![]() The signature was made using a qualified signature creation device (QSCD).The certificate indicated in the signature at the time of placement of this signature was a valid qualified certificate.The integrity of the signed data (content) is not affected.An electronic signature may be considered valid and eligible for qualified status if, inter alia, the following conditions are met simultaneously: A little confusing? I hope I can explain this later.įirst of all, it is worthwhile to talk about some of the determinants. However, the legislation does not require the creation and collection of explicit evidence of all the determinants of the validity and status of the signature, leaving some discretion and space for the presumption of certain facts. The other two are TOTALPASSED (full compliance with QES requirements) and TOTALFAILED (at least one discrepancy found to preclude the signature from being considered QES valid).Īpparently, it seems that the matter of signature verification is simple, because eIDAS clearly states what the premises and circumstances and what facts had to exist for a signature to be a valid qualified electronic signature. ![]() What can be particularly interesting after receiving a report issued by the QVS (qualified validation service) stating the status of the signature as “indeterminate”? This is one of three basic validation statuses defined in the ETSI TS 119 102-1 standard. I would like to elaborate on this topic at the end of the cycle of considerations on various aspects of recognition of qualified electronic signatures and the possible risks of their acceptance. Risks should always be considered in the context of both the possibility of undermining the validity or status of the signature and the consequences of that fact and the cost of the service itself and its availability at a time when, for example, a business decision has to be made quickly and there is no possibility or knowledge of how to use a qualified validation service. It is certainly worth using the qualified validation service, but is this always necessary? One of the comments on the previous article rightly points out that this depends on the assessment of the risks involved in the legal action. In the case of a qualified validation service, such a confirmation (certified report) constitutes evidence which is difficult to challenge also in court proceedings as it enjoys a legal presumption of its veracity under the eIDAS rules (EU Regulation 910/2014). The validation service issues a confirmation of the result of the check. ![]() ![]() ![]() In the previous article I pointed out the fundamental differences between validation and verification (checking) of the validity of a qualified electronic signature (QES). When can an electronic signature be considered valid and meet the requirements for a qualified status? What if we get an “indeterminate” result in the protocol and the business situation requires a quick decision? In the circulation of electronic documents, as in the case of traditional documents, an expert approach is important when assessing the risk of their acceptance. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |