Title: Panel 2: Development and market uptake of standards of the EESSI programme Republic of Hungary
1Panel 2Development and market uptake of
standards of the EESSI programmeRepublic of
Hungary
István Rényi Communication Authority,
Hungary e-mail renyi_at_hif.hu
2Overview
- Current activities at HIF regarding
- supervision and registration of CSPs issuing QCs,
and/or performing qualified TSA. - registration of SSCDs and attestation bodies
- Plans for interoperability testing
- Plans for the adoption of e-sign standards
HIF Communication Authority, Hungary CSP Certifi
cation Service Provider QC Qualified
Certificate TSA Time Stamping Authority SSCD Sec
ure Signature Creation Device
3Supervision of CSPs/TSAs (1)
- Specifying the baseline requirements
- I. Policy rqs, CSP/TSA operation, processes,
management, personnel, financial rqs. Heavily
relying on - - ETSI TS 101 456 Policy rqs for Certificn
Authorities - issuing QCs
- - ETSI STF 178-T1 Policy rqs for Time-Stamping
Auths - II. Physical, environmental and IT security
rqs.Also relying on CEN/ISSSs Area D1
Trustworthy systems... - III. Sample Certificate Practice Statement
- Supervising body
- Body being set up at HIF, will be empowered to
carry out all obligatory tasks
4Supervision of CSPs/TSAs (2)
- Process of supervision
- notification ? self declaration ? analysis of
declarn docus - ? checking of ALL requirements by expert team
- Successful supervision results in registration
- Entered into registry
- ID of Service Provider entitled to issue QCs/QTSs
- ID of Certificate Policies
- Supervision repeated on a yearly basis
5Attestation of SCDs
- Attested SCDs (SSCDs), those meeting essential
sec rqs are entered into registry - Attestation process
- Organisation acquires accreditation from NAB
- Accredited body applies for designation by
sectoral minister - Designated body, carrying out conformity
assesment may attest SCDs - based on inspection
results of accredited laboratories - Registration supervision of designated bodies
6Plans for interoperability testing
- Aim promoting interoperability between PKI
related products, and developing best practice by
bringing together the various standards based
technologies - Testbed project to be managed by HIF
- Participants (CSPs, client application
developers, users, government, etc.) entering on
own cost - Expected benefit change in the public and
industry perception of PKI interoperability
7Adoption of e-sign standards
- Responsible organization Hungarian Standards
Institution (MSZT)About to establish E-Sign
Working Group - Digest of all available EESSI deliverables by
September, 2001 - Adoption (and translation) of enacted
ETSI-SEC/ESI standards - Adoption of CEN/ISSS standardsTranslations
subject to budgetary constraints - priorities to
be set