Norms and standards

This page is not exhaustive. It quickly presents the Electronic Trust Services without forgetting a major part of this edifice, the founding norms and standards.

In the frame of eIDAS regulation construction, European Commission gave a mandate (M460) to ETSI and CEN bodies to produce standards allowing real application of this new legal framework. The European Commission also works, through an experts group, to release “acts or documents” related to some eIDAS regulation articles. These acts or documents are eventually named “delegated acts”, “implementing acts” or “guidance”.

This is why approximately a hundred of new norms were produced, or are still being produced. ClubPSCo actively participates in international experts groups; it also maintains for its members the official applicable norms list, depending the type and level of targeted legal value for Trust Services.

These norms are structured in 6 different themes, each including 5 parts:

Normes et standards ETSI CEN

They are consistent with the historical standards framework coming from RGS (« Référentiel Général de Sécurité ») or ETSI certifications ETSI (102 042, 101 456 and 102 023).

In France, ANSSI (Agence Nationale de Sécurité des Systèmes d’Information) completes these standards by some specific French procedures for eIDAS regulation. It also provides transition procedures to ease eIDAS qualification for previously qualified Trust Services according to RGS (“Référentiel Général de Sécurité”).

ETSI standards can be freely downloaded on the website ETSI docbox.

French applications procedures are released on ANSSI website.