keyboard_tab EIDAS 2014/0910 EN
BG CS DA DE EL EN ES ET FI FR GA HR HU IT LV LT MT NL PL PT RO SK SL SV print pdf
- 1 Article 30 certification of qualified electronic signature creation devices
- 2 Article 31 Publication of a list of certified qualified electronic signature creation devices
- 1 Article 39 Qualified electronic seal creation devices
- 4 Article 51 Transitional measures
- Article 52 Entry into force
CHAPTER I
GENERAL PROVISIONS
CHAPTER II
ELECTRONIC IDENTIFICATION
CHAPTER III
TRUST SERVICES
SECTION 1
General provisions
SECTION 2
Supervision
SECTION 3
Qualified trust services
SECTION 4
Electronic signatures
SECTION 5
Electronic seals
SECTION 6
Electronic time stamps
SECTION 7
Electronic registered delivery services
SECTION 8
Website authentication
CHAPTER IV
ELECTRONIC DOCUMENTS
CHAPTER V
DELEGATIONS OF POWER AND IMPLEMENTING PROVISIONS
CHAPTER VI
FINAL PROVISIONS
- electronic identification
- electronic identification means
- person identification data
- electronic identification scheme
- authentication
- relying party
- public sector body
- body governed by public law
- signatory
- electronic signature
- advanced electronic signature
- qualified electronic signature
- electronic signature creation data
- certificate for electronic signature
- qualified certificate for electronic signature
- trust service
- qualified trust service
- conformity assessment body
- trust service provider
- qualified trust service provider
- product
- electronic signature creation device
- qualified electronic signature creation device
- creator of a seal
- electronic seal
- advanced electronic seal
- qualified electronic seal
- electronic seal creation data
- certificate for electronic seal
- qualified certificate for electronic seal
- electronic seal creation device
- qualified electronic seal creation device
- electronic time stamp
- qualified electronic time stamp
- electronic document
- electronic registered delivery service
- qualified electronic registered delivery service
- certificate for website authentication
- qualified certificate for website authentication
- validation data
- validation
- shall 19
- qualified 15
- creation 12
- devices 12
- referred 12
- article 10
- commission 9
- under 7
- electronic_signature 7
- process 6
- information 6
- paragraph 6
- accordance 6
- assessment 6
- certified 6
- body 5
- certification 5
- list 5
- security 5
- acts 5
- states 4
- electronic_seal 4
- than 4
- point 4
- considered 4
- conformity 4
- certification-service-provider 4
- implementing 4
- directive 4
- certificates 4
- regulation 4
- //ec 4
- mutandis 3
- mutatis 3
- report 3
- supervisory 3
- apply 3
- later 3
- article 3
- standards 3
- private 3
- public 3
- the 3
- bodies 3
- notify 3
- adopted 2
- examination 2
- procedure 2
- member 2
- designated 2
Article 30
certification of qualified electronic_signature creation devices
1. Conformity of qualified electronic_signature creation devices with the requirements laid down in Annex II shall be certified by appropriate public or private bodies designated by Member States.
2. Member States shall notify to the Commission the names and addresses of the public or private body referred to in paragraph 1. The Commission shall make that information available to Member States.
3. The certification referred to in paragraph 1 shall be based on one of the following:
(a) | a security evaluation process carried out in accordance with one of the standards for the security assessment of information technology products included in the list established in accordance with the second subparagraph; or |
(b) | a process other than the process referred to in point (a), provided that it uses comparable security levels and provided that the public or private body referred to in paragraph 1 notifies that process to the Commission. That process may be used only in the absence of standards referred to in point (a) or when a security evaluation process referred to in point (a) is ongoing. |
The Commission shall, by means of implementing acts, establish a list of standards for the security assessment of information technology products referred to in point (a). Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 48(2).
4. The Commission shall be empowered to adopt delegated acts in accordance with Article 47 concerning the establishment of specific criteria to be met by the designated bodies referred to in paragraph 1 of this Article.
Article 31
Publication of a list of certified qualified electronic_signature creation devices
1. Member States shall notify to the Commission without undue delay and no later than one month after the certification is concluded, information on qualified electronic_signature creation devices that have been certified by the bodies referred to in Article 30(1). They shall also notify to the Commission, without undue delay and no later than one month after the certification is cancelled, information on electronic_signature creation devices that are no longer certified.
2. On the basis of the information received, the Commission shall establish, publish and maintain a list of certified qualified electronic_signature creation devices.
3. The Commission may, by means of implementing acts, define formats and procedures applicable for the purpose of paragraph 1. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 48(2).
Article 39
Qualified electronic_seal creation devices
1. Article 29 shall apply mutatis mutandis to requirements for qualified electronic_seal creation devices.
2. Article 30 shall apply mutatis mutandis to the certification of qualified electronic_seal creation devices.
3. Article 31 shall apply mutatis mutandis to the publication of a list of certified qualified electronic_seal creation devices.
Article 51
Transitional measures
1. Secure signature creation devices of which the conformity has been determined in accordance with Article 3(4) of Directive 1999/93/EC shall be considered as qualified electronic_signature creation devices under this Regulation.
2. Qualified certificates issued to natural persons under Directive 1999/93/EC shall be considered as qualified certificates for electronic_signatures under this Regulation until they expire.
3. A certification-service-provider issuing qualified certificates under Directive 1999/93/EC shall submit a conformity assessment report to the supervisory body as soon as possible but not later than 1 July 2017. Until the submission of such a conformity assessment report and the completion of its assessment by the supervisory body, that certification-service-provider shall be considered as qualified trust_service provider under this Regulation.
4. If a certification-service-provider issuing qualified certificates under Directive 1999/93/EC does not submit a conformity assessment report to the supervisory body within the time limit referred to in paragraph 3, that certification-service-provider shall not be considered as qualified trust_service provider under this Regulation from 2 July 2017.
whereas