OASIS Digital Signature Services eXtended (DSS-X) TC

 View Only
  • 1.  Fwd: ENISA Trust Services Forum - New Opportunities for trust services

    Posted 10-16-2018 11:14
      |   view attached
    Hi colleagues, next week I'll take part in a panel discussion on the topic of remote signing. See attached my slides regarding DSS-X's activities and the FutureTrust implementation. The organization likes to know about our statements / questions related to emote signing solutions (see topic 3. in the mail below). These topics came to my mind: - Standardization is important for these use cases to ensure interoperability. - Trust between different components is crucial. The EU Trust List may be helpful. - Adoption by the government portals is critical for the success for public acceptance. - Funding of audited open source components could lower the threshold. Do you have other interesting statements / questions? Comments appreciated by noon, tomorrow, 17.10. ! Thanks you in advance, Andreas -------- Weitergeleitete Nachricht -------- Betreff: ENISA Trust Services Forum - New Opportunities for trust services Datum: Fri, 12 Oct 2018 07:23:12 +0000 Von: Evgenia Nikolouzou <Evgenia.Nikolouzou@enisa.europa.eu> An: Nguyen Dr., Kim <Kim.Nguyen@bdr.de> , Andrea Rock <andrea.rock@universign.com> , Andreas Kuehne <kuehne@trustable.de> , Ronald De Temmerman <ronald.detemmerman@globalsign.com> Kopie (CC): Slawomir Gorniak <Slawomir.Gorniak@enisa.europa.eu> Dear all, On behalf of ENISA I would like to thank you for accepting to join us at 4th Trust Services Forum, on October 23rd, and participate at Panel Discussion : New Opportunities for trust services - remote signing that will take place from 15:30 until 16:30. On behalf of the organizers I will be moderating the panel and the invited panellists are: Mr. Kim Nguyen (D-Trust), Mr. Andreas Kuehne (OASIS, trustable), Mrs. Andrea Rock (Universign, ETSI STF 539), and Mr. Ronald De Temmerman (GlobalSign). Concerning the organization of this 60-minute panel discussion, I would propose the following time plan: 1. Introduction of the panel topic and introduction of the panellists to the audience by the moderator (~ 2 minutes). 2. A short opening statement by each of you of no more than 6 minutes to explain your point of views/situation concerning the adoption of QWACS. For this time slot, you can even present some slides in order to make it more attractive for the audience. 3. Based on your expertise, I'll be very grateful if you could send to me a couple of issues/questions to be addressed during the panel. Please find below an indicative list of areas: a. What are the new market opportunities for remote signing solutions and products? What the main obstacles against their growth? b. Audit problems and audit requirements. Is there a need for a harmonised checklist from CABs during the assessment about the QSCD management environment? c. Are there any authentication / authorization issues concerning the user enrolment on the remote signatures service? d. Policy / Security Requirements for TSPs providing Remote Signature Creation 4. In the remaining time (15 minutes the max), the audience will be invited to provide any further questions. All panel members will be asked to address them and at the same time to take advantage to summarize any key points. The agenda of the event is available under https://www.enisa.europa.eu/events/tsforum-caday-2018/tsf-cad-2018-agenda . I would appreciate if you could send me the question(s) as well as the slides (in case you have) by Wednesday (17.10.2018) midday. I would like to thank you, once more, for your participation and looking forward to an interesting discussion. Should you have any questions, please do not hesitate to contact me. Best Regards Evgenia Dr Evgenia Nikolouzou Data Security & Standardization Unit ENISA - European Union Agency for Network and Information Security 1 Vas. Sofias & Meg. Alexandrou, 15124 Marousi, Attica, Greece Tel: +306985051405, +302814409582 Visit our new website www.enisa.europa.eu Attachment: enisa-OASIS-DSSX-remote-signing.pptx Description: Binary data

    Attachment(s)



  • 2.  Re: [dss-x] Fwd: ENISA Trust Services Forum - New Opportunities for trust services

    Posted 10-16-2018 14:19
    Maybe also - adoption of eIDAS; remote signing assumes identification; reuse of identification means See also some comments below ... On 16 Oct 2018, at 13:13, Andreas Kuehne < kuehne@trustable.de > wrote: Hi colleagues, next week I'll take part in a panel discussion on the topic of remote signing. See attached my slides regarding DSS-X's activities and the FutureTrust implementation. The organization likes to know about our statements / questions related to emote signing solutions (see topic 3. in the mail below). These topics came to my mind: - Standardization is important for these use cases to ensure interoperability. - Trust between different components is crucial. The EU Trust List may be helpful. The TLS is about certificates? The remote signing service as a trusted service is very important; the TLS is not enough. - Adoption by the government portals is critical for the success for public acceptance Because also of the use of the eID due to eIDAS . - Funding of audited open source components could lower the threshold. ...for the ease of implementation. But the  certification as a trusted service remains  Do you have other interesting statements / questions? Comments appreciated by noon, tomorrow, 17.10. ! Thanks you in advance, Andreas -------- Weitergeleitete Nachricht -------- Betreff: ENISA Trust Services Forum - New Opportunities for trust services Datum: Fri, 12 Oct 2018 07:23:12 +0000 Von: Evgenia Nikolouzou <Evgenia.Nikolouzou@enisa.europa.eu> An: Nguyen Dr., Kim <Kim.Nguyen@bdr.de> , Andrea Rock <andrea.rock@universign.com> , Andreas Kuehne <kuehne@trustable.de> , Ronald De Temmerman <ronald.detemmerman@globalsign.com> Kopie (CC): Slawomir Gorniak <Slawomir.Gorniak@enisa.europa.eu> Dear all, On behalf of ENISA I would like to thank you for accepting to join us at 4th Trust Services Forum, on October 23rd, and participate at Panel Discussion : New Opportunities for trust services - remote signing that will take place from 15:30 until 16:30. On behalf of the organizers I will be moderating the panel and the invited panellists are: Mr. Kim Nguyen (D-Trust), Mr. Andreas Kuehne (OASIS, trustable), Mrs. Andrea Rock (Universign, ETSI STF 539), and Mr. Ronald De Temmerman (GlobalSign). Concerning the organization of this 60-minute panel discussion, I would propose the following time plan: 1. Introduction of the panel topic and introduction of the panellists to the audience by the moderator (~ 2 minutes). 2. A short opening statement by each of you of no more than 6 minutes to explain your point of views/situation concerning the adoption of QWACS. For this time slot, you can even present some slides in order to make it more attractive for the audience. 3. Based on your expertise, I'll be very grateful if you could send to me a couple of issues/questions to be addressed during the panel. Please find below an indicative list of areas: a. What are the new market opportunities for remote signing solutions and products? What the main obstacles against their growth? b. Audit problems and audit requirements. Is there a need for a harmonised checklist from CABs during the assessment about the QSCD management environment? c. Are there any authentication / authorization issues concerning the user enrolment on the remote signatures service? d. Policy / Security Requirements for TSPs providing Remote Signature Creation 4. In the remaining time (15 minutes the max), the audience will be invited to provide any further questions. All panel members will be asked to address them and at the same time to take advantage to summarize any key points. The agenda of the event is available under https://www.enisa.europa.eu/events/tsforum-caday-2018/tsf-cad-2018-agenda . I would appreciate if you could send me the question(s) as well as the slides (in case you have) by Wednesday (17.10.2018) midday. I would like to thank you, once more, for your participation and looking forward to an interesting discussion. Should you have any questions, please do not hesitate to contact me. Best Regards Evgenia Dr Evgenia Nikolouzou Data Security & Standardization Unit ENISA - European Union Agency for Network and Information Security 1 Vas. Sofias & Meg. Alexandrou, 15124 Marousi, Attica, Greece Tel: +306985051405, +302814409582 Visit our new website www.enisa.europa.eu <enisa-OASIS-DSSX-remote-signing.pptx> --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


  • 3.  AW: [dss-x] Fwd: ENISA Trust Services Forum - New Opportunities for trust services

    Posted 10-16-2018 14:37
      |   view attached
    Hi,   >Maybe also >   >- adoption of eIDAS; remote signing assumes identification; reuse of identification means   Yes, very interesting topic. This (see Art. 24 (1) of eIDAS, https://www.eid.as/home/#article24 ) should one day be part of (or at least fit to) the LocalRemote-Profile. Added a bullet point in slide #4 and added figures in slides #6-#8.   BR, Detlef     See also some comments below ...   On 16 Oct 2018, at 13:13, Andreas Kuehne < kuehne@trustable.de > wrote: Hi colleagues, next week I'll take part in a panel discussion on the topic of remote signing. See attached my slides regarding DSS-X's activities and the FutureTrust implementation. The organization likes to know about our statements / questions related to emote signing solutions (see topic 3. in the mail below). These topics came to my mind: - Standardization is important for these use cases to ensure interoperability. - Trust between different components is crucial. The EU Trust List may be helpful. The TLS is about certificates? The remote signing service as a trusted service is very important; the TLS is not enough. - Adoption by the government portals is critical for the success for public acceptance Because also of the use of the eID due to eIDAS   . - Funding of audited open source components could lower the threshold.   ...for the ease of implementation. But the  certification as a trusted service remains  Do you have other interesting statements / questions? Comments appreciated by noon, tomorrow, 17.10. ! Thanks you in advance, Andreas -------- Weitergeleitete Nachricht -------- Betreff: ENISA Trust Services Forum - New Opportunities for trust services Datum: Fri, 12 Oct 2018 07:23:12 +0000 Von: Evgenia Nikolouzou <Evgenia.Nikolouzou@enisa.europa.eu> An: Nguyen Dr., Kim <Kim.Nguyen@bdr.de> , Andrea Rock <andrea.rock@universign.com> , Andreas Kuehne <kuehne@trustable.de> , Ronald De Temmerman <ronald.detemmerman@globalsign.com> Kopie (CC): Slawomir Gorniak <Slawomir.Gorniak@enisa.europa.eu>   Dear all,   On behalf of ENISA I would like to thank you for accepting to join us at 4th Trust Services Forum, on October 23rd, and participate at Panel Discussion : " New Opportunities for trust services - remote signing" that will take place from 15:30 until 16:30.   On behalf of the organizers I will be moderating the panel and the invited panellists are: Mr. Kim Nguyen (D-Trust), Mr. Andreas Kuehne (OASIS, trustable), Mrs. Andrea Rock (Universign, ETSI STF 539), and Mr. Ronald De Temmerman (GlobalSign).   Concerning the organization of this 60-minute panel discussion, I would propose the following time plan: 1. Introduction of the panel topic and introduction of the panellists to the audience by the moderator (~ 2 minutes). 2. A short opening statement by each of you of no more than 6 minutes to explain your point of views/situation concerning the adoption of QWACS. For this time slot, you can even present some slides in order to make it more attractive for the audience. 3. Based on your expertise, I'll be very grateful if you could send to me a couple of issues/questions to be addressed during the panel. Please find below an indicative list of areas:   a. What are the new market opportunities for remote signing solutions and products? What the main obstacles against their growth? b. Audit problems and audit requirements. Is there a need for a harmonised checklist from CABs during the assessment about the QSCD management environment? c. Are there any authentication / authorization issues concerning the user enrolment on the remote signatures service? d. Policy / Security Requirements for TSPs providing Remote Signature Creation   4. In the remaining time (15 minutes the max), the audience will be invited to provide any further questions. All panel members will be asked to address them and at the same time to take advantage to summarize any key points. The agenda of the event is available under https://www.enisa.europa.eu/events/tsforum-caday-2018/tsf-cad-2018-agenda .   I would appreciate if you could send me the question(s) as well as the slides (in case you have) by Wednesday (17.10.2018) midday.   I would like to thank you, once more, for your participation and looking forward to an interesting discussion.   Should you have any questions, please do not hesitate to contact me.     Best Regards Evgenia       Dr Evgenia Nikolouzou Data Security & Standardization Unit ENISA - European Union Agency for Network and Information Security 1 Vas. Sofias & Meg. Alexandrou, 15124 Marousi, Attica, Greece Tel: +306985051405, +302814409582 Visit our new website www.enisa.europa.eu             <enisa-OASIS-DSSX-remote-signing.pptx> --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php Attachment: enisa-OASIS-DSSX-remote-signing-dh.pptx Description: application/vnd.openxmlformats-officedocument.presentationml.presentation

    Attachment(s)



  • 4.  Re: [dss-x] Fwd: ENISA Trust Services Forum - New Opportunities for trust services

    Posted 10-16-2018 16:17
    Hi Detlef, >> - adoption of eIDAS; remote signing assumes identification; reuse of identification means > > > Yes, very interesting topic. This (see Art. 24 (1) of eIDAS, https://www.eid.as/home/#article24 ) > > should one day be part of (or at least fit to) the LocalRemote-Profile. Added a bullet point in slide #4 yes, important point! I'll mention this explicitly. > added figures in slides #6-#8. I do like these figures but I'm not quite sure that I'll be able to transport their message within 5 minutes! Greetings, Andreas > > > > > See also some comments below ... > > > > On 16 Oct 2018, at 13:13, Andreas Kuehne <kuehne@trustable.de < mailto:kuehne@trustable.de > > wrote: > > Hi colleagues, > > next week I'll take part in a panel discussion on the topic of remote signing. See attached my slides regarding DSS-X's activities and the FutureTrust implementation. > > The organization likes to know about our statements / questions related to emote signing solutions (see topic 3. in the mail below). > > These topics came to my mind: > > - Standardization is important for these use cases to ensure interoperability. > > - Trust between different components is crucial. The EU Trust List may be helpful. > > The TLS is about certificates? The remote signing service as a trusted service is very important; the TLS is not enough. > > > > > > - Adoption by the government portals is critical for the success for public acceptance > > Because also of the use of the eID due to eIDAS > > > > > > > > . > > - Funding of audited open source components could lower the threshold. > > > > ...for the ease of implementation. But the certification as a trusted service remains > > > > > Do you have other interesting statements / questions? Comments appreciated by noon, tomorrow, 17.10. ! > > > Thanks you in advance, > > Andreas > > > -------- Weitergeleitete Nachricht -------- > > > Betreff: > > ENISA Trust Services Forum - New Opportunities for trust services > > > Datum: > > Fri, 12 Oct 2018 07:23:12 +0000 > > > Von: > > Evgenia Nikolouzou < mailto:Evgenia.Nikolouzou@enisa.europa.eu > <Evgenia.Nikolouzou@enisa.europa.eu> > > > An: > > Nguyen Dr., Kim < mailto:Kim.Nguyen@bdr.de > <Kim.Nguyen@bdr.de>, Andrea Rock < mailto:andrea.rock@universign.com > <andrea.rock@universign.com>, Andreas Kuehne < mailto:kuehne@trustable.de > <kuehne@trustable.de>, Ronald De Temmerman < mailto:ronald.detemmerman@globalsign.com > <ronald.detemmerman@globalsign.com> > > > Kopie (CC): > > Slawomir Gorniak < mailto:Slawomir.Gorniak@enisa.europa.eu > <Slawomir.Gorniak@enisa.europa.eu> > > > > Dear all, > > On behalf of ENISA I would like to thank you for accepting to join us at 4th Trust Services Forum, on October 23rd, and participate at Panel Discussion : " New Opportunities for trust services - remote signing" that will take place from 15:30 until 16:30. > > On behalf of the organizers I will be moderating the panel and the invited panellists are: Mr. Kim Nguyen (D-Trust), Mr. Andreas Kuehne (OASIS, trustable), Mrs. Andrea Rock (Universign, ETSI STF 539), and Mr. Ronald De Temmerman (GlobalSign). > > Concerning the organization of this 60-minute panel discussion, I would propose the following time plan: > 1. Introduction of the panel topic and introduction of the panellists to the audience by the moderator (~ 2 minutes). > 2. A short opening statement by each of you of no more than 6 minutes to explain your point of views/situation concerning the adoption of QWACS. For this time slot, you can even present some slides in order to make it more attractive for the audience. > 3. Based on your expertise, I'll be very grateful if you could send to me a couple of issues/questions to be addressed during the panel. Please find below an indicative list of areas: > > a. What are the new market opportunities for remote signing solutions and products? What the main obstacles against their growth? > b. Audit problems and audit requirements. Is there a need for a harmonised checklist from CABs during the assessment about the QSCD management environment? > c. Are there any authentication / authorization issues concerning the user enrolment on the remote signatures service? > d. Policy / Security Requirements for TSPs providing Remote Signature Creation > > 4. In the remaining time (15 minutes the max), the audience will be invited to provide any further questions. All panel members will be asked to address them and at the same time to take advantage to summarize any key points. > > The agenda of the event is available under https://www.enisa.europa.eu/events/tsforum-caday-2018/tsf-cad-2018-agenda . > > I would appreciate if you could send me the question(s) as well as the slides (in case you have) by Wednesday (17.10.2018) midday. > > I would like to thank you, once more, for your participation and looking forward to an interesting discussion. > > Should you have any questions, please do not hesitate to contact me. > > > Best Regards > Evgenia > > > > Dr Evgenia Nikolouzou > Data Security & Standardization Unit > ENISA - European Union Agency for Network and Information Security > 1 Vas. Sofias & Meg. Alexandrou, 15124 Marousi, Attica, Greece > Tel: +306985051405, +302814409582 > Visit our new website www.enisa.europa.eu < http://www.enisa.europa.eu > > > > > > > > > > <enisa-OASIS-DSSX-remote-signing.pptx> > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > -- Andreas KÃhne phone: +49 177 293 24 97 mailto: kuehne@trustable.de Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 Director Andreas KÃhne Company UK Company No: 5218868 Registered in England and Wales


  • 5.  AW: [dss-x] Fwd: ENISA Trust Services Forum - New Opportunities for trust services

    Posted 10-17-2018 06:00
    Hi, >I do like these figures but I'm not quite sure that I'll be able to transport their message within 5 minutes! Well. The message is as follows: - Yesterday, there was the Local Signature Profile. - Remote Signing is very important. - Local and Remote Signing is - viewed on appropriate flight level - very similar. - The Local and Remote Signing Profile aims at combining the two approaches ... - ... and goes beyond in order to include eID-based enrolment for remote signing. - IMPORTANT: Don't hesitate to join OASIS DSS-X to be part of this exiting movement! ... hence, the message seems even to be TwitterAble. ð BR, Detlef Greetings, Andreas > > > > > See also some comments below ... > > > > On 16 Oct 2018, at 13:13, Andreas Kuehne <kuehne@trustable.de < mailto:kuehne@trustable.de > > wrote: > > Hi colleagues, > > next week I'll take part in a panel discussion on the topic of remote signing. See attached my slides regarding DSS-X's activities and the FutureTrust implementation. > > The organization likes to know about our statements / questions related to emote signing solutions (see topic 3. in the mail below). > > These topics came to my mind: > > - Standardization is important for these use cases to ensure interoperability. > > - Trust between different components is crucial. The EU Trust List may be helpful. > > The TLS is about certificates? The remote signing service as a trusted service is very important; the TLS is not enough. > > > > > > - Adoption by the government portals is critical for the success for > public acceptance > > Because also of the use of the eID due to eIDAS > > > > > > > > . > > - Funding of audited open source components could lower the threshold. > > > > ...for the ease of implementation. But the certification as a trusted > service remains > > > > > Do you have other interesting statements / questions? Comments appreciated by noon, tomorrow, 17.10. ! > > > Thanks you in advance, > > Andreas > > > -------- Weitergeleitete Nachricht -------- > > > Betreff: > > ENISA Trust Services Forum - New Opportunities for trust services > > > Datum: > > Fri, 12 Oct 2018 07:23:12 +0000 > > > Von: > > Evgenia Nikolouzou < mailto:Evgenia.Nikolouzou@enisa.europa.eu > > <Evgenia.Nikolouzou@enisa.europa.eu> > > > An: > > Nguyen Dr., Kim < mailto:Kim.Nguyen@bdr.de > <Kim.Nguyen@bdr.de>, > Andrea Rock < mailto:andrea.rock@universign.com > > <andrea.rock@universign.com>, Andreas Kuehne > < mailto:kuehne@trustable.de > <kuehne@trustable.de>, Ronald De > Temmerman < mailto:ronald.detemmerman@globalsign.com > > <ronald.detemmerman@globalsign.com> > > > Kopie (CC): > > Slawomir Gorniak < mailto:Slawomir.Gorniak@enisa.europa.eu > > <Slawomir.Gorniak@enisa.europa.eu> > > > > Dear all, > > On behalf of ENISA I would like to thank you for accepting to join us at 4th Trust Services Forum, on October 23rd, and participate at Panel Discussion : " New Opportunities for trust services - remote signing" that will take place from 15:30 until 16:30. > > On behalf of the organizers I will be moderating the panel and the invited panellists are: Mr. Kim Nguyen (D-Trust), Mr. Andreas Kuehne (OASIS, trustable), Mrs. Andrea Rock (Universign, ETSI STF 539), and Mr. Ronald De Temmerman (GlobalSign). > > Concerning the organization of this 60-minute panel discussion, I would propose the following time plan: > 1. Introduction of the panel topic and introduction of the panellists to the audience by the moderator (~ 2 minutes). > 2. A short opening statement by each of you of no more than 6 minutes to explain your point of views/situation concerning the adoption of QWACS. For this time slot, you can even present some slides in order to make it more attractive for the audience. > 3. Based on your expertise, I'll be very grateful if you could send to me a couple of issues/questions to be addressed during the panel. Please find below an indicative list of areas: > > a. What are the new market opportunities for remote signing solutions and products? What the main obstacles against their growth? > b. Audit problems and audit requirements. Is there a need for a harmonised checklist from CABs during the assessment about the QSCD management environment? > c. Are there any authentication / authorization issues concerning the user enrolment on the remote signatures service? > d. Policy / Security Requirements for TSPs providing Remote Signature Creation > > 4. In the remaining time (15 minutes the max), the audience will be invited to provide any further questions. All panel members will be asked to address them and at the same time to take advantage to summarize any key points. > > The agenda of the event is available under https://www.enisa.europa.eu/events/tsforum-caday-2018/tsf-cad-2018-agenda . > > I would appreciate if you could send me the question(s) as well as the slides (in case you have) by Wednesday (17.10.2018) midday. > > I would like to thank you, once more, for your participation and looking forward to an interesting discussion. > > Should you have any questions, please do not hesitate to contact me. > > > Best Regards > Evgenia > > > > Dr Evgenia Nikolouzou > Data Security & Standardization Unit > ENISA - European Union Agency for Network and Information Security > 1 Vas. Sofias & Meg. Alexandrou, 15124 Marousi, Attica, Greece > Tel: +306985051405, +302814409582 > Visit our new website www.enisa.europa.eu < http://www.enisa.europa.eu > > > > > > > > > > <enisa-OASIS-DSSX-remote-signing.pptx> > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > -- Andreas KÃhne phone: +49 177 293 24 97 mailto: kuehne@trustable.de Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 Director Andreas KÃhne Company UK Company No: 5218868 Registered in England and Wales --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


  • 6.  Re: [dss-x] Fwd: ENISA Trust Services Forum - New Opportunities for trust services

    Posted 10-17-2018 08:24
      |   view attached
    Hi Detlef, I completely agree with your message! But I shy away from flashing the audience with slides. So I'll try to push the message using a red message box ... And of course I'll throw membership application forms into the audience ;-) Goodness, do we really need to feed the Twitter monster? Yes, maybe ... I'll ask some of these smart millennials to join ... Greetings, Andreas > Hi, > >> I do like these figures but I'm not quite sure that I'll be able to transport their message within 5 minutes! > Well. The message is as follows: > > - Yesterday, there was the Local Signature Profile. > - Remote Signing is very important. > - Local and Remote Signing is - viewed on appropriate flight level - very similar. > - The Local and Remote Signing Profile aims at combining the two approaches ... > - ... and goes beyond in order to include eID-based enrolment for remote signing. > - IMPORTANT: Don't hesitate to join OASIS DSS-X to be part of this exiting movement! > > ... hence, the message seems even to be TwitterAble. ð > > BR, > Detlef > > Greetings, > > Andreas > >> >> >> >> >> See also some comments below ... >> >> >> >> On 16 Oct 2018, at 13:13, Andreas Kuehne <kuehne@trustable.de < mailto:kuehne@trustable.de > > wrote: >> >> Hi colleagues, >> >> next week I'll take part in a panel discussion on the topic of remote signing. See attached my slides regarding DSS-X's activities and the FutureTrust implementation. >> >> The organization likes to know about our statements / questions related to emote signing solutions (see topic 3. in the mail below). >> >> These topics came to my mind: >> >> - Standardization is important for these use cases to ensure interoperability. >> >> - Trust between different components is crucial. The EU Trust List may be helpful. >> >> The TLS is about certificates? The remote signing service as a trusted service is very important; the TLS is not enough. >> >> >> >> >> >> - Adoption by the government portals is critical for the success for >> public acceptance >> >> Because also of the use of the eID due to eIDAS >> >> >> >> >> >> >> >> . >> >> - Funding of audited open source components could lower the threshold. >> >> >> >> ...for the ease of implementation. But the certification as a trusted >> service remains >> >> >> >> >> Do you have other interesting statements / questions? Comments appreciated by noon, tomorrow, 17.10. ! >> >> >> Thanks you in advance, >> >> Andreas >> >> >> -------- Weitergeleitete Nachricht -------- >> >> >> Betreff: >> >> ENISA Trust Services Forum - New Opportunities for trust services >> >> >> Datum: >> >> Fri, 12 Oct 2018 07:23:12 +0000 >> >> >> Von: >> >> Evgenia Nikolouzou < mailto:Evgenia.Nikolouzou@enisa.europa.eu > >> <Evgenia.Nikolouzou@enisa.europa.eu> >> >> >> An: >> >> Nguyen Dr., Kim < mailto:Kim.Nguyen@bdr.de > <Kim.Nguyen@bdr.de>, >> Andrea Rock < mailto:andrea.rock@universign.com > >> <andrea.rock@universign.com>, Andreas Kuehne >> < mailto:kuehne@trustable.de > <kuehne@trustable.de>, Ronald De >> Temmerman < mailto:ronald.detemmerman@globalsign.com > >> <ronald.detemmerman@globalsign.com> >> >> >> Kopie (CC): >> >> Slawomir Gorniak < mailto:Slawomir.Gorniak@enisa.europa.eu > >> <Slawomir.Gorniak@enisa.europa.eu> >> >> >> >> Dear all, >> >> On behalf of ENISA I would like to thank you for accepting to join us at 4th Trust Services Forum, on October 23rd, and participate at Panel Discussion : " New Opportunities for trust services - remote signing" that will take place from 15:30 until 16:30. >> >> On behalf of the organizers I will be moderating the panel and the invited panellists are: Mr. Kim Nguyen (D-Trust), Mr. Andreas Kuehne (OASIS, trustable), Mrs. Andrea Rock (Universign, ETSI STF 539), and Mr. Ronald De Temmerman (GlobalSign). >> >> Concerning the organization of this 60-minute panel discussion, I would propose the following time plan: >> 1. Introduction of the panel topic and introduction of the panellists to the audience by the moderator (~ 2 minutes). >> 2. A short opening statement by each of you of no more than 6 minutes to explain your point of views/situation concerning the adoption of QWACS. For this time slot, you can even present some slides in order to make it more attractive for the audience. >> 3. Based on your expertise, I'll be very grateful if you could send to me a couple of issues/questions to be addressed during the panel. Please find below an indicative list of areas: >> >> a. What are the new market opportunities for remote signing solutions and products? What the main obstacles against their growth? >> b. Audit problems and audit requirements. Is there a need for a harmonised checklist from CABs during the assessment about the QSCD management environment? >> c. Are there any authentication / authorization issues concerning the user enrolment on the remote signatures service? >> d. Policy / Security Requirements for TSPs providing Remote Signature Creation >> >> 4. In the remaining time (15 minutes the max), the audience will be invited to provide any further questions. All panel members will be asked to address them and at the same time to take advantage to summarize any key points. >> >> The agenda of the event is available under https://www.enisa.europa.eu/events/tsforum-caday-2018/tsf-cad-2018-agenda . >> >> I would appreciate if you could send me the question(s) as well as the slides (in case you have) by Wednesday (17.10.2018) midday. >> >> I would like to thank you, once more, for your participation and looking forward to an interesting discussion. >> >> Should you have any questions, please do not hesitate to contact me. >> >> >> Best Regards >> Evgenia >> >> >> >> Dr Evgenia Nikolouzou >> Data Security & Standardization Unit >> ENISA - European Union Agency for Network and Information Security >> 1 Vas. Sofias & Meg. Alexandrou, 15124 Marousi, Attica, Greece >> Tel: +306985051405, +302814409582 >> Visit our new website www.enisa.europa.eu < http://www.enisa.europa.eu > >> >> >> >> >> >> >> >> >> <enisa-OASIS-DSSX-remote-signing.pptx> >> >> >> --------------------------------------------------------------------- >> To unsubscribe from this mail list, you must leave the OASIS TC that >> generates this mail. Follow this link to all your TCs in OASIS at: >> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >> >> > -- > Andreas KÃhne > phone: +49 177 293 24 97 > mailto: kuehne@trustable.de > > Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 > > Director Andreas KÃhne > > Company UK Company No: 5218868 Registered in England and Wales > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > -- Andreas KÃhne phone: +49 177 293 24 97 mailto: kuehne@trustable.de Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 Director Andreas KÃhne Company UK Company No: 5218868 Registered in England and Wales Attachment: enisa-OASIS-DSSX-remote-signing.pptx Description: Binary data

    Attachment(s)



  • 7.  Re: [dss-x] Fwd: ENISA Trust Services Forum - New Opportunities for trust services

    Posted 10-16-2018 16:03
    Hi Ernst Jan, > - adoption of eIDAS; as ENISA is the organizer, it's all about eIDAS ... > remote signing assumes identification; reuse of identification means Yes, good points! Identification deserves to be mentioned explicitly! [...] > The TLS is about certificates? The remote signing service as a trusted service is very important; the TLS is not enough. The TSL is about trusted services ( see https://www.eid.as/tsp-map/#/ ). But, good point, no explicit service type for (remote) signing services! > >> . >> - Funding of audited open source components could lower the threshold. >> > ...for the ease of implementation. But the certification as a trusted service remains A great building block of the ejbca is certified ( https://www.cesecore.eu/ ). Of course there is good part of auditing left. But a certified software helps! Thank you for your quick reply, Andreas >> Do you have other interesting statements / questions? Comments appreciated by noon, tomorrow, 17.10. ! >> >> >> Thanks you in advance, >> >> Andreas >> >> >> -------- Weitergeleitete Nachricht -------- >> Betreff: ENISA Trust Services Forum - New Opportunities for trust services >> Datum: Fri, 12 Oct 2018 07:23:12 +0000 >> Von: Evgenia Nikolouzou <Evgenia.Nikolouzou@enisa.europa.eu> >> An: Nguyen Dr., Kim <Kim.Nguyen@bdr.de>, Andrea Rock <andrea.rock@universign.com>, Andreas Kuehne <kuehne@trustable.de>, Ronald De Temmerman <ronald.detemmerman@globalsign.com> >> Kopie (CC): Slawomir Gorniak <Slawomir.Gorniak@enisa.europa.eu> >> >> Dear all, >> >> On behalf of ENISA I would like to thank you for accepting to join us at 4th Trust Services Forum, on October 23rd, and participate at Panel Discussion : " New Opportunities for trust services - remote signing" that will take place from 15:30 until 16:30. >> >> On behalf of the organizers I will be moderating the panel and the invited panellists are: Mr. Kim Nguyen (D-Trust), Mr. Andreas Kuehne (OASIS, trustable), Mrs. Andrea Rock (Universign, ETSI STF 539), and Mr. Ronald De Temmerman (GlobalSign). >> >> Concerning the organization of this 60-minute panel discussion, I would propose the following time plan: >> 1. Introduction of the panel topic and introduction of the panellists to the audience by the moderator (~ 2 minutes). >> 2. A short opening statement by each of you of no more than 6 minutes to explain your point of views/situation concerning the adoption of QWACS. For this time slot, you can even present some slides in order to make it more attractive for the audience. >> 3. Based on your expertise, I'll be very grateful if you could send to me a couple of issues/questions to be addressed during the panel. Please find below an indicative list of areas: >> >> a. What are the new market opportunities for remote signing solutions and products? What the main obstacles against their growth? >> b. Audit problems and audit requirements. Is there a need for a harmonised checklist from CABs during the assessment about the QSCD management environment? >> c. Are there any authentication / authorization issues concerning the user enrolment on the remote signatures service? >> d. Policy / Security Requirements for TSPs providing Remote Signature Creation >> >> 4. In the remaining time (15 minutes the max), the audience will be invited to provide any further questions. All panel members will be asked to address them and at the same time to take advantage to summarize any key points. >> >> The agenda of the event is available under https://www.enisa.europa.eu/events/tsforum-caday-2018/tsf-cad-2018-agenda . >> >> I would appreciate if you could send me the question(s) as well as the slides (in case you have) by Wednesday (17.10.2018) midday. >> >> I would like to thank you, once more, for your participation and looking forward to an interesting discussion. >> >> Should you have any questions, please do not hesitate to contact me. >> >> >> Best Regards >> Evgenia >> >> >> >> Dr Evgenia Nikolouzou >> Data Security & Standardization Unit >> ENISA - European Union Agency for Network and Information Security >> 1 Vas. Sofias & Meg. Alexandrou, 15124 Marousi, Attica, Greece >> Tel: +306985051405, +302814409582 >> Visit our new website www.enisa.europa.eu >> >> >> >> >> >> >> >> <enisa-OASIS-DSSX-remote-signing.pptx> >> >> --------------------------------------------------------------------- >> To unsubscribe from this mail list, you must leave the OASIS TC that >> generates this mail. Follow this link to all your TCs in OASIS at: >> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php -- Andreas Kühne phone: +49 177 293 24 97 mailto: kuehne@trustable.de Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 Director Andreas Kühne Company UK Company No: 5218868 Registered in England and Wales