Electronic Signatures and Infrastructures (ESI); Policy and security requirements for trust service providers providing long-term preservation of digital signatures or general data using digital signature techniques

DTS/ESI-0019511

General Information

Status
Published
Publication Date
13-Jun-2019
Current Stage
12 - Completion
Due Date
17-Jun-2019
Completion Date
14-Jun-2019
Ref Project

Buy Standard

Standard
ETSI TS 119 511 V1.1.1 (2019-06) - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for trust service providers providing long-term preservation of digital signatures or general data using digital signature techniques
English language
39 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

ETSI TS 119 511 V1.1.1 (2019-06)






TECHNICAL SPECIFICATION
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
trust service providers providing long-term preservation
of digital signatures or general data using
digital signature techniques

---------------------- Page: 1 ----------------------
2 ETSI TS 119 511 V1.1.1 (2019-06)



Reference
DTS/ESI-0019511
Keywords
electronic preservation, electronic signature,
trust services
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2019.
All rights reserved.

TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are trademarks of ETSI registered for the benefit of its Members.
TM TM
3GPP and LTE are trademarks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
oneM2M™ logo is a trademark of ETSI registered for the benefit of its Members and
of the oneM2M Partners.
®
GSM and the GSM logo are trademarks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 ETSI TS 119 511 V1.1.1 (2019-06)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology . 5
Introduction . 5
1 Scope . 7
2 References . 8
2.1 Normative references . 8
2.2 Informative references . 8
3 Definition of terms, symbols, abbreviations and notations . 10
3.1 Terms . 10
3.2 Symbols . 12
3.3 Abbreviations . 13
3.4 Notations . 13
4 General Concepts . 14
4.1 Preservation storage models . 14
4.1.1 Overview . 14
4.1.2 Preservation service with storage [WST] . 15
4.1.3 Preservation service with temporary storage [WTS] . 16
4.1.4 Preservation service without storage [WOS] . 17
4.2 Functional goals . 17
4.3 Preservation service applicable documentation . 19
4.3.1 Preservation service practice statement . 19
4.3.2 Preservation service policy . 19
4.3.3 Preservation schemes and preservation profiles . 19
4.3.4 Preservation evidence policy . 20
4.3.5 Signature validation policy . 20
4.4 Expected evidence duration . 20
4.5 Preservation period . 21
5 Risk assessment . 21
6 Policies and practices . 21
6.1 Preservation service practice statement . 21
6.2 Terms and Conditions . 22
6.3 Information security policy . 22
6.4 Preservation profiles . 23
6.5 Preservation evidence policy . 24
6.6 Signature validation policy . 25
6.7 Subscriber agreement . 25
7 PSP management and operation . 25
7.1 Internal organization. 25
7.2 Human resources . 25
7.3 Asset management . 25
7.4 Access control . 25
7.5 Cryptographic controls . 25
7.6 Physical and environmental security . 26
7.7 Operation security . 26
7.8 Network security . 26
7.9 Incident management . 26
7.10 Collection of evidence . 26
7.11 Business continuity management . 27
7.12 TSP termination and termination plans . 27
7.13 Compliance. 27
7.14 Cryptographic monitoring . 27
ETSI

---------------------- Page: 3 ----------------------
4 ETSI TS 119 511 V1.1.1 (2019-06)
7.15 Augmentation of preservation evidences . 27
7.16 Export-import package . 28
8 Operational and notification protocols . 28
8.1 Preservation protocol . 28
8.2 Notification protocol . 29
9 Preservation process . 30
9.1 Storage of preserved data and evidences . 30
9.2 Preservation evidences . 30
9.3 Preservation of digital signatures . 30
Annex A (normative): Qualified preservation service for QES as defined by article 34 the
Regulation (EU) No 910/2014 . 32
Annex B (informative): Mapping of requirements to Regulation (EU) No 910/2014 . 33
Annex C (informative): Differences and relationships between an archival service and a
preservation service . 35
C.1 Archival services . 35
C.2 Preservation services . 35
C.3 Comparison of archival services with preservation services . 36
C.4 Relationships between archival services and preservation services . 36
Annex D (informative): Cryptographic threats and countermeasures . 37
D.1 Risks based on collision attacks of one-way hash functions used within a digital signature . 37
D.2 Risks based on the digital signature algorithm and key length . 37
D.3 Risks based on the revocation of a signing key . 38
History . 39


ETSI

---------------------- Page: 4 ----------------------
5 ETSI TS 119 511 V1.1.1 (2019-06)
Intellectual Property Rights
Essential patents
IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Trademarks
The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners.
ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no
right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does
not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks.
Foreword
This Technical Specification (TS) has been produced by ETSI Technical Committee Electronic Signatures and
Infrastructures (ESI).
Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.
Introduction
On the one hand, digital signatures as well as time-stamps based on cryptographic mechanisms are increasingly used in
our everyday life and are a major cornerstone for electronic commerce.
On the other hand, it is well known, that the strength and suitability of cryptographic mechanisms is a function of time
and one needs to apply suitable preservation mechanisms, which are able to maintain the validity status of a signed
object over long periods of time, which may involve the application of different storage technologies and cryptographic
algorithms.
The need for long-term preservation is acknowledged amongst others in the Regulation (EU) No 910/2014 of the
European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic
transactions in the internal market [i.2], as can be seen in recital (61):
"This Regulation should ensure the long-term preservation of information, in order to ensure the legal validity of
electronic signatures and electronic seals over extended periods of time and guarantee that they can be validated
irrespective of future technological changes."
ETSI

---------------------- Page: 5 ----------------------
6 ETSI TS 119 511 V1.1.1 (2019-06)
Furthermore Article 34 of the Regulation (EU) No 910/2014 [i.2] states that "a qualified preservation service for
qualified electronic signatures may only be provided by a qualified trust service provider that uses procedures and
technologies capable of extending the trustworthiness of the qualified electronic signature beyond the technological
validity period" and that "the Commission may, by means of implementing acts, establish reference numbers of
standards for the qualified preservation service for qualified electronic signatures.".
The present document is aiming to meet the general requirements of the international community to provide trust and
confidence in preservation services which can be used to preserve the validity status of digital signatures or to provide a
proof of existence of digital objects using digital signature techniques, including, amongst others, applicable
requirements from Articles 34 and 40 of Regulation (EU) N 910/2014 [i.2] that establishes a legal framework for
qualified preservation service for qualified electronic signatures and mutatis mutandis for qualified preservation service
for qualified electronic seals.

ETSI

---------------------- Page: 6 ----------------------
7 ETSI TS 119 511 V1.1.1 (2019-06)
1 Scope
The present document builds on the general policy requirements specified in ETSI EN 319 401 [1], specifies policy and
security requirements for trust service providers providing long-term preservation of digital signatures and of general
data, i.e. signed data or unsigned data, using digital signature techniques.
The present document aims at supporting preservation services in different regulatory frameworks.
Specifically, but not exclusively, the preservation service addressed in the present document aims at supporting
qualified preservation service for qualified electronic signatures or seals as per Regulation (EU) No 910/2014 [i.2].
Specifically, but not exclusively, digital signatures in the present document cover electronic signatures, advanced
electronic signatures, qualified electronic signatures, electronic seals, advanced electronic seals, and qualified electronic
seals as per Regulation (EU) No 910/2014 [i.2].
The present document addresses two main cases:
1) The preservation over long periods of time, using digital signature techniques, of the ability to validate a
digital signature, of the ability to maintain its validity status and of the ability to get a proof of existence of
the associated signed data as they were at the time of the submission to the preservation service even if later
the signing key becomes compromised, the certificate expires, or cryptographic attacks become feasible on the
signature algorithm or the hash algorithm used in the submitted signature.
NOTE 1: A qualified preservation service for qualified electronic signatures or seals as per Regulation (EU)
No 910/2014 [i.2] for which the status of the technical validity needs to be preserved, is covered in this
case.
NOTE 2: The validity status of a signature means the status of the signature that will not change over time. Such a
status may be valid (TOTAL_PASSED according to ETSI EN 319 102-1 [i.6]) or invalid
(TOTAL_FAILED and certain cases for INDETERMINATE according to ETSI EN 319 102-1 [i.6]).
NOTE 3: "Digital signature techniques" designates techniques based on digital signatures, time-stamps or evidence
records.
2) The provision of a proof of existence of digital objects, whether they are signed or not, using digital signature
techniques (digital signatures, time-stamp tokens, evidence records, etc.).
NOTE 4: In this case, even if the main object to be preserved is a signature, it is treated in the same way as any
other file.
NOTE 5: A proof of existence of digital object not using digital signature techniques is not in the scope of the
present document.
The present document covers different strategies for the preservation service. The applicable requirements depend on
the strategy chosen by the preservation service.
EXAMPLE 1: The preservation service can provide storage, no storage, or temporary storage.
EXAMPLE 2: The preservation service can receive the digital signature, the signed data, the revocation
information or only hash values and evidences.
The present document identifies specific controls needed to address specific risks associated with preservation services.
The transformation of the original data into another data object with equivalent object content and semantic to avoid the
risk that the original data object/viewer system is becoming obsolete is out of the scope of the present document.
ETSI

---------------------- Page: 7 ----------------------
8 ETSI TS 119 511 V1.1.1 (2019-06)
2 References
2.1 Normative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
https://docbox.etsi.org/Reference.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are necessary for the application of the present document.
[1] ETSI EN 319 401: "Electronic Signatures and Infrastructures (ESI); General Policy Requirements
for Trust Service Providers".
[2] ETSI TS 119 612: "Electronic Signatures and Infrastructures (ESI); Trusted Lists".
[3] ISO/IEC 15408 (parts 1 to 3): "Information technology -- Security techniques -- Evaluation criteria
for IT security".
[4] ISO/IEC 19790: "Information technology -- Security techniques -- Security requirements for
cryptographic modules".
[5] FIPS PUB 140-2: "Security Requirements for Cryptographic Modules".
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
[i.1] Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the
protection of individuals with regard to the processing of personal data and on the free movement
of such data.
[i.2] Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on
electronic identification and trust services for electronic transactions in the internal market and
repealing Directive 1999/93/EC. OJ L 257, 28.8.2014, p. 73-114.
[i.3] Commission Implementing Decision (EU) 2015/1505 of 8 September 2015 laying down technical
specifications and formats relating to trusted lists pursuant to Article 22(5) of Regulation (EU) No
910/2014 of the European Parliament and of the Council on electronic identification and trust
services for electronic transactions in the internal market.
[i.4] ETSI TR 119 001: "Electronic Signatures and Infrastructures (ESI); The framework for
standardization of signatures; Definitions and abbreviations".
[i.5] ETSI TS 119 312: "Electronic Signatures and Infrastructures (ESI); Cryptographic Suites".
[i.6] ETSI EN 319 102-1: "Electronic Signatures and Infrastructures (ESI); Procedures for Creation and
Validation of AdES Digital Signatures; Part 1: Creation and Validation".
ETSI

---------------------- Page: 8 ----------------------
9 ETSI TS 119 511 V1.1.1 (2019-06)
[i.7] ETSI TS 119 122-3: "Electronic Signatures and Infrastructures (ESI); CAdES digital signatures;
Part 3: Incorporation of Evidence Record Syntax (ERS) mechanisms in CAdES".
[i.8] ETSI EN 319 162-1: "Electronic Signatures and Infrastructures (ESI); Associated Signature
Containers (ASiC); Part 1: Building blocks and ASiC Baseline containers".
[i.9] ETSI EN 319 411-1: "Electronic Signatures and Infrastructures (ESI); Policy and security
requirements for Trust Service Providers issuing certificates; Part 1: General requirements".
[i.10] ETSI EN 319 411-2: "Electronic Signatures and Infrastructures (ESI); Policy and security
requirements for Trust Service Providers issuing certificates; Part 2: Requirements for trust service
providers issuing EU qualified certificates".
[i.11] ETSI EN 319 421: "Electronic Signatures and Infrastructures (ESI); Policy and Security
Requirements for Trust Service Providers issuing Time-Stamps".
[i.12] ETSI EN 319 422: "Electronic Signatures and Infrastructures (ESI); Time-stamping protocol and
time-stamp token profiles".
[i.13] ETSI TS 119 512: "Electronic Signatures and Infrastructures (ESI); Protocols for trust service
providers providing long-term data preservation services".
[i.14] ISO/IEC 21320-1 (2015): "Information technology -- Document Container File -- Part 1: Core".
[i.15] ISO 14641-1:2018: "Electronic archiving -- Part 1: Specifications concerning the design and the
operation of an information system for electronic information preservation".
[i.16] ISO 14721:2012: "Space data and information transfer systems -- Open archival information
system (OAIS) -- Reference model".
[i.17] ISO 16363:2011: "Space data and information transfer systems -- Audit and certification of
trustworthy digital repositories".
[i.18] IETF RFC 3161: "Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)".
[i.19] IETF RFC 3986: "Uniform Resource Identifier (URI): Generic Syntax".
[i.20] IETF RFC 4998: "Evidence Record Syntax (ERS)".
[i.21] IETF RFC 5280 (2008): Public Key Infrastructure Certificate and Certificate Revocation List
(CRL) Profile".
[i.22] IETF RFC 5816 (2010): "ESSCertIDv2 Update for RFC 3161".
[i.23] IETF RFC 6283 (2011): "Extensible Markup Language Evidence Record Syntax (XMLERS)".
[i.24] IETF RFC 6960 (2013): "Online Certificate Status Protocol - OCSP".
[i.25] W3C Recommendation 26 November 2008: "Extensible Markup Language (XML) 1.0
(Fifth Edition)".
NOTE: Available at https://www.w3.org/TR/REC-xml/.
[i.26] BSI TR-03125-F: "Preservation of Evidence of Cryptographically signed Documents", Formats
(TR-ESOR-F).
NOTE: Available at https://www.bsi.bund.de/EN/tr-esor_XAIP.
[i.27] BSI TR-03125-M.3: "Preservation of Evidence of Cryptographically signed Documents", Formats
(TR-ESOR-M.3).
NOTE: Available at https://www.bsi.bund.de/EN/tr-esor.
ETSI

---------------------- Page: 9 ----------------------
10 ETSI TS 119 511 V1.1.1 (2019-06)
3 Definition of terms, symbols, abbreviations and
notations
3.1 Terms
For the purposes of the present document, the terms given in ETSI TR 119 001 [i.4] and the following apply:
certificate status authority: authority providing certificate status information
EXAMPLE: The certificate status information can be provided using the Online Certificate Status Protocol
(OCSP) [i.24] or in form of Certificate Revocation Lists (CRL) [i.21].
container: data object, which contains a set of data objects and optional additional information, which describes the
contained data objects and optionally its content and its interrelationships
EXAMPLE: The format of a container can be based on, ZIP as defined in ISO/IEC 21320-1 [i.14] or
XML [i.25]. ASiC [i.8] is an example of a container based on ZIP.
NOTE: Additional information may comprise associated digital signatures, time-stamps, evidence records,
validation data (CRLs, OCSP responses) and validation reports.
data object: actual binary/octet data being operated on (e.g. transformed, digested, or signed) by an application and
which may be associated with additional information like an identifier, the encoding, size or type
delta preservation object container: special preservation object container describing the difference to an already
existing preservation object container
digital signature techniques: techniques based on
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.