Abstract
An electronic signature is always used in a context. In the EU, a lot of emphasis has been placed on legal admissibility of at least qualified signatures, and on standards for technical interoperability of esignatures. The main obstacles to use of esignatures today are probably a lack of mutual understanding of how to use them in a given process (organisational interoperability) and missing specifications on the semantic interpretation (the meaning and implications) of esignatures in the process. A signature policy is a means to specify the conditions for use of esignatures. This paper suggests a framework for specification of practically useful signature policies to simplify interoperability, emphasising that the formation of a single signature policy document for all conditions may not be the best option.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
CEN CWA 16703-1, Business Interoperability Interfaces for Public Procurement in Europe - Part 1: Profile Overview. January 2010.
Commission of the European Communities, Proposal for a Regulation on Electronic Identification and Trust Services for Electronic Transactions in the Internal Market, COM(2012) 238/2, June 2012.
Study on Cross-Border Interoperability of eSignatures (CROBIES), Guidelines and Guidance for Cross-border and Interoperable Implementation of Electronic Signatures. CROBIES deliverable 5.1, July 2010.
ISA programme, European Interoperability Framework for European Public Services, v2.0, December 2010.
ETSI SR 001 604 v1.1.1 (2012-07). Rationalised Framework for Electronic Signature Standardisation.
ETSI TR 102 038 V.1.1.1 (2002-04) Electronic Signature and Infrastructure (ESI) - XML Format for Signature Policies.
ETSI TR 102 041 V.1.1.1 (2002-02) Electronic Signature and Infrastructure (ESI) - Signature Policies Report.
ETSI TR 102 045 V.1.1.1 (2003-03) Electronic Signature and Infrastructure (ESI) - Signature Policy for Extended Business Model
ETSI TR 102 272 V.1.1.1 (2003-12) Electronic Signature and Infrastructure (ESI) - ASN.1 Format for Signature Policies.
ETSI TS 101 733 V. 1.7.4 (2008-07) Electronic Signature and Infrastructure (ESI) - CMS Advanced Electronic Signature (CAdES).
ETSI TS 101 903 V1.3.2 (2006-03) Electronic Signature and Infrastructure (ESI) - XML Advanced Electronic Signatures (XAdES).
ETSI TS 102 778 V.1.1.1 (2009-07). Electronic Signature and Infrastructure (ESI) - PDF Advanced Electronic Signature Profiles (PAdES), Parts 1-5.
EU: Community Framework for Electronic Signatures. Directive 1999/93/EC of the European Parliament and of the Council, 1999.
IDABC, Preliminary Study on Mutual Recognition of eSignatures for eGovernment Applications (Final Study and 32 National Profiles), December 2009.
J.0lnes, PEPPOL - Experience from Four Years Work on eSignature Interoperability, Proceedings of the ISSE 2012 Conference, October 2012.
J.0lnes, L.Buene, A.Andresen, H.Grindheim, J.Apitzsch, A.Rossi, A General Quality Classification System for eIDs and e-Signatures, Proceedings of the ISSE 2009 Conference, October 2009.
PEPPOL Deliverable D1.3: Demonstrator and Functional Specifications for Cross-Border Use of eSignatures in Public Procurement. September 2011.
Slovak National Security Agency, Signature Policies for QES, version 1.1, December 2007.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer Fachmedien Wiesbaden
About this chapter
Cite this chapter
Ølnes, J. (2013). A Practical Signature Policy Framework. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2013 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-03371-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-658-03371-2_9
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-03370-5
Online ISBN: 978-3-658-03371-2
eBook Packages: Computer ScienceComputer Science (R0)