Agencja Unii Europejskiej ds. Cyberbezpieczeństwa, Wytyczne techniczne dot. oceny zgodności kwalifikowanych dostawców usług zaufania

CONFORMITY ASSESSMENT OF QTPS

Technical guidelines for conformity assessment of qualified trust service providers

MARCH 2020

EXECUTIVE SUMMARY

To promote the use and further enhance the trust of electronic trust services and products, Regulation (EU) N°910/2014, on electronic identification and trust services for electronic transactions in the internal market [eIDAS, 2014], introduces the notions of qualified trust service (QTS) and qualified trust service provider (QTSP) with a view to setting out the requirements and obligations that ensure high-level security of QTS provision and of the products (devices) and processes used by QTSPs to provide these services in accordance with the Regulation. As a consequence, eIDAS QTS are granted a higher presumption of their legal effect.

A key policy choice made by the eIDAS Regulation is that, in order to be granted a qualified status by a national supervisory authority, trust service providers (TSPs), and the QTSs they plan to provide, must first...