Transcript PEPPOL WP1 presentation

PEPPOL eID and eSignature
Validation Pilots
PEPPOL Conference
Malmö, 10th Feb. 2010
Jon Ølnes, Difi (Agency for Public Management
and eGovernment), Norway
... and the rest of the PEPPOL WP1 crew
7. Juli 2015
1
Signature Interoperability
Goals
The Need
7. Juli 2015
2
Interoperability – ultimate goals
• Goal of eID holder: Sign towards any relying
party using a single eID (or the eID of own
choice)
• Goal of relying party: Accept all signatures with
assessed risk regardless of eID issuer
• Additional goal: Allow any other party to verify
signatures (e.g. an auditor)
7. Juli 2015
3
Signatures and protocols
• Why sign?
– Legal/regulatory requirements – mandatory to sign
– Risk management decision – security, traceability
– Signature protects against your legitimate counterpart
• Business protocol level
– Signature in WP1 is a business protocol element
– End-to-end between the communicating partners
– The transport infrastructure is agnostic to signatures
• Signing binds to content and format
– Format conversion kills signatures
– Workaround: Send both original, signed format + format
after conversion (not recommended)
7. Juli 2015
4
eID/eSignature Interoperability
1. “Front-end” interoperability
Out
scope
of PEPPOL
– actors
sign
inside to
their
– Use
myofcard
everywhere.
Online
service
provider
accept “any” card
Leave this to STORK.
or own
otherinfrastructure.
suitable ID token
2. “Back-end” interoperability
– Receiver (relying party) shall be able to validate and accept signatures
and eIDs from all relevant counterparts, no matter the eID issuer of
the counterpart. Not “on-line”, rather asynchronous, message passing
protocols.
3. Other parties: Verification of signed documents may (later)
be required by parties not involved in the signing process
– Not explicitly in scope of PEPPOL but ensure sufficient information is
available
7. Juli 2015
5
Interoperability business case
• Real world interoperability happens if there is a
business case
• A technical solution in a pilot is not enough
• Deploy solutions targeting the business case
• Public procurement is a good business case
• PEPPOL as a pilot fuels the business case
• Make the solution applicable across other areas
• “Long tail” market etc.
The real world challenge:
ALL TRUSTED ROLES MUST HAVE A SOUND
BUSINESS MODEL
Government funding is one possible model
Commercial viability is the only alternative
The Qualified Term
•
Common legal framework across Europe
–
–
Qualified signature shall have a guaranteed legal value
Qualified eID has a particular status as supervised/accredited even
when not used for qualified signatures
European-wide interoperability intended – at least for qualified
signatures but preferably also for qualified eIDs
Quality: ETSI TS 101 456 QCP/QCP+ not mandatory but in practice
always used
–
–
•
Qualified certificate only for signatures (?)
–
Some (but not all) countries: Only to be used for signing, certificates
for other purposes cannot be marked as qualified
What about certificates for authentication and encryption?
–
•
Only European
–
7. Juli 2015
Some uptake in Asia but not globally
7
Non-Qualified
•
No common legal framework, not even in Europe
–
–
–
•
•
•
•
•
•
Refer to certificate policy and thus national law of the eID issuer
Or establish an agreement-based system – contract law
(CROBIES suggests to expand scope of eSignature Directive)
Certificates from outside of Europe
Certificates for other purposes than signing
Certificates issued to legal (not physical) persons
Non-qualified, lower quality eIDs in or outside Europe
Corporate PKIs and the like
.....
7. Juli 2015
8
Signatures and eIDs:
Validation vs acceptance
• Signature and eID validation (cryptography, technical)
– Complex cross-border in Europe (scaling) but achievable
• Signature and eID acceptance
• Acceptance criteria: Legal/regulatory requirements and/or
risk assessment
–
–
–
–
–
eID quality sufficient?
Approval status (national/international) of eID?
Cryptographic quality sufficient?
Possibly other elements (quality of the CA itself and its owners?)
Not possible to assess using only “traditional PKI” elements
 Signature policies to define acceptance criteria – quality being
the main issue
 “Rich validation interfaces” to assess policy fulfilment
7. Juli 2015
9
PEPPOL
Pan-European Public
Procurement On-Line
http://www.peppol.eu
The Project
7. Juli 2015
10
Scope of Work, Work Packages
Payment
eInvoicing (WP 5)
eOrdering (WP 4)
Post Award
Procurement
eCatalogues (WP 3)
Virtual Company
Dossier (WP 2)
Pre Award
Tendering
eSignature (WP 1)
Open Infrastructure (WP 8)
7. Juli 2015
Project Management (WP 6)
Awareness, Training, Consensus Building (WP7)
11
High level project plan
• May 2008 – April 2009: Requirements and design
• May 2009 – April 2010 (or a bit later): Implementation
• May 2010 – November 2011: Pilots running
• Must take a rather pragmatic approach to make things
work in this time frame
• EU Commission points at PEPPOL as a promising approach
for e-signature interoperability across Europe
7. Juli 2015
12
PEPPOL eSignature
Interoperability
Public Procurement as a Case Study
7. Juli 2015
13
The Public Procurement Directives
Note: Cover tendering only
Qualified signatures
not available in all
member states and
use limited in many
member states.
And qualified is a
European term.
And not all eIDs will
be qualified even in
Europe
“Directives oblige any public purchaser in the EU to effectively recognize,
receive and process tenders submitted, if required, with a qualified signature
and their accompanying certificates, regardless of their origin within the
EU or their technical characteristics”
“The existing significant differences between qualified signatures ….
should therefore be reason for great concern. The interoperability problems
detected despite the existence of standards …. pose a real and possibly
persistent obstacle to cross-border e-procurement.”
7. Juli 2015
14
Other Procurement Processes
• Public Procurement Directives cover tendering only
• Service Directive requires e-signatures
• E-invoicing – e-signature primary mechanism
• Can be avoided (“EDI Clause” of VAT Directive) if other mechanisms
are guaranteed to provide authenticity and integrity end to end
• Can e-signatures be avoided in the PEPPOL case?
• Note: European e-invoicing landscape is changing
• Order process, catalogue etc. not covered by EU defined legal
requirements for e-signature
• May be national, legal requirements
7. Juli 2015
15
Paper-Based E-signature Paradigm
• Qualified eID must be issued to a natural person
– Only a person can produce a qualified signature
• But e-invoices are usually not signed in a user interface
– Personal signature is a problem
• An e-signature binds to the name in the eID
– Why does that name have to be a person name?
– E.g. corporate signatures on e-invoices (person is not relevant)
– What about automated orders/invoices between systems with no
person involved?
• But we are largely stuck with personal signatures in Europe
– Possible compromise: Inner, personal signature, outer corporate
signature (e.g. invoice issuer)
7. Juli 2015
16
PEPPOL Deliverable D1.1
•
Functional specifications for cross-border use of
eSignatures in public procurement – 7 parts:
1. Background and Scope
2. E-tendering Pilot Specifications
3. Signature Policies
4. Architecture and Trust Models
5. XKMS v2 Interface Specification
6. OASIS DSS Interface Specification
7. eID and e-Signature Quality Classification
http://www.peppol.eu/deliverables/wp-1
7. Juli 2015
17
Signature Policies (1)
Commitment Rules and Protocols
•
Commitment rules – binding of person names to enterprises, roles and
authorizations
•
•
•
•
•
•
•
Alternative 1: Accept signed documents (optimistic approach)
Alternative 2: Registration procedure to establish bindings
Alternative 3: Virtual Company Dossier (VCD) and attestations
Alternative 4: Corporate eID (not acceptable in many countries)
Alternative 5: Employee eID (not widely deployed)
Alternative 6: Inner personal + outer corporate signatures (requires
solutions for issuing of corporate eIDs)
Business protocols
•
•
•
7. Juli 2015
Which documents shall/should/can be signed in an eCommerce protocol?
Implications of these signatures – might be from authentication and
integrity protection to a legally binding offer or contract
Adding signatures to business protocol specifications
18
Signature Policies (2)
Signature Validation Policy
•
Signature validation policy elements (ETSI TR 102 038)
•
•
•
•
•
•
•
•
Rules to be followed by signer
Rules to be followed by verifier
Rules for use of certification authorities (CA)
Rules regarding time stamps and TSAs (Time Stamp Authority)
Rules on use of AAs (Attribute Authority)
Rules on use of algorithms
Quality and procedural requirements for these elements
Receiver (relying party) sets policy requirements
•
•
May be determined by legislation/regulations
Transparent, non-discriminatory rules needed
•
7. Juli 2015
E.g. not just a list of accepted CAs – today’s usual situation
19
Pragmatic approach
•
Signature policy according to ETSI
•
•
•
•
Shall have a unique OID (Object Identifier)
Always in human readable form
Parts may be machine processable
According to PEPPOL (pragmatic due to pilot scope)
•
•
•
Define the relevant parts, not necessarily complete
Never mind the OID
Quality parts must be made machine processable
•
•
7. Juli 2015
PEPPOL is largely about automated system-system interactions
Procedural rules must be transparent and may be processable
20
Procedural Rules, PEPPOL
•
•
•
•
•
Signature formats (SDO – Signed Data Object)
• Few requirements on sender, receiver must cope
• Longer term: XAdES/CAdES/PAdES (lack software support at present)
• Include certificates, possibly path, in SDO
Requirements for signature verification process
• Define certificate validation process (path validation etc.)
• Revocation checking at receiver, no OCSP required from sender
Requirements for quality and approval status of eIDs and eSignatures
Do not use a TSA on sending side! Receiver may use Time Stamp Auth.
• Sending side TSA means a huge interoperability problem on mutual
recognition of TSAs across Europe – role not defined in all MSs
Logging, archival, records creation
• Local matter to receiver – information must be available
Sending side must comply with these
7. Juli 2015
21
Rich Service Interfaces
•
Certificate validation: Profile of XKISS part of XKMS v2
•
•
•
•
•
Based on German profile
Returns assertion on certificate(s)
Quality assertions
Procedural rules (path validation, revocation checking)
Entire, signed document: Profile of OASIS DSS validation
•
•
Based on earlier work in Norway
Whole signed document or pairs of signatures and hash values
•
•
7. Juli 2015
Not necessary to send document content
Returns overall assertion on document and individual assertions on
each signature and certificate
22
Interoperability levels
•
Legal interoperability - ensure legal acceptance across borders
– Qualified eID/signature, agreements based, policy based
– Qualified is not non-discriminatory today since not available in all MSs
•
Organisational interoperability
–
–
–
–
•
Use of signatures in (business) processes
Binding to (organisational) roles and authorisations
Signature acceptance (quality etc.) criteria
Business process standards/specifications, (business) registers or attribute
certificates, standard/transparent risk management criteria and quality
assessments
Semantic interoperability
– Making use of names and identifiers
– Alignment/standardisation, normalisation, translation, identity management
•
Technical interoperability
– Signature processing requirements
– Formats, communication protocols, interfaces, algorithms
– Standardisation
Federated Validation Services
Trust status
list service
…
Qualified CAs
Other CAs
OCSP (or CRL)
XKMS
Signer’s CA
Validation
Service
…
Validation
Service
XKMS or
OASIS DSS
Response signed
by ”local” VS
Signer
Country 1
Receiver
Country 2
7. Juli 2015
24
Validation Service vs Authority
•
Service: Process eIDs (and signatures), issue assertion,
responsible only for its own actions
•
•
•
•
Assertions are validation responses
Refer to CAs (their policies and national laws) for liability
Sufficient for qualified level (?)
Authority: Independent liability for validation assertion
•
•
•
•
Assertions are authority statements
One trust anchor for the relying party
Uniform liability for all eIDs of same quality
From national law (of the CAs) to contract law
•
•
7. Juli 2015
Very important for scaling – globally and not only Europe
May be very important for non-qualified eIDs/eSignatures
25
Validation Service vs Local
• VS used to handle all eID issuers that are not handled locally
• Tune this as desired from 100 % locally to 100 % by VS
• Pure add-on to existing solutions
• Add a VS interface to handle all not handled locally
• VS may issues “external” validation assertion
• An advantage in some cases even for “local” eID issuers
7. Juli 2015
26
Piloting eSignatures
7. Juli 2015
27
Pilots scheduling
• 1st May 2010 – ready for test pilots
– XKMS responders from bos (Bremen Online Services)
– “National” responders for some countries
– Request chaining
• Autumn 2010 – until production pilots 1st November
– Expanding the above to more countries and CAs
– Planned addition of commercial validation service and the
OASIS DSS interface
• Until end October 2011
– Testing, refinement, further development
7. Juli 2015
28
Current Test Pilot
TeleSec
TC-Trust
Bundesnotarkammer
Commfides
Buypass
InfoCert
Certigna
BANQUE POPULAIRE
Actalis
LISIT
XKMS Responder
• The XKMS responder was delivered to partners end of
January by Bremen Online Services
• This is version 0.9 (test pilot version)
– Software components/libraries (workshop on January 27th)
– VMWare Image (DVD)
• Configuration according to documentation was done by bos
• Example: the German responder:
http://212.48.116.113:8080/PeppolWebAdmin/WebAdmin
• Version 1.0 will be delivered by May 1st 2010 for production
pilot
Validation Software
• First version of validation software client is available
from Bremen Online Services
• PEPPOL Signer 2.2.0.0
– Certificate validation via XKMS responders
– HTML inspection sheet
– Handling of signatures: PKCS#7 detached and enveloped
and PDF inline
– German qualified signatures
• Next version with XAdES support by end of march
Need real pilot cases
• Co-operate with PEPPOL WP3-5 on signed
orders, order confirmations, invoices,
catalogues
• Ongoing co-operation with PEPPOL WP2 on
signatures for VCD (Virtual Company Dossier)
• Need to test signed tenders due to the EU
Directives on public procurement
7. Juli 2015
32
Quality Classification of
eIDs and eSignatures
Basis for signature policies
7. Juli 2015
33
What can be Objectively
Verified at Receiving Side?
•
Signer’s environment
–
–
•
Quality of certificate
–
•
•
Described by certificate policy (possibly also CPS etc.)
Assurance – is CA operation compliant with its policy?
National (international?) approval status
–
•
E.g. is the CA listed as supervised issuer of qualified certificates?
Cryptographic quality
–
–
•
Only to the extent described by the certificate policy
E.g. use of SSCD or not
Hash algorithm
Public key algorithm and key size
Receiver should not be forced to read certificate policies or
examine trust status lists
7. Juli 2015
34
Certificate Policy:
Claimed Quality of Certificate
6: QCP+ – qualified signature level
5: QCP – qualified certificate but not qualified signature
(4+: NCP++ – NCP with certified SSCD)
4: NCP+ – highest available for authentication and legal persons
3: NCP
2: LCP
1: Low but policy exists or other assessment possible
0: Very low or not assessable (e.g. no policy exists)
•
All policy indications are “or similar” to accommodate nonEuropean certificates (e.g. map FBCA levels)
7.•Juli 2015Could add more levels if desired .....
35
Certificate Quality Classification
Documentation
Does a Certificate
Policy exist?
No
Can quality be
assessed by other
means?
Yes
No
0,y
Yes
1,y
Evaluation
Evaluation of
CP/CPS
Is the CP
compliant with
standard for QCP
or similar?
No
Is the CP
compliant with
standard for NCP
or similar?
Yes
No
Is the CP
compliant with
standard for LCP
or similar?
Yes
No
Yes
2,y
Is the use of certified
SSCD mandated?
eID quality levels: 0-6
No
3,y
Yes
4,y
Is the use of certified
SSCD mandated?
Yes
7. Juli 2015
6,y
No
5,y
Note:
y=INTEGER(0,7)
defining the level of
independent assurance in
determining the certificate
quality levels
36
Certificate Assurance Level
and Legal Status
7: Accredited – external compliance audit
6: Supervised – external compliance audit
5: External compliance audit and certification
4: External compliance audit
3: Supervision without compliance audit
2: Internal compliance audit at CA
1: Independent document review
0: Self-assessment only
•
•
6-7 is the European regime for qualified certificates
Reuse assessments done in conjunction with FBCA, SAFE
7. Juli 2015Bridge-CA and others
37
Quality Classification – Assurance
Documentation
Accreditation
w/ external compliance
audit?
No
Yes
x,7
Supervision
w/ external compliance
audit?
No
Yes
x,6
External
compliance audit and
certification?
No
Approval status levels: 0-7
Yes
x,5
External
compliance audit?
No
Yes
x,4
Supervision
(without external
compliance audit)?
No
Yes
Internal
compliance audit?
No
7. Juli 2015
Note:
x=INTEGER(0,6)
defining the quality level of certificates as claimed
by the CA through the Certificate Policy.
x,3
Yes
x,2
Independent
document review?
Yes
No
x,0
38
x,1
Quality Classification – Crypto
•
Cryptographic Quality
•
•
•
•
Hash quality for signatures (note: controlled by signing software)
Public key algorithm and key length quality
Based on recommendations from ETSI, NIST and other sources
Quality 0: Inadequate – should not be trusted
•
•
Quality 1: Reasonably secure for 3 years
•
•
E.g. SHA-1 hash, RSA-1024
Quality 2: Regarded as trustworthy for 5-10 years
•
•
E.g. MD5 hash
E.g. SHA-224, RSA-2048
Quality 3-5: Increasing levels of security
7. Juli 2015
39
Signature Quality
•
eID quality (0-6)
•
•
•
6: Qualified signature policy level
5: Qualified certificate policy level
eID assurance level (0-7)
•
•
6-7: Supervised/accredited eID issuer
Hash algorithm quality (0-5)
•
•
•
•
Controlled by signing software, not by eID issuer
1: SHA-1 hash (up to 3 years perspective)
2: SHA-224 (5-10 years perspective)
Public key algorithm and key length quality (0-5)
•
•
7. Juli 2015
1: RSA-1024
2: RSA-2048
40
Conclusions
•
Public procurement is really B2B scenario
•
•
With public agency in “B” role
Signatures required – validation and acceptance needed
•
•
Cryptographic validity
Signature policy adherence
•
•
•
•
•
•
•
•
Names -> organization, roles, authorizations
What must be signed?
Signature formats and verification rules
Quality and assurance (approval status) requirements
Trust models for validation “proofs”
Standards based interfaces – should be standardised
Quality classification scheme – should be standardised
Can we solve this scenario, we are near a general solution!
7. Juli 2015
41
Contact
Further information can be obtained from the regional
contact points below and at http://www.peppol.eu
Denmark, Estonia,
Finland, Ireland, Iceland, Ireland
Lithuania, Latvia, Norway, Sweden,
UK/Scotland
please contact:
Mr. André HODDEVIK
(Project Director)
Email: [email protected]
Austria, Czech Republic, France,
Hungary, Poland, Slovakia, Slovenia,
Switzerland and Western Balkan
please contact:
Mr. Peter SONNTAGBAUER
(Public Relation Director)
Email: [email protected]
Bulgaria, Cyprus, Italy, Greece, Malta,
Portugal, Spain, Romania
please contact:
Mr. Giancarlo DE STEFANO
Email: [email protected]
Belgium, Germany,
Luxembourg, Netherlands
please contact:
Ms. Maria A. WIMMER
Email: [email protected]
7. Juli 2015
42
Contact for presenter
Jon Ølnes
Senior Advisor
National Programme for eID Infrastructure in Public Sector
Difi – Agency for Public Management and eGovernment
P.O.Box 8115 Dep, N-0032 Oslo, Norway
http://www.difi.no
[email protected]
+47 478 46 094
7. Juli 2015
43