Back

CWA 14170:2004

Security requirements for signature creation applications

General information
Withdrawn from 18.06.2018
Base Documents
CWA 14170:2004
Directives or regulations
None

Standard history

Status
Date
Type
Name
02.03.2016
Main
This document specifies security requirements and recommendations for Signature Creation Applications that generate advanced electronic signatures by means of a hardware signature-creation device. It is not required that they are based on a qualified certificate.
The signature-creation device (SCDev) addressed by this document must be implemented in a separate piece of physical hardware, with its own processing capabilities for PIN code verification and for performing cryptographic functions. Unless otherwise specified, this SCDev needs not be a secure-signature-creation device (SSCD), i.e. an SCDev that has been assessed as compliant with the requirements set in the Annex III of the EU Directive [Dir. 1999/93/EC].
Therefore advanced electronic signatures which are created by a signature creation application compliant with the requirements of this document fall under the provisions of Art 5.2 of the EU Directive [Dir. 1999/93/EC].
If, instead, an advanced electronic signature, that is produced with a Signature Creation Application conformant with the security requirements and recommendations specified in this document, is also based on a qualified certificate and is created by a secure-signature-creation device, that electronic signature is a Qualified Electronic Signature that complies with the provision of Art. 5.1 of the EU Directive [Dir. 1999/93/EC].
*
*
*
PDF
28.06 € incl tax
Paper
28.06 € incl tax
Browse standard from 2.44 € incl tax
Standard monitoring