List of Trust Service Providers confirming support of qualified seals for EPREL organization verification

Within the EPREL Workspace, a section called «List of Trust Service Providers confirming support of qualified legal person certificates that allow generating qualified electronic seals for EPREL organization verification» has been published.

This is a list of Qualified Certification Service Providers (a subset of the full list of Qualified Certification Service Providers of the European Union), who have explicitly expressed to the European Commission their interest in providing qualified legal entity certificates for qualified electronic seals for use in the manner required by EPREL.

This list has been compiled exclusively to make it easier for suppliers of electrical equipment to select qualified trust service providers providing the desired «specific» service for EPREL. It may be that other Qualified Trusted Service Providers not on this list could also issue certificates suitable for this use.

As this is an open market, with the possibility to act cross-border, any Qualified Trust Service Provider established in any European country can, in principle, issue the certificate to an electrical equipment supplier established in a different country.

The providers currently included in this list are the following:

ANF Autoridad de Certificación Asoc., Bank-Verlag GmbH, Digisign S.A., DigitalSign Certificadora Digital S.A., Disig, a.s., European Agency of Digital Trust S.L. (EAD Trust), First certification autority, a.s., Intesi Group SpA, Quelified e-Seal, Krajowa Izba Rozliczeniowa S.A., Microsec zrt., Sectigo Europe sl, SEP Bulgaria JSC, SK ID Solutions, Trans Sped, TrustPro QTSP and UANATACA S.A.

Of all of them, I highlight, of course, EADTrust, European Agency of Digital Trust S.L. which includes a help service (in English and Spanish) for companies interested in registering their products in EPREL, which is sometimes a difficult task, especially the first time it is attempted. Call +34 917160555 if you need additional information regarding qualified eSeals for EPREL.

Certified Digitization, what is it and what is it for?

Certified Digitization, Certified Digitisation Certified scanning, Electronic Invoice, Electronic Signature, Electronic Certificate. EIDAS, All these concepts are related.

In the development of electronic invoicing regulations, Spanish ORDER EHA / 962/2007, of April 10, which develops certain provisions on electronic billing and electronic storage of invoices, has defined in Spain the concept of Certified Digitization. This blog has been a pioneer in dealing with Certified Digitization since 2006.

Also in english, with some posts:

• Certified Digitization (2015)
• Certified digitization of invoices (2016)
• Certified digitization of invoices (2016)
• Scanning of inbound paper invoices in Europe shoul be harmonized (2017)
• Spanish Tax Agency software certification: Digitized invoices with legal value (2019)
• Certified Digitization or Certified Scanning (2019)
• Scanning of inbound paper invoices in Europe (2020)

The homologation procedure has been included in the resolution of October 24, 2007, of the State Tax Administration Agency, on the procedure for homologation of digitization software contemplated in Order EHA / 962/2007, of April 10, 2007 .

In a strict sense, certified digitization was defined for the procedures of the tax field, which would be outside the coverage of Law 39/2015 (eGovernment). However, the implementation of the concept and the large number of available applications make it a de facto standard , also for the public sector.

Certified digitisation is the process of converting paper documents into electronic documents that contain their facsimile reproduction and are electronically signed or sealed. The systems that manage the digitisation must meet certain criteria of integrity and unalterability in the database with which the digitisation is carried out and are required to be audited. The documents digitised with this type of system have the character of originals, so that the paper documents from which they originate can be dispensed with, which is why the legal value of these processes and of the documents to which they give rise is very relevant

Certified digitisation of invoices has led to the birth of the concept that is now also used in relation to public administrations and the digitisation of Justice.

For the certified digitisation of invoices, you can use the different variants of software approved by the Tax Agency that the AEAT also publishes on its website. The provincial councils of Navarre, Biscay, Alava and Guipuzcoa have also published equivalent regulations and have approval procedures similar to those of the Spanish National Tax Agency and have their own lists of approved software.

Electronic signature

Electronic signature is regulated in the EU Regulation 910/2014, which is abbreviated as “EIDAS”.

Advanced electronic signature is uniquely linked to the signatory; allows the identification of the signatory; It is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and is llinked to the data signed therewith in such a way that any subsequent change in the data is detectable.

In summary, the advanced signature links the signatory with what was signed.

What is signed many times is condensed in the “Hash” value of the document, which is also a way to guarantee the integrity of the signed document after the advanced signature has been carried out. And the signer can be associated in various ways, with biometrics in the case of non-certificate-based signatures, or with the mathematical operation of the hash with the signer’s private key if a certificate-based signature is applied.

Certificate-based signing uses public key cryptography, also called asymmetric cryptography.

In asymmetric cryptography there are 2 keys that are mathematically linked to each other:

1. Private Key
2. Public Key

What is encrypted with the private key can only be decrypted with the public key, and vice versa.

Hash functions are unidirectional and generate a short string of characters from a document or a long string of characters.

A possible simile would be a sum value: if we transform each character in a string into a number (for example, its ASCII value) and add the values ​​of all the characters in the string, the resulting value depends on the content of the string. IF you change a character, the sum changes. The algorithms used in cryptography are more elaborate so that modifications to the strings that result in the same hash value cannot be made, which will allow the contents to be changed. Therefore, the sum value, although it serves to explain the hash, is not in itself a good hashing method.

Given a document and its «hash», it is possible to check if the hash truly corresponds to that document. However, from the hash it is not possible to deduce the document from which it came. There could be infinities. When two different documents produce the same hash value when calculating with a certain algorithm, a «collision» is said to have occurred.

How does an electronic signature work?

The document to be signed is hashed with a specific algorithm (for example, SHA-256) and the result obtained is mathematically operated with an asymmetric signature function (for example, RSA or ECC) with the private key of the signer (normally the private key resides in a chip card or a cryptographic token, and does not leave it, so the hash is sent to the chip and it is the chip that performs the cryptographic operation). The signature is made up of the result of that operation on the chip (which is sometimes called a PKCS # 1 value), and the signer’s certificate containing their data and the public key cryptographically related to the private one.

If the document and the signature are sent to the recipient (sometimes, the document format used allows the signature to be embedded inside, as is the case with PDF files). It can do the equivalent process in reverse to verify the signature.

Extracts the public key from the certificate, thereby applying the cryptographic function to the PKCS # 1 value from which the Hash value is extracted. Calculates the Hash value of the document and compares it with the value obtained from decrypting the PKCS # 1 signature. Both must be the same. If they are not the same there is a problem somewhere. For example, the document has changed in transmission or has been tampered with.

Therefore, an important effect of the electronic signature is that it guarantees the integrity and inalterability of the electronically signed documents.

The certificate used to sign is issued by a “certification authority” or a “trust service provider”. The issuance of electronic certificates is one of the possible trust services ”and, therefore, a“ certification authority ”is a“ trust service provider entity.

These entities verify the identity of the certificate applicants and after that they issue them an electronic certificate associating the public key of the certificate with a private key that must be secretly guarded by the certificate holder with maximum security.

The Electronic Certificate

The electronic certificates of a natural or legal person are electronic documents that contain information about the issuer, the period of validity of the certificate, the identity of the signer, …

The important thing is that this certificate links the public key with the identity of a specific person and that it is signed by the certification body, which has verified the applicant’s identity documents and their correspondence with the applicant’s characteristics. When the certificate is issued, its link with the private key is also established under the exclusive control of the signer.

Although unqualified certification authorities can issue certificates, in Europe qualified certification bodies, which issue qualified certificates, are preferred .

In Spain there are a significant number of qualified certificate issuing entities , among which we can mention Camerfirma, EADTrust, FNMT (CERES), Ivnosys or Vintegris.

In certain signature modalities (such as AdES – T or long-lived signatures) it is convenient to include information about the moment when the signature was created, which it does by adding a time stamp. Time stamps are issued by the Time Stamp Authority (TSA).

The timestamp shows that a certain combination of data existed before a given time and that none of this data has been modified since then.

In short, for the certified digitization of documents, an electronic certificate is needed with which to make the electronic signature on each of the scanned documents.

This requirement and the guarantee of integrity of the database in which the keeping of the invoice digitization process is managed are the most relevant to pass the audit that allows requesting the approval of the software from the AEAT.

Certified Digitization in the field of Justice.

Within the framework of the Lexnet regulations, the GIS for Certified Digitization has been defined by the CTEAJE (State Technical Committee of the Electronic Judicial Administration).

This standard allows any document to be digitized for presentation in legal proceedings, so it has a special value:

• It is used in the private sector to digitize any document, not just invoices
• It allows you to have digitized documents in case they are needed at any given time for a trial. This used to be the main reason for keeping paper documents: in case they were needed in court.

The requirements for certified digitization in the field of justice are very similar to those required in the tax field:

• Electronic signature of scanned documents
• Protection of the integrity and inalterability of the digitization record database

How do I start a certified digitization process?

To carry out the certified digitization of invoices in a company, it is necessary to have a software approved by the AEAT or by any of the foral estates of Alava, Guipuzcoa, Navarra or Vizcaya.

In order for the software to be able to carry out an electronic signature on each scanned invoice, it must be equipped with a qualified certificate. The current trend is to equip the software with a qualified legal entity certificate, in which case the resulting electronic signatures are called “qualified electronic seals” if they are managed in a device called “Qualified Seal Creation Device” (equipment that is also called HSM «Hardware Security Module»).

It is possible to carry out “certified digitization” or “guaranteed digitization” processes in the context of public administration, for which several of the Technical Interoperability Standards apply . In particular, that of authentic copy, that of digitization, that of signature policy and that of electronic document.

The ValidE portal provides some tools to validate electronic signatures and certificates. The EADTrust DSS tool also provides a lot of information about the certificates and signatures of electronic documents, whether or not they are the result of certified digitization.

Perhaps someone asked this question: is it necessary to start from the printed invoice document to be able to scan it in a certified digitization process or can an invoice received in pdf format be electronically signed?

The answer is given by ORDER EHA / 962/2007, of April 10, which develops certain provisions on telematic invoicing and electronic conservation of invoices in the different articles of which it consists.

Certified scanning can only be done from paper documents.

However, considering that the issuer and receiver can reach an agreement that the issuer of the invoice acts by sending “pre-invoices” in PDF format to the receiver and that the receiver converts them into electronic self-invoices by adding the electronic signature, the fundamental requirement of the electronic invoice, which is your electronic signature. The regulations allow invoices to be managed by the recipient (self-invoice) or a third party on behalf of the invoice issuer, who is usually the one who adds the electronic signatures or electronic stamps.

What to do if the device containing the electronic certificate is lost or stolen

In case of loss or theft of the device in which the private key associated with the electronic certificate is housed, it is necessary to request the revocation of the certificate by going to a Registration Authority of the Certification Authority that issued the certificate. Some certification authorities offer the possibility of remote revocation, using codes that were provided at the time the certificate was issued.

For example, EADTrust has a specific page and a form to request the revocation of the certificate .

Outsourcing of certified digitization processes

When a process is not focused on the core business of a company but can pose a significant administrative burden due to its volume, many entities resort to business process outsourcing (BPO).

A Certified Digitization service performed by third parties or a Remote Electronic Seal service managed by a qualified digital trust service provider can help in these cases.

Article 7 of Order EHA / 962/2007 indicates:

«This digitization process must meet the following requirements:

a) That the digitization process be carried out by the taxpayer himself or by a third party provider of digitization services , in the name and on his behalf, using in both cases software of certified digitization (…)
b) That the digitization process used guarantees the obtaining of a faithful and complete image of each digitized document and that this digital image is signed with an electronic signature in the terms of the previous articles of this Order based on an electronic certificate installed in the scanning system and invoked by the certified scanning software.This certificate must correspond to the taxpayer when the certified digitization is carried out by himself or to the digitization service provider in another case. «

Advantages of Certified Digitisation

These are some of the advantages of Certified Digitisation:

• Saving time in the search for documents, since, as they are documents in electronic format, searches can be generated by keywords.
• Increase the efficiency and productivity of employees by saving time in filing and searching invoicess, reducing errors.
• Frequently digitization allows incorporating the information of the invoices in the accounting or ERP system.
• By having digital documents managed by computer software and stored in a secure repository, decision-making is streamlined by being certain that all the information is available.
• Saves storage space by not having to guard paper documents and saves other costs related to archival material
• It facilitates the adoption of repetitive procedures with the environment and, indirectly, helps to pass a possible ISO 14.001 type audit

Give us a call

You can contact EADTrust by calling +34 917 160 555 if you need help to homologate a certified digitization software to be approved by Spanish Tax Agency or if you need electronic certificates to be used in Spain or Europe.

Trust Services Forum 2017

ENISA and the European Commission are organising a consultation workshop with industry and experts from Member States on ICT security certification.

• Time: April 27, 2017 from 09:30 to 17:00
• Place: Hotel Thon EU, Rue de la Loi 75, B-1040 Brussels, Belgium

The workshop is organised as a follow-up on the European Commission’s commitment to develop a proposal for a European ICT security certification framework.

Trust Services Forum 2017 – Agenda

09:45 – 10:15	Registration & Welcome Coffee
10:15 – 11:30	Welcome Statement State of play: eIDAS Regulation, CEF, ENISA activities	Gábor Bartha – European Commission João Rodrigues Frade – European Commission Sławomir Górniak – ENISA
11:30 – 11:45	Coffee Break
11:45 – 12:45	Panel Discussion 1 One year after eIDAS provisions entered into force Where do we stand?	Moderator: Prokopios Drogkaris, ENISA Panelists: John Jolliffe, Adobe Olivier Delos, SEALED Romain Santini, ANSSI Michał Tabor, Obserwatorium.biz
12:45 – 13:45	Lunch Break
13:45 – 14:00	Article 19 – State of play	Ilias Bakatsis, ENISA
14:00 – 15:00	Panel Discussion 2 Working on the eIDAS through guidelines and recommendations	Moderator: Sławomir Górniak, ENISA Panelists: Camille Gerbert – LSTI Björn Hesthamar – PTS SE Leslie Romeo – 1&1 Jérôme Bordier – ClubPSCo
15:00 – 15:30	Coffee Break
15:30 – 16:30	Panel Discussion 3 Strengthening the adoption of qualified certificates for website authentication	Moderator: Eugenia Nikolouzou – ENISA Panelists: Reinhard Posch – TU Graz Arno Fiedler – Nimbus Kim Nguyen – D-Trust Erik Van Zuuren – TrustCore
16:30 – 17:00	Next Steps – Open Discussion – Closing Remarks

 

Certified digitization of invoices

In Spain, Certified Digitization of Invoices is a computer process that allows to get digital  true copies of invoices with the same legal value as the paper based original, so the existing legislation allows to eliminate paper invoices from which the digitized invoices are obtained. The computer environment must include a Secure Data Base, which allows users and auditors to access and retrieve instantly any invoice for tax inspection or auditing purposes.

Electronic invoicing is regulated by the  Royal Decree 1619/2012 of 30 November 2012 approving the regulation of billing obligations with some provisiones defined in OrdinanceOrder EHA/962/2007 Order of 10 April 2007 implementing certain provisionsregarding electronic invoicing and storage of invoices contained in RoyalDecree 1496/2003 of 28 November 2003 approving the regulation  governing invoicing obligations.

Royal Decree 1496/2003 of 28 November was repealed by Royal Decree 1619/2012 of 30 November but the rules developed while it was of application, are still valid nowadays.

According to aforementioned RD 1619/2012 electronic invoices and digitized invoices ought to be electronically signed. “It will be valid a qualified electronic signature, as defined under Article 3.3 of Law 59/2003 of 19 December on electronic signature». A qualified signature is an advanced electronic signature based on a qualified certificate and generated by a secure signature creation device.

The Tax Agency Resolution of 24 October 2007, published in the Official State gazette (BOE) of 1 November 2007, on the procedure for approving the software for the certified digitisation of invoices set out in Article 7 of Order EHA/ 962/2007 of 10 April 2007, requires that for the digitisation software to be approved, an application must be presented to the Director of the Tax Information Department in any registry office, in which the applicant must provide a statement of compliance declaring that the software complies with the regulations, including several documents: (1) technical documentation describing the software, (2) the auditor’s report on the assessment of the software and (3) the quality management plan,plus a CD-ROM with information in digital format and a CD-ROM with a copy of the software, as per Article 8 of the aforementioned Resolution. If the documentation and software comply with regulations, a resolution will be issued with the approval, including the reference code that is to be included in every digitized invoice as metadata.

Once AEAT approves the Certified Digitization software, the electronic signed image that is obtained through digitization via such a software keeps the same validity as any paper invoice when it comes to tax purposes.

Certified digitization process involves the use of photo-electric techniques as those implemented in scanners or photo cameras, to convert the image on a paper document into a digital image encoded according to standard formats widely used and with a resolution level higher than 200 ppp acording to information published in the web page of the spanish tax Agency AEAT.

As a consequence, the destruction of large amounts of paper in the form of original documents could be authorized, leading to savings in document and file handling as well as a reduction of indirect tax related costs.

The legal and technical environment of electronic invoicing and certified digitizing (including electronic signature) in Spain is described in the book Electronic invoicing.

Although the book is from 2010, it is still valid in general terms (with minor details after new legislation have been published since 2010).

If you need advice or assessment regarding Software Approval Process, technical implementation details or legal procedures don´t hesitate to contact EAD Trust (European Agency of Digital Trust) that can help to comply with any requirements. You can do it by calling the phone number:+34 91 7160555

Certified Digitization

In Spain, Certified Digitization of Invoices is a computer process though which one can get digital  true copies of invoices with the same legal value as the paper based original, so the existing legislation allows to destroy paper invoices from which the digitised images have been captured. The computer environment must include a Secure Data Base, which allows users and auditors to access and retrieve instantly all invoices even for tax inspection or audit.

This process is only possible if the company that performs the digitisation uses a certified software approved by the spanish tax Agency and adheres to the provisions of the Quality Plan managed as a contract by the software supplier.

Software Publishers willing to certify their software should apply to the  Tax Office attaching technical information describing the software and an assessment report from a specialist auditor in accordance to the Ordinance EHA 962/2007 and Resolution of 24 October on the procedure for the approval of invoices digitization software.

If you need advice or guidelines regarding these legal procedures don´t hesitate to contact EAD Trust (European Agency of Digital Trust) that can guide your company to fulfill all certified digitization  requirements and to get Tax Agency approval.

Call now to:+34 91 7160555

 

Reached Member States’ endorsement of a final draft regulation on electronic identification and trust services for electronic transactions in the internal market

Vice-President Neelie Kroes and Commissioner Michel Barnier welcomed last friday (February, the 28th) Member States’ endorsement of a “Draft regulation on electronic identification and trust services for electronic transactions” in the internal market.

The Regulation will enable, for example, students to enrol at a foreign university online; citizens to fill on-line tax returns in another EU country; and businesses to participate electronically in public calls for tenders across the EU, to mention just a few of multiple new digital trust related services.

Neelie Kroes said: «The adoption of this Regulation on e-ID is a fundamental step towards the completion of the Digital Single Market. This agreement boost trust and convenience in cross-border and cross-sector electronic transactions. I would like to thank the European Parliament, especially ITRE’s rapporteur, Marita Ulvskog and IMCO’s rapporteur, Marielle Gallo, the shadow rapporteurs, as well as the Greek, Lithuanian, Irish and Cypriot Presidencies for all their work on this file.»

Last friday (February, the 28th), EU ambassadors endorsed the political agreement reached between representatives of the European Parliament, Commission and Council on Tuesday 25 February on the final elements of this significant single market proposal.

A predictable regulatory environment for eID and electronic trust services is key to promote innovation and stimulate competition. On the one hand, it will ensure that people and businesses can use and leverage across borders their national eIDs to access at least public services in other EU countries fully respecting privacy and data protection rules. On the other hand, it will remove the barriers to seamless electronic trust services across borders by ensuring that they enjoy the same legal value as in paper-based processes.

Michel Barnier, Commissioner for Internal Market and Services added:

«I welcome this agreement which is key to completing our work on the Single Market Act. It is an important step for the development of e-commerce, e-invoicing and e-procurement. The new rules will allow all actors in the single market – citizens, consumers, businesses and administrative authorities – to develop their «on-line» activities.»

Background regarding draft Regulation on electronic identification and trust services for electronic transactions

On 4 June 2012, the European Commission proposed a draft Regulation on electronic identification and trust services for electronic transactions in the internal market (see IP/12/558 and MEMO/12/403)

The Regulation is due to be formally endorsed by the European Parliament in the April 2014 plenary session and by the Council of Ministers in June. It will come into force on 1st July 2014 and will be directly applicable cross the EU from that date. The economic effect will be immediate, overcoming problems of fragmented national legal regimes and cutting red tape and unnecessary costs.

Foster the interoperability of eID usage and trust services. The existing EU legislation on eSignatures has been strengthened and extended to cover the full set of electronic identification and trust services and make it more fit for the digital single market. This will have a huge impact on the legal validity and interoperability of national and cross-border electronic transactions.

The so named eIDAS Regulation provides for principles, like:

• Transparency and accountability: well-defined minimal obligations for Trust Services Providers (TSPs) and liability;
• Trustworthiness of the services together with security requirements for TSPs
• Technological neutrality: avoiding requirements which could only be met by a specific technology;
• Market rules and building on standardisation

And defines digital trust related services such as:

• Electronic identification,
• Electronic signatures,
• Electronic seals,
• Time stamping,
• Electronic delivery service,
• Electronic documents admissibility,
• Website authentication

After eIDAS entering into force,  a EU Member State:

• May ‘notify’ the ‘national’ electronic identification scheme(s) used at home for access to its public services
• Must recognise ‘notified’ eIDs of other Member States for cross-border access to its online services when its national laws mandate e-identification
• Must provide a free online authentication facility for its ‘notified’ eID(s)
• Is liable for unambiguous identification of persons and for authentication;

Exploratory seminar on e-signatures for e-business transactions in the Southern Mediterranean region

Los días 22 y 23 de enero de 2014 se ha celebrado en el Palacio de Pedralbes de Barcelona el encuentro de especialistas  en firma electrónica de Europa y de los países del mediterráneo para analizar conjuntamente la posibiidad de crear modelos de confianza electrónica para permitir el despliegue de sistemas de certificación interoperables. Este encuentro, el segundo tras la reunión de Amán, fue auspiciado por el organismo europeo  Union for the Mediterranean (UfM) que tiene su sede en Barcelona y cedió sus instalaciones. Pude participar en el encuentro y pienso que fue un intercambio de pareceres muy enriquecedor.

In order to promote e-signature solutions for e-business development in the Euro Mediterranean region, the European Commission organised two seminars.

The first explanatory seminar took place in Amman, Jordan on November 11/12, 2013 and was co-hosted by the Telecommunications Regulatory Commission (TRC). The principle aim was to identify some of the common business needs for intra-regional and EU-Southern Mediterranean transactions, compare the existing legislation in place and discuss the common and local challenges of implementing an e-signature framework. The seminar was attended by around 100 government and private stakeholders from over 23 different European, Southern Mediterranean and Gulf countries, as well as from UNCITRAL (United Nations Commission on International Trade Law). It confirmed that the potential and the interest to cooperate is indeed great.

• Amman First Day agenda and presentations
• Amman Second Day agenda and presentations

The final explanatory seminar took place in Barcelona, Spain on January 22/23, 2014 and was co-hosted by the Union for the Mediterranean (UfM). The principle aim was to build on the findings of the previous seminar, include any additional information, and reach a set of concrete common conclusions and recommendations through the organisation of panels. The seminar was attended by around 60 government and private stakeholders from over 19 different European and Southern Mediterranean countries. The seminar reached 9 main conclusions.

• Barcelona First Day agenda and presentations
• Barcelona Second Day agenda and presentations
• Final explanatory Seminar Conclusions

eIDAS: The missing standard – Mandate 460

Under the Mandate 460 a lot of new electronic signature european standards are being published, in some cases changing the identification code of previous stablished standards.

One of the aspects I think is missing is the standard definition of form signing in browsers.

Or what I would call form signing in «High penetration World Wide Avalilable Applications» (which would include Adobe Acrobat or similar applications).

Something browsers developers could include in the basic browser functionality without the need oj java extensions (which are hard to maintain among java virtual machine versions, browser types and versions and underlying  operating systems).

It is curious thar old Netscape Navigator versions included that option, but later browser droped the funtionality, and finally was even abandoned in Netscape an Mozilla.

Having a standard way to sign forms that works in the same way in all browser without additional software would be a nice addition. And this could help foster the adoption of the eIDAS Regulation.

ETSI CAdES Plugtest 2013

ETSI Centre for Testing and Interoperability (CTI) is organizing a remote Plugtests Interoperability event on CMS Advanced Electronic Signature (CAdES) scheduled to run from 2-13 December 2013.

This event aims at conducting interoperability test cases on CAdES signatures (ETSI TS 101 733) V2.2.1 as well as the CAdES Baseline Profile TS 103 173 V2.2.1. It will take into account the introduction of the new Archive Time Stamp attribute V3.

This event will provide full test coverage of the specifications including testing signatures evolution simulating real life situations. It will be based on the future test specification ETSI TS 119 124 “CAdES Testing Conformance & Interoperability”.

This Plugtests event will enable participants to conduct 4 types of tests (Interoperability and Conformance):

• Generation and cross-verification (Positive) tests.
• Only-verification (Negative) tests.
• Upgrade and Arbitration tests.
• Conformance testing (including new archive time stamp attribute V3).

The purpose of this event is:

• To enable participants to assess the level of interoperability of CAdES.
• To identify additional issues that should be taken into account in future CAdES standardization activities.
• To improve the quality of CAdES specifications.
• To ease the introduction of CAdES signatures, by providing the means to solve interoperability problems before widespread deployment.

ETSI plays a key role in the development of electronic signature related standards, including XAdES (TS 101 903), CAdES (TS 101 733), PAdES (ETSI TS 102 778) and TSL (TS 102 231).

This plugtest will include a set of specific test cases which will be defined in the future test suite ETSI TS 119 124 “CAdES Testing Conformance & Interoperability”. It provides full test coverage of the CAdES specification (ETSI TS 101 733) and to the related Baseline profile (ETSI TS 103 173).

As this is a REMOTE event, there will be no need for the participants to travel to the ETSI premises and all signature exchanges and verifications will be performed via the dedicated portal http://xades-portal.etsi.org.

European Multi Stakeholder Forum on Electronic Invoicing

The Multi Stakeholder Forum on Electronic Invoicing has been set up by the European Commission and brings together key actors from the private and public sector of all Member States. It provides a unique platform to exchange experiences and best practices which can pave the way to the broad-scale adoption of e-invoicing at both national and EU level.

The Forum will monitor the uptake of e-invoicing in all Member States. It should also help the Commission in identifying further measures to facilitate the mass adoption of e-invoicing across borders.
First recommendations are expected to be presented and discussed in the first half of 2012.

1st meeting 13 September 2011 – Brussels (midday express)

• Agenda  [17 KB]
• List of participants  [12 KB]
• Rules of procedures  [21 KB]
• Minutes  [27 KB]

2nd meeting 6 March 2012 – Brussels

• Agenda  [11 KB]
• List of participants  [9 KB]
• Minutes  [131 KB]

Background:

The establishment of the “European Multi-Stakeholder Forum” has been announced in the Communication Reaping the benefits of electronic invoicing for Europe (see IP/10/1645).

The Forum consists of 63 members representing public administrations, standardisation bodies and the user and provider side of the market.

El Foro Nacional Multilateral sobre facturación electrónica de España se creó por decisión del Consejo de Ministros de 19 de agosto de 2011. La norma, se publicó en el BOE, de 18 de octubre de 2011, como Orden PRE/2794/2011, de 5 de octubre, por la que se publica el Acuerdo del Consejo de Ministros, de 19 de agosto de 2011