With the adoption of the eIDAS Regulation, the European Union legislation has redefined the requirements for qualified electronic signatures, the digital replacement of handwritten signatures. In addition, the possibility of a qualified electronic seal has been created with which a company or organisation (legal entity) can prove the authenticity of sealed data to third parties. Services (trust services) can be established around the creation and use of qualified signatures and seals, which can be granted the status “qualified” after a successful conformity assessment.
The conformity assessment for you as a Trust Service Provider is carried out in two steps: a documentation check and an on-site audit in which it is verified if the documented security mechanisms have also been correctly implemented. A more detailed description of the procedure and the security requirements to be applied from legislation and relevant standards can be found in the associated certification programme. The conformity assessment is carried out by SRC, the status is assigned by the responsible supervisory body. In Germany, these are the BSI (qualified certificates for websites) and the Federal Network Agency (all other services).
In order to carry out such an assessment, SRC as the testing body must also prove its expertise and independence in an accreditation procedure. National conformity assessment bodies are accredited by the German Accreditation Body (DAkkS).
We are pleased to offer you the opportunity to draw on the expertise and experience of our independent security experts for the conformity assessment of your trust service.
Further information can be found on src-zert.de/en/.