ImageVerifierCode 换一换
格式:PDF , 页数:107 ,大小:640.18KB ,
资源ID:736034      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-736034.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI TR 102 605-2007 Electronic Signatures and Infrastructures (ESI) Registered E-Mail (V1 1 1)《电子签名和基础结构(ESI) 注册电子邮件(版本1 1 1)》.pdf)为本站会员(arrownail386)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI TR 102 605-2007 Electronic Signatures and Infrastructures (ESI) Registered E-Mail (V1 1 1)《电子签名和基础结构(ESI) 注册电子邮件(版本1 1 1)》.pdf

1、 ETSI TR 102 605 V1.1.1 (2007-09)Technical Report Electronic Signatures and Infrastructures (ESI);Registered E-MailETSI ETSI TR 102 605 V1.1.1 (2007-09) 2 Reference DTR/ESI-000051 Keywords e-commerce, electronic signature, security, e-mail, trust services ETSI 650 Route des Lucioles F-06921 Sophia A

2、ntipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The pr

3、esent document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printe

4、rs of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/

5、status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restri

6、ction extend to reproduction in all media. European Telecommunications Standards Institute 2007. All rights reserved. DECTTM, PLUGTESTSTM and UMTSTM are Trade Marks of ETSI registered for the benefit of its Members. TIPHONTMand the TIPHON logo are Trade Marks currently being registered by ETSI for t

7、he benefit of its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TR 102 605 V1.1.1 (2007-09) 3 Contents Intellectual Property Rights7 Foreword.7 Introduction 7 Executive Summary7 1 Scope 9 2 References 10 2.1 Infor

8、mative references10 3 Definitions and abbreviations.11 3.1 Definitions11 3.2 Abbreviations .11 4 Questionnaire .12 5 Market 13 5.1 Specific Conclusions on Market.17 6 Regulations and legal validity 17 6.1 Survey overview.18 6.2 National situation .20 6.2.1 Specific legislation on REM evidential serv

9、ices.20 6.2.1.1 Posta Elettronica Certificata (PEC) (Italy)20 6.2.1.2 Belgium.21 6.2.1.3 France21 6.2.2 REM services provided by public administrations with public notarization functions.22 6.2.2.1 Secure Telematic Notifications Service (Spain)22 6.2.2.2 ChamberSign Sverige AB (Sweden).22 6.2.2.3 Hy

10、brid REM systems (send electronically - receive on paper) .22 6.2.3 General electronic signature and contractual legislation.22 6.3 Specific conclusions on regulation and legal validity 23 7 Services 24 7.1 Evidence.24 7.2 Other security related services25 7.3 Other Services 26 7.4 External 27 7.5 S

11、pecific conclusions services .28 8 REM system overviews29 8.1 Introduction 29 8.2 Initial architecture.30 8.3 Generic Model and Specific Adaptations.30 8.3.1 REM relevant entities .31 8.3.2 AFNOR REM service.34 8.3.3 Italian REM service (a.k.a. “CNIPA“ model) .34 8.3.4 UPU ECPM model .35 8.3.5 Criti

12、cal Path model .36 9 Services within REM37 9.1 Availability of evidence .38 9.1.1 Flow of evidence between parties.38 9.1.2 Carrying evidence.39 9.1.3 On-line querying services without signed evidences 39 9.1.4 Specific conclusions on the availability of evidence 40 9.2 Message identification40 9.2.

13、1 Allocation of message identifier .40 9.2.2 Message Identification in Notifications 41 ETSI ETSI TR 102 605 V1.1.1 (2007-09) 4 9.2.3 Specific conclusions on message identification41 9.3 E-mail clients42 9.3.1 Specific conclusions on e-mail clients42 9.4 Interface to external services 43 9.4.1 Speci

14、fic conclusions on external interfaces 43 9.5 Use of independent service providers.43 9.5.1 Specific conclusions on use of independent services43 10 Security features.44 10.1 Authentication of parties 44 10.1.1 Specific conclusions on authentication of parties .44 10.2 Authentication of evidence.45

15、10.2.1 Specific conclusions on authentication of evidence46 10.3 Signature formats .46 10.3.1 Specific conclusions on signature formats46 10.4 Time-stamping and time-marking 46 10.4.1 Specific conclusions on time-stamping and time-marking .47 10.5 Security protocols.47 10.5.1 Specific conclusions on

16、 security protocols .47 10.6 Supporting services 48 10.6.1 Specific conclusions on supporting services.48 11 Policies and practices .49 11.1 Registration 49 11.1.1 Specific conclusions on registration .49 11.2 Security management .50 11.2.1 Specific conclusions on security management50 11.3 Security

17、 of signing device 50 11.3.1 Conclusions on clause 11.3.50 11.3.1.1 Security of signing device.50 12 Related standards activities 51 12.1 AFNOR Z 74-600.51 12.2 UPU Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat.

18、 Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the up

19、dates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). Introduction The present document is the result of a study into exi

20、sting and prospective Registered E-Mail systems in Europe with the aim of identifying requirements leading to standardization in this area. Business and administrative relationships among companies, public administrations and private citizens, are now more and more implemented electronically. Trust

21、is becoming essential for their success and continued development of electronic services. It is therefore important that any entity using electronic services have suitable security controls and mechanisms in place to protect their transactions and to ensure trust and confidence with their partners.

22、In this respect the electronic signature is an important security component that can be used to protect information and provide trust in electronic business. Electronic mail is another major tool for electronic business and administration. It has been recognized that additional security services are

23、 necessary for e-mail to be trusted. In some European Union Member States (Italy, Belgium, etc.) regulation(s) and application(s) are already in place on mails transmitted by electronic means providing origin authentication and proof of delivery. Such security services may be used to provide trusted

24、 evidence of submission and delivery of electronic mail equivalent to the existing physical registered postal service. Several approaches are possible in order to realize the goal of trusted Registered E-Mail services. This may be enhanced, for example, by other facilities such as sender origin auth

25、entication. Also, existing services such as the Electronic Postal Certification Mark (formerly referred to as Digital Post Mark CEN and Electronic Post Mark by Universal Postal Union) provides further electronic evidence about the handling of messages. In order to move towards the general recognitio

26、n and readability of evidence provided by registered e-mail services, it is necessary to specify technical formats, as well as procedures and practices for handling registered e-mail, and the ways the electronic signatures are applied to it. Executive Summary A range of differing services for what i

27、s being referred to as Registered E-Mail (REM) are being established in Europe. Registered e-mail is an enhanced form of e-mail which provides evidence relating to the handling of an e-mail including proof of submission and delivery. The present document summarizes the results of a survey among orga

28、nizations with interests in REM services for Europe with the aim of identifying requirements for standardization in this area. The survey described in the present document identified significant deployment of REM with services existing or planned in at least 10 European nations with an existing user

29、 community of over 500 000 and potential community of 100 million. The body of the present document also provides information on the basis for these services including the most prevalent forms of evidential services supported in Registered E-Mail services and products, the legal basis for REM. In ad

30、dition the report identifies how these services are provided and the technical basis for the security features. ETSI ETSI TR 102 605 V1.1.1 (2007-09) 8 The report also surveys the procedural and policy basis for the provision of REM services. Finally, existing standardization activities of relevance

31、 to REM including the Universal Postal Unions Electronic Postal Certification Mark (formerly called Digital or Electronic Post Mark) Standard which, whilst it does not define standards for full REM services, has relevance for certain aspects of REM. The report identifies that there were a range of s

32、olution architectures on which existing REM services are based. The basis of a generic architecture is proposed to which solution architectures may be related and which may be used as the basis for future standardization. The report proposes that further standardization is required for the provision

33、 of signed evidence for Registered E-Mail, in particular: Architecture for the provision of signed evidence in support of Registered E-Mail. Data requirements and formats for signed evidence in support of Registered E-Mail. Policy requirements for trust service providers supporting Registered E-Mail

34、. ETSI ETSI TR 102 605 V1.1.1 (2007-09) 9 1 Scope The present document summarizes the results of a survey among organizations with interests in Registered E-Mail services for Europe including state authorities, standardization bodies, e-mail product and service providers, local experts. The survey i

35、ncluded information on Registered E-Mail services outside Europe to place the work within a global context. The survey investigated current and prospective Registered E-Mail implementations with the aim of identifying requirements for standardization in this area. Registered e-mail is an enhanced fo

36、rm of e-mail which provides evidence relating to the handling of an e-mail including proof of submission and delivery. Based on this survey and on the results of further work within ETSI, a number of Technical Specifications (TSs) are to be produced for Registered E-Mail. The present document gives

37、specific recommendations as to the scope of these specifications based on the results of this survey. The results given below include tables giving general data relating to particular questions in the survey. These are given for the overall totals for particular questions as well as, in some tables,

38、 sums for the following sub-categories: Existing Products for registered e-mail. Existing Services for registered e-mail. Regulatory requirements for registered email including implemented standards. Other categories of respondent including potential future product products and services, potential u

39、sers of registered of e-mail, standards to be implemented. In addition, annex A gives an overview of the main approaches in regulations, products and services. ETSI ETSI TR 102 605 V1.1.1 (2007-09) 102 References References are either specific (identified by date of publication and/or edition number

40、 or version number) or non-specific. For a specific reference, subsequent revisions do not apply. Non-specific reference may be made only to a complete document or a part thereof and only in the following cases: - if it is accepted that it will be possible to use all future changes of the referenced

41、 document for the purposes of the referring document; - for informative references. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. For online referenced documents, information sufficient to identify and lo

42、cate the source shall be provided. Preferably, the primary source of the referenced document should be cited, in order to ensure traceability. Furthermore, the reference should, as far as possible, remain valid for the expected life of the document. The reference shall include the method of access t

43、o the referenced document and the full network address, with the same punctuation and use of upper case and lower case letters. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. 2.1 Informative references 1 Univer

44、sal Postal Union S43-3: “Secured Electronic Postal Services Interface Specification“. NOTE: To be published. Formerly entitled Electronic Post Mark Interface Specification. 2 CEN TS 15130: “Postal Services - DPM infrastructure - Messaging supporting DPM applications“. 3 OASIS Committee Specification

45、 Electronic PostMark (EPM): “Profile of the OASIS Digital Signature Service Version 1.0, Ed Shallow, 13 February 2007“. 4 ISO/IEC 13888 (Parts 1 to 3): “Information Technology Security Techniques Non repudiation“. 5 ISO/IEC 27001 “Information technology Security techniques Information security manag

46、ement systems - Requirements“. 6 Directive 97/67/EC of the European Parliament and of the Council of 15 December 1997 on common rules for the development of the internal market of Community postal services and the improvement of quality of service. 7 IETF RFC 3852: “Cryptographic Message Syntax (CMS

47、)“. 8 ETSI TS 101 733: “Electronic Signatures and Infrastructures (ESI); CMS Advanced Electronic Signatures (CAdES)“. 9 ETSI TS 101 903: “XML Advanced Electronic Signatures (XAdES)“. 10 W3C/IETF Recommendation: “XML-Signature Syntax and Processing“. 11 W3C Recommendation (version 1.2 parts 0 to 2):

48、“Simple Object Access Protocol (SOAP) , 24 June 2003“. 12 IETF RFC 4510: “Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map“. 13 ITU-R Recommendation TF.460-4: “Standard frequency and time-signal emissions“. ETSI ETSI TR 102 605 V1.1.1 (2007-09) 1114 ETSI TS 101 861: “Ti

49、me stamping profile“. 15 ETSI TS 102 231: “Electronic Signatures and Infrastructures (ESI); Provision of harmonized Trust-service status information“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: Registered E-Mail (REM): enhanced form of mail transmitted by electronic means (e-mail) which provides evidence relating to the handling of an e-mail including proof of submission and delivery 3.2 Abbreviations For the purposes of the present docu

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1