iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST EN 319 411-1 V1.4.1:2023

(Main)

Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 1: General requirements

Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 1: General requirements

The present document specifies generally applicable policy and security requirements for Trust Service Providers
(TSPs) issuing public key certificates, including trusted web site certificates.
The policy and security requirements are defined in terms of requirements for the issuance, maintenance and life-cycle
management of certificates. These policy and security requirements support several reference certificate policies,
defined in clauses 4 and 5.
A framework for the definition of policy requirements for TSPs issuing certificates in a specific context where
particular requirements apply is defined in clause 7.
The present document covers requirements for CA hierarchies, however this is limited to supporting the policies as
specified in the present document. It does not include requirements for root CAs and intermediate CAs for other
purposes.
The present document is applicable to:
• the general requirements of certification in support of cryptographic mechanisms, including digital signatures
for electronic signatures and seals;
• the general requirements of certification authorities issuing TLS/SSL certificates;
• the general requirements of the use of cryptography for authentication and encryption.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
assessors.
NOTE: See ETSI EN 319 403 [i.2] for guidance on assessment of TSP's processes and services. The present
document references ETSI EN 319 401 [9] for general policy requirements common to all classes of
TSP's services.
The present document includes provisions consistent with the requirements from the CA/Browser Forum in EVCG [4]
and BRG [6].

Elektronski podpisi in infrastruktura (ESI) - Zahteve politike in varnosti za ponudnike storitev zaupanja, ki izdajajo digitalna potrdila - 1. del: Splošne zahteve

Ta dokument določa splošno veljavne zahteve politike in varnosti za ponudnike storitev zaupanja (TSP), ki izdajajo digitalna potrdila javnih ključev, vključno s potrdili zaupanja vrednih spletnih mest.
Zahteve politike in varnosti so določene v smislu zahtev za izdajanje, vzdrževanje in upravljanje življenjskega cikla digitalnih potrdil. Te zahteve politike in varnosti podpirajo več referenčnih politik digitalnih potrdil, določenih v točkah 4 in 5.
Okvir za opredelitev zahtev politike za ponudnike storitev zaupanja, ki izdajajo digitalna potrdila v posebnem kontekstu, v katerem veljajo določene zahteve, je določen v točki 7.
Ta dokument zajema zahteve za hierarhije overiteljev digitalnih potrdil, vendar je to omejeno na podporo politik, opredeljenih v tem dokumentu. Ne vključuje zahtev za overitelje korenskih digitalnih potrdil in overitelje vmesnih digitalnih potrdil za druge namene.
Ta dokument se uporablja za:
• splošne zahteve za izdajanje digitalnih potrdil za podporo kriptografskih mehanizmov, vključno z digitalnimi podpisi za elektronske podpise in pečate;
• splošne zahteve za overitelje digitalnih potrdil, ki izdajajo digitalna potrdila TLS/SSL;
• splošne zahteve za uporabo kriptografije za preverjanje pristnosti in šifriranje.
Ta dokument ne določa, kako lahko opredeljene zahteve oceni neodvisna stran, vključno z zahtevami glede informacij, ki jih je treba razkriti takim neodvisnim ocenjevalcem, ali zahtevami glede takih ocenjevalcev.
OPOMBA: Glej standard ETSI EN 319 403 [i.2] za navodila v zvezi z ocenjevanjem procesov in storitev ponudnikov storitev zaupanja. Ta dokument se sklicuje na standard ETSI EN 319 401 [9] za splošne zahteve politike, ki so skupne vsem razredom storitev ponudnikov storitev zaupanja.
Ta dokument vsebuje določbe, skladne z zahtevami organa CA/Browser Forum v smernicah EVCG [4] in BRG [6].

General Information

Status
Published
Public Enquiry End Date
30-Sep-2023
Publication Date
13-Nov-2023
ICS
03.080.99 - Other services
35.030 - IT Security
35.040.01 - Information coding in general
Technical Committee
SPN - Services and Protocols for Networks
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
09-Nov-2023
Due Date
14-Jan-2024
Completion Date
14-Nov-2023
Mandate
M/460
Ref Project
ETSI EN 319 411-1 V1.4.1 (2023-10) - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements

Buy Standard

ETSI EN 319 411-1 V1.4.0 (2023-07) - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirementsETSI EN 319 411-1 V1.4.0 (2023-07) - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements
PreviousNext
Standard
ETSI EN 319 411-1 V1.4.0 (2023-07) - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements
English language
58 pages
sale 15% off
Preview
sale 15% off
Preview
ETSI EN 319 411-1 V1.4.1 (2023-10) - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirementsETSI EN 319 411-1 V1.4.1 (2023-10) - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements
PreviousNext
Standard
ETSI EN 319 411-1 V1.4.1 (2023-10) - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements
English language
59 pages
sale 15% off
Preview
sale 15% off
Preview
EN 319 411-1 V1.4.1:2023EN 319 411-1 V1.4.1:2023
PreviousNext
Standard
EN 319 411-1 V1.4.1:2023
English language
59 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
prEN 319 411-1 V1.4.0:2023prEN 319 411-1 V1.4.0:2023
PreviousNext
Draft
prEN 319 411-1 V1.4.0:2023
English language
58 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

Draft ETSI EN 319 411-1 V1.4.0 (2023-07)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 1: General requirements

---------------------- Page: 1 ----------------------
2 Draft ETSI EN 319 411-1 V1.4.0 (2023-07)

Reference
REN/ESI-0019411-1v141
Keywords
e-commerce, electronic signature, extended
validation certificate, public key, security, trust
services

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871

Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2023.
All rights reserved.

ETSI

---------------------- Page: 2 ----------------------
3 Draft ETSI EN 319 411-1 V1.4.0 (2023-07)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology . 6
Introduction . 6
1 Scope . 7
2 References . 7
2.1 Normative references . 7
2.2 Informative references . 8
3 Definition of terms, symbols, abbreviations and notations .
...

ETSI EN 319 411-1 V1.4.1 (2023-10)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 1: General requirements

---------------------- Page: 1 ----------------------
2 ETSI EN 319 411-1 V1.4.1 (2023-10)

Reference
REN/ESI-0019411-1v141
Keywords
e-commerce, electronic signature, extended
validation certificate, public key, security, trust
services

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871

Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2023.
All rights reserved.

ETSI

---------------------- Page: 2 ----------------------
3 ETSI EN 319 411-1 V1.4.1 (2023-10)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology . 6
Introduction . 6
1 Scope . 7
2 References . 7
2.1 Normative references . 7
2.2 Informative references . 8
3 Definition of terms, symbols, abbreviations and notations . 10
3.1 Terms
...

SLOVENSKI STANDARD
SIST EN 319 411-1 V1.4.1:2023
01-december-2023
Elektronski podpisi in infrastruktura (ESI) - Zahteve politike in varnosti za
ponudnike storitev zaupanja, ki izdajajo digitalna potrdila - 1. del: Splošne zahteve
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for
Trust Service Providers issuing certificates - Part 1: General requirements
Ta slovenski standard je istoveten z: ETSI EN 319 411-1 V1.4.1 (2023-10)
ICS:
03.080.99 Druge storitve Other services
35.030 Informacijska varnost IT Security
35.040.01 Kodiranje informacij na Information coding in general
splošno
SIST EN 319 411-1 V1.4.1:2023 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN 319 411-1 V1.4.1:2023

---------------------- Page: 2 ----------------------
SIST EN 319 411-1 V1.4.1:2023
ETSI EN 319 411-1 V1.4.1 (2023-10)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 1: General requirements

---------------------- Page: 3 ----------------------
SIST EN 319 411-1 V1.4.1:2023
 2 ETSI EN 319 411-1 V1.4.1 (2023-10)

Reference
REN/ESI-0019411-1v141
Keywords
e-commerce, electronic signature, extended
validation certificate, public key, security, trust
services

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871

Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2023.
All rights reserved.

ETSI

---------------------- Page: 4 ----------------------
SIST EN 319 411-1 V1.4.1:2023
 3 ETSI EN 319 411-1 V1.4.1 (2023-10)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology .
...

SLOVENSKI STANDARD
oSIST prEN 319 411-1 V1.4.0:2023
01-september-2023
Elektronski podpisi in infrastruktura (ESI) - Zahteve politike in varnosti za
ponudnike storitev zaupanja, ki izdajajo digitalna potrdila - 1. del: Splošne zahteve
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for
Trust Service Providers issuing certificates - Part 1: General requirements
Ta slovenski standard je istoveten z: ETSI EN 319 411-1 V1.4.0 (2023-07)
ICS:
03.080.99 Druge storitve Other services
35.030 Informacijska varnost IT Security
35.040.01 Kodiranje informacij na Information coding in general
splošno
oSIST prEN 319 411-1 V1.4.0:2023 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN 319 411-1 V1.4.0:2023

---------------------- Page: 2 ----------------------
oSIST prEN 319 411-1 V1.4.0:2023
Draft ETSI EN 319 411-1 V1.4.0 (2023-07)






EUROPEAN STANDARD
Electronic Signatures and Infrastructures (ESI);
Policy and security requirements for
Trust Service Providers issuing certificates;
Part 1: General requirements

---------------------- Page: 3 ----------------------
oSIST prEN 319 411-1 V1.4.0:2023

2 Draft ETSI EN 319 411-1 V1.4.0 (2023-07)

Reference
REN/ESI-0019411-1v141
Keywords
e-commerce, electronic signature, extended
validation certificate, public key, security, trust
services

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871

Important notice
The present document can be downloaded from:
https://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure Program:
https://www.etsi.org/standards/coordinated-vulnerability-disclosure
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2023.
All rights reserved.

ETSI

---------------------- Page: 4 ----------------------
oSIST prEN 319 411-1 V1.4.0:2023

3 Draft ETSI EN 319 411-1 V1.4.0 (2023-07)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST EN 319 411-2 V2.5.1:2023(Main)
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 2: Requirements for trust service providers issuing EU qualified certificates
ETSI EN 319 411-2 V2.5.1 (2023-10)

The present document specifies policy and security requirements for the issuance, maintenance and life-cycle
management of EU qualified certificates as defined in Regulation (EU) No 910/2014 [i.1]. These policy and security
requirements support reference certificate policies for the issuance, maintenance and life-cycle management of EU
qualified certificates issued to natural persons (including natural persons associated with a legal person or a website)
and to legal persons (including legal persons associated with a website), respectively.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
assessors.
NOTE: See ETSI EN 319 403 [i.6] for guidance on assessment of TSP's processes and services. The present
document references ETSI EN 319 411-1 [2] for general requirements on TSP issuing certificates.

  • Standard
    32 pages
    English language
    sale 15% off
  • Standard
    33 pages
    English language
    sale 15% off
  • Standard
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    32 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 319 411-2 V2.4.1:2022(Main)
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 2: Requirements for trust service providers issuing EU qualified certificates
ETSI EN 319 411-2 V2.4.1 (2021-11)

The present document specifies policy and security requirements for the issuance, maintenance and life-cycle
management of EU qualified certificates as defined in Regulation (EU) No 910/2014 [i.1]. These policy and security
requirements support reference certificate policies for the issuance, maintenance and life-cycle management of EU
qualified certificates issued to natural persons (including natural persons associated with a legal person or a website)
and to legal persons (including legal persons associated with a website), respectively.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
assessors.
NOTE: See ETSI EN 319 403 [i.6] for guidance on assessment of TSP's processes and services. The present
document references ETSI EN 319 411-1 [2] for general requirements on TSP issuing certificates.

  • Standard
    31 pages
    English language
    sale 15% off
  • Standard
    31 pages
    English language
    sale 15% off
  • Standard
    31 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    31 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 319 411-2 V2.3.1:2021(Main)
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 2: Requirements for trust service providers issuing EU qualified certificates
ETSI EN 319 411-2 V2.3.1 (2021-05)

The present document specifies policy and security requirements for the issuance, maintenance and life-cycle
management of EU qualified certificates as defined in Regulation (EU) No 910/2014 [i.1]. These policy and security
requirements support reference certificate policies for the issuance, maintenance and life-cycle management of EU
qualified certificates issued to natural persons (including natural persons associated with a legal person or a website)
and to legal persons (including legal persons associated with a website), respectively.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
assessors.
NOTE: See ETSI EN 319 403 [i.6] for guidance on assessment of TSP's processes and services. The present
document references ETSI EN 319 411-1 [2] for general requirements on TSP issuing certificates.

  • Standard
    31 pages
    English language
    sale 15% off
  • Standard
    31 pages
    English language
    sale 15% off
  • Standard
    31 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    31 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 319 411-1 V1.3.1:2021(Main)
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 1: General requirements
ETSI EN 319 411-1 V1.3.1 (2021-05)

The present document specifies generally applicable policy and security requirements for Trust Service Providers
(TSPs) issuing public key certificates, including trusted web site certificates.
The policy and security requirements are defined in terms of requirements for the issuance, maintenance and life-cycle
management of certificates. These policy and security requirements support several reference certificate policies,
defined in clauses 4 and 5.
A framework for the definition of policy requirements for TSPs issuing certificates in a specific context where
particular requirements apply is defined in clause 7.
The present document covers requirements for CA hierarchies, however this is limited to supporting the policies as
specified in the present document. It does not include requirements for root CAs and intermediate CAs for other
purposes.
The present document is applicable to:
• the general requirements of certification in support of cryptographic mechanisms, including digital signatures
for electronic signatures and seals;
• the general requirements of certification authorities issuing TLS/SSL certificates;
• the general requirements of the use of cryptography for authentication and encryption.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
assessors.
NOTE: See ETSI EN 319 403 [i.2] for guidance on assessment of TSP's processes and services. The present
document references ETSI EN 319 401 [8] for general policy requirements common to all classes of
TSP's services.
The present document includes provisions consistent with the requirements from the CA/Browser Forum in EVCG [4]
and BRG [5].

  • Standard
    56 pages
    English language
    sale 15% off
  • Standard
    56 pages
    English language
    sale 15% off
  • Standard
    56 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    56 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 319 411-1 V1.2.2:2018(Main)
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 1: General requirements
ETSI EN 319 411-1 V1.2.2 (2018-04)

The present document specifies generally applicable policy and security requirements for Trust Service Providers (TSP)
issuing public key certificates, including trusted web site certificates.
The policy and security requirements are defined in terms of requirements for the issuance, maintenance and life-cycle
management of certificates. These policy and security requirements support several reference certificate policies,
defined in clauses 4 and 5.
A framework for the definition of policy requirements for TSPs issuing certificates in a specific context where
particular requirements apply is defined in clause 7.
The present document covers requirements for CA hierarchies, however this is limited to supporting the policies as
specified in the present document. It does not include requirements for root CAs and intermediate CAs for other
purposes.
The present document is applicable to:
• the general requirements of certification in support of cryptographic mechanisms, including digital signatures
for electronic signatures and seals;
• the general requirements of certification authorities issuing TLS/SSL certificates;
• the general requirements of the use of cryptography for authentication and encryption.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
assessors.
NOTE: See ETSI EN 319 403 [i.2] for guidance on assessment of TSP's processes and services. The present
document references ETSI EN 319 401 [8] for general policy requirements common to all classes of
TSP's services.
The present document includes provisions consistent with the requirements from the CA/Browser Forum in EVCG [4]
and BRG [5].

  • Standard
    52 pages
    English language
    sale 15% off
  • Standard
    52 pages
    English language
    sale 15% off
  • Standard
    52 pages
    English language
    sale 15% off
  • Standard
    52 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    52 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 319 411-2 V2.2.2:2018(Main)
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 2: Requirements for trust service providers issuing EU qualified certificates
ETSI EN 319 411-2 V2.2.2 (2018-04)

The present document specifies policy and security requirements for the issuance, maintenance and life-cycle
management of EU qualified certificates as defined in Regulation (EU) No 910/2014 [i.1]. These policy and security
requirements support reference certificate policies for the issuance, maintenance and life-cycle management of EU
qualified certificates issued to natural persons (including natural persons associated with a legal person or a website)
and to legal persons (including legal persons associated with a website), respectively.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
assessors.
NOTE: See ETSI EN 319 403 [i.6] for guidance on assessment of TSP's processes and services. The present
document references ETSI EN 319 411-1 [2] for general requirements on TSP issuing certificates.

  • Standard
    31 pages
    English language
    sale 15% off
  • Standard
    31 pages
    English language
    sale 15% off
  • Standard
    31 pages
    English language
    sale 15% off
  • Standard
    31 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    31 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 319 412-5 V2.2.1:2018(Main)
Electronic Signatures and Infrastructures (ESI) - Certificate Profiles - Part 5: QCStatements
ETSI EN 319 412-5 V2.2.1 (2017-11)

The present document defines specific QCStatement for the qcStatements extension as defined in IETF
RFC 3739 [2], clause 3.2.6, including requirements for their use in EU qualified certificates. Some of these
QCStatements can be used for other forms of certificate.
The QCStatements defined in the present document can be used in combination with any certificate profile, either
defined in ETSI EN 319 412-2 [i.2], ETSI EN 319 412-3 [i.5] and ETSI EN 319 412-4 [i.6], or defined elsewhere.
The QCStatements defined in clause 4.3 may be applied to regulatory environments outside the EU. Other
requirements specified in clause 4 are specific to Regulation (EU) No 910/2014 [i.8] but may be adapted for other
regulatory environments.

  • Standard
    18 pages
    English language
    sale 15% off
  • Standard
    18 pages
    English language
    sale 15% off
  • Standard
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 319 411-2 V2.1.1:2016(Main)
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 2: Requirements for trust service providers issuing EU qualified certificates
ETSI EN 319 411-2 V2.1.1 (2016-02)

The present document specifies policy and security requirements for the issuance, maintenance and life-cycle
management of EU qualified certificates as defined in Regulation (EU) N° 910/2014 [i.1]. These policy and security
requirements support reference certificate policies for the issuance, maintenance and life-cycle management of EU
qualified certificates issued to natural persons (including natural persons associated with a legal person or a website)
and to legal persons (including legal persons associated with a website), respectively.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
assessors. The present document however provides in annex B a check list of the policy requirements specific to TSP
issuing EU qualified certificates (as expressed in the present document) as well as all the requirements incorporated by
reference to ETSI EN 319 411-1 [2] and ETSI EN 319 401 [1], that can be used by the TSP to prepare an assessment of
its practices against the present document and/or by the assessor when conducting the assessment for confirming that a
TSP meets the requirements for issuing qualified certificates under Regulation (EU) N° 910/2014 [i.1].
NOTE: See ETSI EN 319 403 [i.6] for guidance on assessment of TSP processes and services.

  • Standard
    2 pages
    English language
    sale 15% off
  • Standard
    27 pages
    English language
    sale 15% off
  • Standard
    28 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 319 411-1 V1.1.1:2016(Main)
Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 1: General requirements
ETSI EN 319 411-1 V1.1.1 (2016-02)

The present document specifies generally applicable policy and security requirements for Trust Service Providers (TSP) issuing public key certificates, including trusted web site certificates.
The policy and security requirements are defined in terms of requirements for the issuance,  aintenance and life-cycle management of certificates. These policy and security requirements support six reference certificate policies, defined in clause 5.
A framework for the definition of policy requirements for TSPs issuing certificates in a specific context where particular requirements apply is defined in clause 7.
The present document covers requirements for CA hierarchies, however this is limited to supporting the policies as specified in the present document. It does not include requirements for root CAs and intermediate CAs for other purposes.
The present document is applicable to:
• the general requirements of certification in support of cryptographic mechanisms, including digital signatures and seals;
• the general requirements of certification authorities issuing TLS/SSL certificates;
• the general requirements of the use of cryptography for authentication and encryption.
The present document does not specify how the requirements identified can be assessed by an independent party, including requirements for information to be made available to such independent assessors, or requirements on such assessors.
NOTE: See ETSI EN 319 403 [i.2] for guidance on assessment of TSP processes and services. The present
document references ETSI EN 319 401 [8] for general policy requirements common to all classes of TSP
services.
The present document however provides in annex C, a checklist of the policy requirements specific to TSP issuing certificates (as expressed in the present document) including the generic requirements which are independent of the type of service (as expressed in ETSI EN 319 401 [8]).
The present document includes provisions consistent with the requirements from the CA/Browser Forum in EVCG [4] and BRG [5].

  • Standard
    2 pages
    English language
    sale 15% off
  • Standard
    45 pages
    English language
    sale 15% off
  • Standard
    46 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 319 401 V2.1.1:2016(Main)
Electronic Signatures and Infrastructures (ESI) - General Policy Requirements for Trust Service Providers
ETSI EN 319 401 V2.1.1 (2016-02)

The present document specifies general policy requirements relating to trust service providers (TSPs) that are
independent of the type of TSP. It defines policy requirements on the operation and management practices of TSPs.
Other specifications refine and extend these requirements as applicable to particular forms of TSP. The present
document does not specify how the requirements identified can be assessed by an independent party, including
requirements for information to be made available to such independent assessors, or requirements on such assessors.
NOTE: See ETSI EN 319 403 [i.6]: "Electronic Signatures and Infrastructures (ESI); Requirements for
conformity assessment bodies assessing Trust Service Providers".

  • Standard
    2 pages
    English language
    sale 15% off
  • Standard
    18 pages
    English language
    sale 15% off
  • Standard
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day