addresses this challenge by using a very generic model of trust scheme and supporting an open number of trust schemes to coexist concurrently.
Fraunhofer Gesellschaft zur Forderung Der Angewandten Forschung EVFHGGermany
time.lex CVBATILBelgium
Technische Universitaet GrazTUGAustria
European Electronic Messaging AssociationEEMABelgium
Giesecke & Devrient Gesellschaft Mit Beschrankter HaftungG&DGermany
Danmarks Tekniske UniversitetDTIDenmark
Trukiye Bilimsel Ve Teknolojik Arastirma KurumuTUBITAKTurkey
Universitaet StuttgartUSTUTTGermany
Open Identity Exchange EuropeOIXUnited Kingdom
Stichting NLnet LabsNLNETNetherlands
Sociedad Estatal Correos y Telegrafos SACORREOSSpain
IBM Danmark APSIBMDenmark
GMO Globalsign OYGSFinland
Contact LIGHTest at

Program Information
Project No
Contact us

September 2016
3 years

LIGHTest has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement. No 700321