Commission Decision of 16 October 2009 setting out measures facilitating the use of procedures by electronic means through the ‘points of single contact’ under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market (notified under document C(2009) 7806) (Text with EEA relevance) (2009/767/EC)

[X1 [F12. Structure of the Common Template for the Trusted List U.K.

The Common Template for a Member State Trusted List is structured according to ETSI TS 119 612 into the following categories of information:

In the context of a CSP issuing QCs, the structure of the Trusted List and in particular the service information component (as per point 4 above) allows for complementary information in service information extensions to compensate for those situations where insufficient (machine processable) information is available within the qualified certificate about its ‘ qualified ’ status, its potential support by an SSCD and especially in order to cope with the additional fact that most of the (commercial) CSPs are using one single issuing Certification Authority (CA) to issue several types of end-entity certificates, both qualified and non-qualified.

In the context of certificate generation (CA) services, the number of service entries in the list for a CSP may be reduced where one or several upper CA services exist within the CSP’s PKI (e.g. in the context of a hierarchy of CAs from a Root CA down to several issuing CAs) by listing such upper CA services and not the CA services issuing end-entity certificates (e.g. listing the CSP Root CA only). However in those cases, the status information applies to the whole hierarchy of CA services below the listed service and the principle of ensuring the unambiguous link between a CSP _QC certification service and the set of certificates intended to be identified as QCs has to be maintained and ensured.

2.1. Description of information in each category U.K.

1. Trusted List Tag U.K.

2. Information on the Trusted List and its issuing scheme U.K.

The following information is part of this category:

• A Trusted List format version identifier ,

• A Trusted List sequence (or release) number ,

• A Trusted List type information (e.g. for identification of the fact that this Trusted List is providing information on the supervision/accreditation status of certification services from CSPs supervised/accredited by the referenced Member State for compliance with the provisions laid down in Directive 1999/93/EC),

• A Trusted List scheme operator (owner) information (e.g. name, address, contact information, etc. of the Member State Body in charge of establishing, publishing securely and maintaining the Trusted List);

• Information about the underlying supervision/accreditation scheme(s) to which the Trusted List is associated, including but not limited to:

  • the country in which it applies,

  • information on or reference to the location where information on the scheme(s) can be found (scheme model, rules, criteria, applicable community, type, etc.),

  • period of retention of (historical) information,

• Trusted List policy and/or legal notice, liabilities, responsibilities ,

• Trusted List issue date and time ,

• Trusted List next planned update.

3. Unambiguous identification information about every CSP supervised/accredited under the scheme U.K.

This set of information includes at least the following:

• The CSP organisation name as used in formal legal registrations (including the CSP organisation UID following Member State practices),

• The CSP address and contact information,

• Additional information on the CSP either included directly or by reference to a location from where such additional information can be downloaded.

4. For each listed CSP, a sequence of fields holding unambiguous identification of a certification service provided by the CSP and supervised/accredited in the context of Directive 1999/93/EC U.K.

This set of information includes at least the following for each certification service from a listed CSP:

• Service type identifier: An identifier of the type of certification service (e.g. identifier indicating that the supervised/accredited certification service from the CSP is a Certification Authority issuing QCs),

• Service (trade) name: (trade) name of this certification service,

• Service digital identity: An unambiguous unique identifier of the certification service,

• Service current status: An identifier of the current status of the service,

• The current status starting date and time,

• Service information extension, when applicable: Additional information on the service (e.g. directly included or included by reference to a location from which information can be downloaded): service definition information provided by the scheme operator, access information with regards to the service, service definition information provided by the CSP and service information extensions. E.g. for CA/QC services, an optional sequence of tuples of information, each tuple providing,

  • Criteria to be used to further identify (filter) within the identified trust service that precise set of service outputs (e.g. set of (qualified) certificates) for which additional information is required/provided with regards to its status, the indication of the SSCD support and/or issuance to a legal person, and

  • The associated ‘ qualifiers ’ providing information on whether the set of service outputs identifies certificates to be considered as qualified and/or whether the identified qualified certificates from this service are supported by an SSCD or not, and/or information about whether such QCs are issued to legal person (by default they are to be considered as issued to natural persons).

5. For each listed certification service, the historical information about his status U.K.

6. A signature computed for authentication purposes over all fields of the TL except the signature value itself] ] U.K.