The Open PEPPOL e-id & e-signature

Similar documents
PEPPOL - esignature. eprocurement Meeting epractise Vienna, 24th March 2011 Lars Thölken, Deputy Work Package Manager esignature.

e-sens Electronic Simple European Networked Services Rome,

Taking down digital barriers to cross- border business

Building the foundation for European wide eprocurement

ERASMUS+ MASTER LOANS

ERASMUS FOR YOUNG ENTREPRENEURS : A NEW EXCHANGE PROGRAMME

NEW PASSENGER CAR REGISTRATIONS BY ALTERNATIVE FUEL TYPE IN THE EUROPEAN UNION 1 Quarter

ERASMUS+ MASTER LOANS

Statewatch Briefing ID Cards in the EU: Current state of play

ARE THE POINTS OF SINGLE CONTACT TRULY MAKING THINGS EASIER FOR EUROPEAN COMPANIES?

1. Perception of the Bancruptcy System Perception of In-court Reorganisation... 4

The innovation value chain:

Pre-Commercial Procurement (PCP)

FEDERATION EUROPEENNE DE LA MANUTENTION Product Group. industrial trucks. A brief guide for identification of noncompliant. - Exhaust Emission -

Building the PEPPOL community OpenPEPPOL

Computing our Future Computer programming and coding in schools in Europe. Anja Balanskat, Senior Manager European Schoolnet

The Guardianship Service

41 T Korea, Rep T Netherlands T Japan E Bulgaria T Argentina T Czech Republic T Greece 50.

MGA for PCP and PPI cofunds in Horizon 2020

INNOBAROMETER THE INNOVATION TRENDS AT EU ENTERPRISES

Credit transfer to Customer account with AS "Meridian Trade Bank" EUR, USD free of charge * Other countries currency information in the Bank

THE ROLE OF PUBLIC SUPPORT IN THE COMMERCIALISATION OF INNOVATIONS

Implementing the cooperation mechanisms of the RES directive current status and open questions

COMMUNICATION FROM THE COMMISSION

13 th Economic Trends Survey of the Architects Council of Europe

ERASMUS+ MASTER LOANS

Equity Release Schemes in the European Union

Employee eligibility to work in the UK

Waste. Copenhagen, 3 rd September Almut Reichel Project Manager Sustainable consumption and production & waste, European Environment Agency

EUF STATISTICS. 31 December 2013

BEST PRACTICES/ TRENDS/ TO-DOS

EU Lesson Plan. Name of Teacher: Sharon Goralewski School: Oakland Schools Title of Lesson Plan: The European Union: United in Diversity

Labour Force Survey 2014 Almost 10 million part-time workers in the EU would have preferred to work more Two-thirds were women

BUSINESS-TO-BUSINESS ALTERNATIVE DISPUTE RESOLUTION IN THE EU

Contribution to the online consultation July 2007

E-Signatures and E-Procurement

EUROPE 2020 TARGETS: RESEARCH AND DEVELOPMENT

Family benefits Information about health insurance country. Udbetaling Danmark Kongens Vænge Hillerød. A. Personal data

SEPA. Changes in the Payment System Implementation of the European SEPA Regulations for Kuna and Euro Payments

The Community Innovation Survey 2010 (CIS 2010)

SURVEY ON THE TRAINING OF GENERAL CARE NURSES IN THE EUROPEAN UNION. The current minimum training requirements for general care nurses

OpenPEPPOL: e-procurement in Europe

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security

- Assessment of the application by Member States of European Union VAT provisions with particular relevance to the Mini One Stop Shop (MOSS) -

AMADEUS: Analyse MAjor Databases from EUropean Sources - A financial database of 4 million European companies, including Eastern Europe MODULE.

Single Euro Payments Area

Pan-European opinion poll on occupational safety and health

Energy prices in the EU Household electricity prices in the EU rose by 2.9% in 2014 Gas prices up by 2.0% in the EU

PROJECT: EURO-AUDITS THE EUROPEAN ROAD SAFETY AUDITOR TRAINING SYLLABUS APPENDIX E SURVEY RESULTS. October 2007

Alcohol Consumption in Ireland A Report for the Health Service Executive

How To Calculate Tax Burden In European Union

Analysis of statistics 2015

Planned Healthcare in Europe for Lothian residents

2 ND CALL FOR PROPOSALS 27 October January 2009

ERMInE Database. Presentation by Nils Flatabø SINTEF Energy Research. ERMInE Workshop 2 - Northern Europe Oslo, 1. November 2006

This document is a preview generated by EVS

187/ December EU28, euro area and United States GDP growth rates % change over the previous quarter

INTERNATIONAL TRACKED POSTAGE SERVICE

99/ June EU28, euro area and United States GDP growth rates % change over the previous quarter

Fostering Entrepreneurship among young people through education: a EU perspective. Simone Baldassarri Unit Entrepreneurship

FUSIONS Food waste data set for EU-28. New Estimates and Environmental Impact

Association of the Councils of State and Supreme Administrative Jurisdictions of the EU

Erasmus+ International Cooperation

Adobe Public Relations (PR) Guidelines

GfK PURCHASING POWER INTERNATIONAL

The structure of the European education systems. schematic diagrams. Eurydice Highlights. Education and Training

EBA REPORT ON THE BENCHMARKING OF DIVERSITY PRACTICES. EBA-Op July 2016

Size and Development of the Shadow Economy of 31 European and 5 other OECD Countries from 2003 to 2015: Different Developments

EN ISO Safety of machinery Risk assessment. Sicherheit von Maschinen Risikobeurteilung Teil 1: Leitsätze (ISO :2007)

Towards a Cloud Computing Strategy for Europe Digital Assembly, June 17, Brussels.

This factsheet contains help and information for financial advisers who wish to advise their clients who live in Europe.

How To Know If You Can Get An Euro Blue Card

ARE YOU A EUROPEAN CITIZEN LIVING IN BELGIUM? Come and vote for the European Parliament on 25 May 2014!

IN AN EMERGENCY / 2016

193/ December Hourly labour costs in the EU28 Member States, 2012 (in )

International ACH: Payment Gateway to Europe

International Hints and Tips

TPI: Traffic Psychology International on a common European curriculum for postgraduate education in traffic psychology

Exercise 39. The Euro. At the end of this exercise you will:

TOWARDS PUBLIC PROCUREMENT KEY PERFORMANCE INDICATORS. Paulo Magina Public Sector Integrity Division

CENTRAL BANK OF CYPRUS

168/ November At risk of poverty or social exclusion 2 rate in the EU28, (% of total population)

epsos Response on Patient Summary Dataset

DRAFT AMENDING BUDGET N 6 TO THE GENERAL BUDGET 2014 GENERAL STATEMENT OF REVENUE

esignature building block Introduction to the Connecting Europe Facility DIGIT Directorate-General for Informatics

Where science & ethics meet. The EFGCP Report on The Procedure for the Ethical Review of Protocols for Clinical Research Projects in Europe and Beyond

HOW COMPANIES INFLUENCE OUR SOCIETY: CITIZENS VIEW

HIV/AIDS mortality in Europe Monitoring mortality among injecting drug users?

Analysis on European landscape & Match making tool for Photonics Industry & Research

The structure of the European education systems 2012/13: schematic diagrams

10TH EDITION MERGER CONTROL VADEMECUM FILING THRESHOLDS AND CLEARANCE CONDITIONS IN THE 29 EUROPEAN JURISDICTIONS

User language preferences online. Analytical report

An enabling volunteering infrastructure in Europe: Situation Trends Outlook

How To Study The Small Ruminant Population In The European Land Animals

E-Identification and Authentication practices for ehealth in the EU Member States

Overview of FAA Bilateral Agreements

Business Cooperation Database Profile Extraction

The European Entrepreneur Exchange Programme

Transcription:

The Open PEPPOL e-id & e-signature http://www.peppol.eu/ Including inputs from the open PEPPOL community and from the world e-id presentation Rome October 3 rd 2013 alain.ducass@adetef.finances.gouv.fr

OpenPEPPOL AISBL The PEPPOL project reached a successful completion, 31 st of August 2012. OpenPEPPOL AISBL* has been operational from 1 st of September 2012, taking over ownership of PEPPOL results and governance responsibilities. OpenPEPPOL s goals are: Encourage European governments and their suppliers to continue implementing eprocurement using the PEPPOL specifications, promoting best practices Ensure that the PEPPOL network continues to grow in an open, accessible and compliant manner, supporting interoperability for European public services and helping Europe move towards a Digital Single Market Encourage the development of innovative PEPPOL-based ICT products and services supporting public procurement processes, fostering their use also in the B2B context *OpenPEPPOL is an international non-profit organisation under Belgian law founded by former PEPPOL consortium partners, with membership open to public and private organisations.

www.peppol.eu Organisation The e-id PEPPOL community will be launched in Rome on October 4th www.peppol.eu

www.peppol.eu Background 31 August 2012 end of the PEPPOL program with output approved by the Commission 31 August 2012 Transmission of the assets of the PEPPOL program to the Open PEPPOL association created under the Belgium law. Adoption of the esens program under ICT PSP to take over the 5 PSP programs: ecodex, EPSOS, PEPPOL, SPOCS, STORK. Pending discussion for a new Regulation on eid and etsp to replace Directive 1999/93 August 2013 : grant agreement sent to the esens consortium for signature 3rd October 2013 launch of the e-signature / e-id community within Open PEPPOL PEPPOL is an EU co-funded project CIP-ICT PSP-2007 No 224974

PEPPOL Validation scheme Decentralized approach (subsidiarity) Network of local services to collect, exchange and process certificates/signatures data European actor s role limited to registration of local services and network s info exchange ADETEF Esteral Consulting 5

www.peppol.eu Interoperability What Open PEPPOL wishes? Meaningful and timely recommendations and standards; Common business process and information models which capture user requirements independent of any specific technology; Mapping these models to new technologies as required.

Signature Interoperability Challenge France Loi 2001 230 Law Europe Directive 99/93 Décret 2001 272 Regulation Annexes 1, 2, 3 RGS (Art. 3 7) Arrêté 28/08/2006 Standards ETSI standards ADETEF Esteral Consulting 7

esignature Technical Validation Scheme 1.) PEPPOL XKMS Requester: end users 2.) PEPPOL XKMS Responder: Validation Services (VS) 3.) PEPPOL Public Registry Service (PPRS): VS addresses (TSLs) ADETEF Esteral Consulting 8

Infrastructure and Components ready to use Functional specifications for crossborder use of esignatures in public procurement 7 parts: 1. Background and Scope 2. E-tendering Pilot Specifications 3. Signature Policies 4. Architecture and Trust Models 5. XKMS v2 Interface Specification 6. OASIS DSS Interface Specification 7. eid and e-signature Quality Classification Latest version see D1.3 on line: Open source server Software Free to use validation client with API for integration Own implementation towards XKMS interface (with Toolkit) http://www.peppol.eu/deliverables/wp-1

PEPPOL Validation Parameters Output of XKMS 0 1 2 3 4 5 6 7 Certificate Policy ETSI 102-042 ETSI 101 456 none Exists LCP NCP NCP+ QCP QCP+ Independent Assurance self Ext. Doc. Int. audit Super Ext. audits Ext. certif. Super + Ext. audits Accre. + Ext. audits Public Key (length + algo.) Too weak 3 y. 5-10 years Increasing levels of security Hash function ETSI 102-176-1 Too weak 3 y. 5-10 years Increasing levels of security ADETEF Esteral Consulting 10 PEPPOL is an EU co-funded project CIP-ICT PSP-2007 No 224974

Cross-border e-signature market theoritical Belgium Finland Lithuania Norway Germany Poland Suisse Austria Spain France Italy Greece Bulgaria Czech Estonia Latvia Hungary Malta Netherlands Portugal Romania Slovakia Denmark Slovenia Sweden United Kingdom Luxembourg

Cross-border e-signature market At the end of PEPPOL Germany Bremen On Line (BOS) France Lex Persona (ADETEF) Estonia Unizeto 25 national TSL Italy Infocert (Infocamere) Greece (UPRC) Page 12 ADETEF Esteral Consulting

www.peppol.eu The French Platforms As explained in the 2012 world e-id congress, the French Governement implemented on its website a PEPPOL interface to validate crossborder esignatures. This platform operated by Lex Persona got approximately 800 requests per month 1000 local authorities KLEKOON 400 local authorities DOUBLE TRADE PLACE (AIFE) Ministries & Chamber of Commerce & Ugap PEPPOL PEPPOL XKMS XKMS Validation Validation Cloud Cloud French Validation French Validation Node (Lex Persona) Node (Lex Persona) Sunnystamp Lex Persona Free access LP7VerifyBox Lex Persona SPL Xdemat & CG69 300 French local authorities

Mapping with the French RGS regulation RGS = Reference security Framework: three levels of certificate, signature, etc. more specific and detailled requirements Mapping table between RGS requirements and PEPPOL parameters PEPPOL parameters RGS * RGS ** RGS *** Qualified Certificate 2 (LCP) 4 (NCP+) 6 (QCP+) Independent Assurance 7 7 7 Hash function 1 (SHA-1) 2 (SHA-256) 1 (SHA-1) 2 (SHA-256) 1 (SHA-1) 2 (SHA-256) Key length 2 2 2 ADETEF Esteral Consulting 15 PEPPOL is an EU co-funded project CIP-ICT PSP-2007 No 224974

Commercial Scheme for esignature certificates 1 Accreditation authority per country (LSTI in France) are evaluated through ISO standards (ex by COFRAC) and they deliver accreditations to all e-signature actors. ~ 35 Certification operators (CO) are accredited by the accreditation authority and can set certification authorities such as Keynectis, Certinonis, Imprimerie nationale, Dimyotis, Chamber of notaries ) ~ 150 Certicifation authorities (CA) (ex Open Trust,) they are accredited by the accreditation authority and they issue esignature certificates for end-users. ~500 Registration authorities (RA) they are accredited by the accreditation authority and they register end-users to distribute certificates. (ex ANTS, HSBC, Cities, Post offices, Carrefour, local chambers of notaries, cities, ) ~ 5 000 Resellers They act as commercial intermediaries between the end users and the other actors. (supermarkets, bank agencies ) ~ 1 000 000 End-users

www.peppol.eu The Greek Platform Scope: esignature validation infrastructure pilot used to validate digital signatures signed VCD packages) Achievements: Needed infrastructure provided by UPRC (Greek XKMS Responder, deployed in a PEPPOL server) 2 hand-held transactions validated offline Overall assessment: Setup of necessary infrastructure National validation service will be maintained by UPRC

www.peppol.eu The Italian Platforms Chamber of Commerces PEPPOL PEPPOL XKMS XKMS Validation Validation Cloud Cloud Italian Validation Italian Validation Node (Infocemere) Node (Infocemere) Local Chamber of Commerces e-procurement platform Trusted lists other access points Infocamere (Italian chamber of commerce) is implementing a PEPPOL interface to validate crossborder esignatures based on InfoCert platform Ministry of Finance Other parties

www.peppol.eu The Polish Platform Experience of other countries to be developed by DIFI? PEPPOL is an EU co-funded project CIP-ICT PSP-2007 No 224974

www.peppol.eu The European Platform Bremen Online Services Seems to be still running the European platform Some points have to be cleared: who runs which component? who updates the ontologies? who gets the link with the other projects (ex DSS) whether Open Peppol is interested in extending the platform to non EU countries PEPPOL is an EU co-funded project CIP-ICT PSP-2007 No 224974

Open-Peppol esignature actors Page 21 ADETEF Esteral Consulting

www.peppol.eu Questions Some points have to be cleared: who runs which component? Do we have to take care of the validation parameters? which link with the other projects (ex DSS, e-sign Africa )? Is Open Peppol is interested in extending the platform to non European countries? who is interested in joining the e-signature comunity? PEPPOL is an EU co-funded project CIP-ICT PSP-2007 No 224974

www.peppol.eu New steps A workshop is planed in Paris around November 2013 together with DG Connect to collect ideas for the e-id and esignature crossborder recognition either at the European level (esens) or at the Euro-Mederranean one. Based on the PEPPOL experience, draft projects are on preparation for a European-African ; a Euro-Mediterranean and why not a world wide esignature recognition platform. All contributions are welcome. Contact : => alain.ducass@adetef.finance.gouv.fr => info@peppol.eu www.peppol.eu PEPPOL is an EU co-funded project CIP-ICT PSP-2007 No 224974

www.peppol.eu e-id The Norwegian Cie Signicat, presented in Nice 9 different e-id in the Scandic countries, offering crossborder interoperability The Stork 2.0. projects runs pilots for interoperability Some points have to be cleared: Which link between e-id and Open PEPPOL? Which link with Stork 2.0? PEPPOL is an EU co-funded project CIP-ICT PSP-2007 No 224974

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information