Resources

eIDAS 2024 Revision

Regulation (EU) 2024/1183 of the European Parliament and of the Council of 11 April 2024 amending Regulation (EU) No 910/2014 as regards establishing the European Digital Identity Framework
Consolidated text: Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC
European Digital Identity Architecture and Reference Framework - v1.5.1 - February 2025
Regulation (EU) 2024/1183 of the European Parliament and of the Council of 11 April 2024 amending Regulation (EU) No 910/2014 as regards establishing the European Digital Identity Framework
EU Digital Identity Wallet Website
EUDI Wallet Reference Implementation - 07 March 2024
The EU Digital Identity Wallet GitHub - Official GitHub Organization of the European Digital Identity project
Study to support the impact assessment for the revision of the eIDAS regulation - 9 June 2021

eIDAS 2014 Regulation

Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC
Commission Implementing Decision (EU) 2015/296 of 24 February 2015 establishing procedural arrangements for cooperation between Member States on electronic identification pursuant to Article 12(7) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market Text with EEA relevance
Commission Implementing Decision (EU) 2016/650 of 25 April 2016 laying down standards for the security assessment of qualified signature and seal creation devices pursuant to Articles 30(3) and 39(2) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (Text with EEA relevance)
Commission Implementing Regulation (EU) 2015/806 of 22 May 2015 laying down specifications relating to the form of the EU trust mark for qualified trust services (Text with EEA relevance)
Commission Implementing Regulation (EU) 2015/1501 of 8 September 2015 on the interoperability framework pursuant to Article 12(8) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (Text with EEA relevance)
Commission Implementing Regulation (EU) 2015/1502 of 8 September 2015 on setting out minimum technical specifications and procedures for assurance levels for electronic identification means pursuant to Article 8(3) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (Text with EEA relevance)
Commission Implementing Decision (EU) 2015/1505 of 8 September 2015 laying down technical specifications and formats relating to trusted lists pursuant to Article 22(5) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (Text with EEA relevance)
Commission Implementing Decision (EU) 2015/1506 of 8 September 2015 laying down specifications relating to formats of advanced electronic signatures and advanced seals to be recognised by public sector bodies pursuant to Articles 27(5) and 37(5) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (Text with EEA relevance)
Commission Implementing Decision (EU) 2015/1984 of 3 November 2015 defining the circumstances, formats and procedures of notification pursuant to Article 9(5) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (notified under document C(2015) 7369) (Text with EEA relevance)
Belgian Digital Act Law: Wet tot uitvoering en aanvulling van de verordening (EU) nr. 910/2014 van het Europees Parlement en de Raad van 23 juli 2014 betreffende de elektronische identificatie en vertrouwensdiensten voor elektronische transacties in de interne markt en tot intrekking van Richtlijn 1999/93/EG, houdende invoeging van titel 2 in boek XII "Recht van de elektronische economie" van het Wetboek van economisch recht, en houdende invoeging van de definities eigen aan titel 2 van boek XII en van de rechtshandhavingsbepalingen eigen aan titel 2 van boek XII, in de boeken I, XV en XVII van het Wetboek van economisch recht
Qualified Electronic Archiving certification scheme as defined by the Belgian Digital Act Law

EU Trust Services Dashboard

The eIDAS trust services toolbox
EU/EEA Trusted List Browser
EU Inter-Institutional Trusted List
Third Countries Trusted List Browser
Supervisory bodies
National Accreditation Bodies and Conformity Assessments Bodies for QTSP/QTS
Qualified Signature/Seal Creation Devices and Secure Signature Creation Devices
Designated Bodies for SSCD and QSCD
List of notified alternative processes
Points of Single Contact and eIDAS-Nodes Contacts for eID Chapter
Compliance: eSignature validation test cases
International Compatibility of Trust Services
Overview of pre-notified and notified eID schemes under eIDAS
Digital Signature Service (DSS) Demonstration WebApp

ENISA Guidelines

Remote ID Proofing - Good practices - March 2024
Digital Identity Standards - Analysis of standardisation requirements in support of cybersecurity policy - July 03, 2023
Trust Services - Secure move to the cloud of the eIDAS ecosystem - June 12, 2023
Remote Identity Proofing - Attacks & Countermeasures - January 20, 2022
Remote ID Proofing - March 11, 2021
Security Framework for Qualified Trust Service Providers - March 11, 2021
Conformity Assessment of Qualified Trust Service Providers - March 11, 2021
Recommendations for Qualified Trust Service Providers based on Standards - March 11, 2021
Overview of standards related to eIDAS - December 18, 2019
Recommendations for technical implementation of the eIDAS Regulation - December 17, 2019
Towards global acceptance of eIDAS audits - January 15, 2019
Assessment of Standards related to eIDAS - December 14, 2018
Guidelines on Termination of Qualified Trust Services - December 19, 2017
Recommendations for QTSPs based on Standards - Technical guidelines on trust services - December 19, 2017
Guidelines on Supervision of Qualified Trust Services - Technical guidelines on trust services - December 19, 2017
Guidelines on Initiation of Qualified Trust Services - Technical guidelines on trust services - December 19, 2017
Security framework for Trust Service Providers - Technical guidelines on trust services - December 19, 2017
Conformity assessment of Trust Service Providers - Technical guidelines on trust services - December 19, 2017
Security guidelines on the appropriate use of qualified website authentication certificates - June 29, 2017
Security guidelines on the appropriate use of qualified electronic registered delivery services - June 29, 2017
Security guidelines on the appropriate use of qualified electronic time stamps - June 29, 2017
Security guidelines on the appropriate use of qualified electronic seals - June 29, 2017
Security guidelines on the appropriate use of qualified electronic signatures - June 29, 2017

ETSI Standards

ETSI EN 319 102-1: Procedures for Creation and Validation of AdES Digital Signatures; Part 1: Creation and Validation
ETSI EN 319 122-1: CAdES digital signatures; Part 1: Building blocks and CAdES baseline signatures
ETSI EN 319 132-1: XAdES digital signatures; Part 1: Building blocks and XAdES baseline signatures
ETSI EN 319 142-1: PAdES digital signatures; Part 1: Building blocks and PAdES baseline signatures
ETSI EN 319 142-2: PAdES digital signatures; Part 2: Additional PAdES signatures profiles
ETSI EN 319 162-1: Associated Signature Containers (ASiC); Part 1: Building blocks and ASiC baseline containers
ETSI EN 319 162-2: Associated Signature Containers (ASiC); Part 2: Additional ASiC containers
ETSI EN 319 401: General Policy Requirements for Trust Service Providers
ETSI EN 319 403-1: Trust Service Provider Conformity Assessment; Part 1: Requirements for conformity assessment bodies assessing Trust Service Providers
ETSI EN 319 411-1: Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements
ETSI EN 319 411-2: Trust Service Providers issuing certificates; Part 2: Requirements for trust service providers issuing EU qualified certificates
ETSI EN 319 411-4: Policy and security requirements for Trust Service Providers issuing certificates; Part 4: Checklist supporting audit of TSP against ETSI EN 319 411-1 or ETSI EN 319 411-2
ETSI EN 319 412-1: Certificate Profiles; Part 1: Overview and common data structures
ETSI EN 319 412-2: Certificate Profiles; Part 2: Certificate profile for certificates issued to natural persons
ETSI EN 319 412-3: Certificate Profiles; Part 3: Certificate profile for certificates issued to legal persons
ETSI EN 319 412-4: Certificate Profiles; Part 4: Certificate profile for web site certificates
ETSI EN 319 412-5: Certificate Profiles; Part 5: QCStatements
ETSI EN 319 421: Policy and Security Requirements for Trust Service Providers issuing Time-Stamps
ETSI EN 319 422: Time-stamping protocol and time-stamp token profiles
ETSI EN 319 521: Policy and security requirements for Electronic Registered Delivery Service Providers
ETSI EN 319 522-1: Electronic Registered Delivery Services; Part 1: Framework and Architecture
ETSI EN 319 522-2: Electronic Registered Delivery Services; Part 2: Semantic contents
ETSI EN 319 522-3: Electronic Registered Delivery Services; Part 3: Formats
ETSI EN 319 522-4-1: Electronic Registered Delivery Services; Part 4: Bindings; Sub-part 1: Message delivery bindings
ETSI EN 319 522-4-2: Electronic Registered Delivery Services; Part 4: Bindings; Sub-part 2: Evidence and identification bindings
ETSI EN 319 522-4-3: Electronic Registered Delivery Services; Part 4: Bindings; Sub-part 3: Capability/requirements bindings
ETSI EN 319 531: Policy and security requirements for Registered Electronic Mail Service Providers
ETSI EN 319 532-1: Registered Electronic Mail (REM) Services; Part 1: Framework and architecture
ETSI EN 319 532-2: Registered Electronic Mail (REM) Services; Part 2: Semantic contents
ETSI EN 319 532-3: Registered Electronic Mail (REM) Services; Part 3: Formats
ETSI EN 319 532-4: Registered Electronic Mail (REM) Services; Part 4: Interoperability profiles
ETSI TS 119 101: Policy and security requirements for applications for signature creation and signature validation
ETSI TS 119 102-1: Procedures for Creation and Validation of AdES Digital Signatures; Part 1: Creation and Validation
ETSI TS 119 102-2: Procedures for Creation and Validation of AdES Digital Signatures; Part 2: Signature Validation Report
ETSI TS 119 172-1: Signature Policies; Part 1: Building blocks and table of contents for human readable signature policy documents
ETSI TS 119 172-2: Signature Policies; Part 2: XML format for signature policies
ETSI TS 119 172-3: Signature Policies; Part 3: ASN.1 format for signature policies
ETSI TS 119 172-4: Signature Policies; Part 4: Signature applicability rules (validation policy) for European qualified electronic signatures/seals using trusted lists
ETSI TS 119 182-1: Electronic Signatures and Infrastructures (ESI); JAdES digital signatures; Part 1: Building blocks and JAdES baseline signatures
ETSI TS 119 192: AdES related Uniform Resource Identifier
ETSI TS 119 312: Cryptographic Suites
ETSI TS 119 322: Schema for machine-readable cryptographic algorithms, and cipher suites catalogues
ETSI TS 119 403-2: Trust Service Provider Conformity Assessment; Part 2: Additional requirements for Conformity Assessment Bodies auditing Trust Service Providers that issue Publicly-Trusted Certificates
ETSI TS 119 403-3: Trust Service Provider Conformity Assessment; Part 3: Additional requirements for conformity assessment bodies assessing EU qualified trust service providers
ETSI TS 119 411-5: Policy and security requirements for Trust Service Providers issuing certificates; Part 5: Implementation of qualified certificates for website authentication as in amended Regulation 910/2014
ETSI TS 119 411-6: Policy and security requirements for Trust Service Providers issuing certificates; Part 6: Requirements for Trust Service Providers issuing publicly trusted S/MIME certificates
ETSI TS 119 431-1: Policy and security requirements for trust service providers; Part 1: TSP service components operating a remote QSCD / SCDev
ETSI TS 119 431-2: Policy and security requirements for trust service providers; Part 2: TSP service components supporting AdES digital signature creation
ETSI TS 119 432: Protocols for remote digital signature creation
ETSI TS 119 441: Policy requirements for TSP providing signature validation services
ETSI TS 119 442: Protocol profiles for trust service providers providing AdES digital signature validation services
ETSI TS 119 461: Policy and security requirements for trust service components providing identity proofing of trust service subjects
ETSI TS 119 495: Sector Specific Requirements; Certificate Profiles and TSP Policy Requirements for Open Banking
ETSI TS 119 511: Policy and security requirements for trust service providers providing long-term preservation of digital signatures or general data using digital signature techniques
ETSI TS 119 512: Protocols for trust service providers providing long-term data preservation services
ETSI TS 119 524-1: Testing Conformance and Interoperability of Electronic Registered Delivery Services; Part 1: Testing conformance
ETSI TS 119 524-2: Testing Conformance and Interoperability of Electronic Registered Delivery Services; Part 2: Test suites for interoperability testing of Electronic Registered Delivery Service Providers
ETSI TS 119 534-1: Testing Conformance and Interoperability of Registered Electronic Mail Services; Part 1: Testing conformance
ETSI TS 119 534-2: Testing Conformance and Interoperability of Registered Electronic Mail Services; Part 2: Test suites for interoperability testing of providers using same format and transport protocols
ETSI TS 119 612: Trusted Lists
ETSI TS 119 615: Trusted lists; Procedures for using and interpreting European Union Member States national trusted lists
ETSI TS 301 549: Accessibility requirements for ICT products and services
ETSI TR 119 000: The framework for standardization of digital signatures and trust services; Overview
ETSI TR 119 404: NIS2 and its impact on eIDAS standards
ETSI TR 119 411-5: Policy and security requirements for Trust Service Providers issuing certificates; Part 5: Guidelines for the coexistence of web browser and EU trust controls
ETSI TR 119 460: Survey of technologies and regulatory requirements for identity proofing for trust service subjects
ETSI TR 119 476: Analysis of selective disclosure and zero-knowledge proofs applied to Electronic Attestation of Attributes
ETSI TR 119 520-1: Framework of ERDS/REM standards; Part 1: New (Q)ERDS/(Q)ERDSP standardization rationalized framework as a result of the new components brought by eIDAS2.0
ETSI TR 119 520-2: Electronic Signatures and Trust Infrastructures (ESI); Framework of ERDS/REM standards; Part 2: Impact of emerging technologies on ERDS/REM Models

SOG-IS

Crypto Evaluation Scheme Agreed Cryptographic Mechanisms - V1.3 February 2023

Public Trust

CA/Browser Forum: Baseline Requirements for the Issuance and Management of Publicly‐Trusted Certificates
CA/Browser Forum: Baseline Requirements for the Issuance and Management of Publicly-Trusted Code Signing Certificates
CA/Browser Forum: Guidelines for the Issuance and Management of Extended Validation Certificates
CA/Browser Forum: Baseline Requirements for the Issuance and Management of Publicly-Trusted Code Signing Certificates
Mozilla Root Store Policy
Bugzilla CA Certificate Compliance
Bugzilla CA Certificate Root Program
Common CA Database (ccadb)
crt.sh Certificate Search
CPA Canada WebTrust seal program
WebTrust Principles and Criteria for Certification Authorities
WebTrust Principles and Criteria for Certification Authorities – Extended Validation SSL
WebTrust Principles and Criteria for Certification Authorities – SSL Baseline with Network Security
WebTrust Principles and Criteria for Certification Authorities – Code Signing Baseline Requirements
WebTrust Principles and Criteria for Registration Authorities