CWA 14167-1:2001

Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures - Part 1: System Security Requirements CWA 14167-1:2001

Scope

This document establishes security requirements for TWSs and technical components that can be used by a CSP in order to issue QCs and NQCs in accordance with [EC 1999/93].
Although [EC 1999/93] has a very general approach and speaks of electronic signatures of any kind, the underlying assumption in this document is that electronic signatures are created by means of public key cryptography, that the subscriber uses a cryptographic key pair consisting of a private and public component, and that a certificate produced by a system considered in this document essentially binds the public key of the subscriber to the identity and possibly other information of the subscriber by means of an electronic signature which is created with the private key (certificate signing key) of the CSP. Other forms of electronic signatures are outside the scope of this document.
With reference to Electronic Signatures, [EC 1999/93] provides two levels of signature, one a standard Electronic Signature and the other an Advanced Electronic Signature. Within this CWA, these are used in conjunction with NQCs and QCs respectively. This CWA provides security requirements for both these levels where the security requirements for TWSs issuing QCs are higher than for those just issuing NQCs.
Security requirements for TWSs also include a minimum set of requirements to be fulfilled by the signature algorithms and their parameters allowed for use by CSPs. These requirements are provided in [ALGO].