Supervision of trust service providers established in the
state who issue qualified certificates to the public.
The Minister is required under section 29(3) of the E-Commerce Act 2000 to
prescribe a scheme of supervision of certification service providers (CSPs)
established in the state who issue qualified certificates to the public.
Regulations (S.I.
No.233 of 2010 Electronic Commerce (Certification Service Providers Supervision
Scheme) Regulations 2010) were made by the Minister on 31st May
2010. Under the eIDAS Regulation of 2014 (EU 910/2014), the term trust servcie providers is used in place of certification service providers.
These regulations require that TSP's/CSP’s who issue qualified
certificates to the public notify the Minister when they commence providing
certain E-Commerce sector services and require that they provide evidence
annually thereafter that the qualified certificates which they issue to the
public meet the requirements of Annex I of the schedule of the E-Commerce Act
2000 and that the Certification Service Provider itself meets the requirements
of Annex II of the eIDAS Regulation/Annex II of the E-Commerce Act 2000.
The definitions in Artlcle 3 of the eIDAS Regulation apply.
The definitions in the E-Commerce Act, 2000 apply;
“certificate” means an electronic attestation which links signature
verification data to a person or public body, and confirms the identity of the
person or public body
“certification service provider” means a person or public body who issues
certificates or provides other services related to electronic signatures
“electronic signature” means data in electronic form attached to,
incorporated in or logically associated with other electronic data and which
serves as a method of authenticating the purported originator, and includes an
advanced electronic signature
“qualified certificate” means a certificate which meets the requirements set
out in Annex I and is provided by a certification service provider who fulfils
the requirements set out in Annex II
Currently, the Irish National
Accreditation Board (www.inab.ie) oversee certification bodies who certify
that clients meet the requirements in Annex II of the E-Commerce Act 2000.
The Department lists those Trust Service Providers issuing qualified
certificates who have provided to the Supervisory Body a conformance assessment report and have subsequently been granted qualified status.
All trust service providers established in the State who issue
qualified certificates to the public are reminded that they should notify the
Minister and provide evidence of fulfilling the requirements of in accordance with the Regulation and law in order to remain on the
list.
Adobe Systems Software Ireland limited have been granted qualified status in relation to a Timestamp Service.
Post.Trust are no longer offering services since July 2015
TrustPro QTSP Ltd have been granted qualified status in relation to e-Signature and s-Seal.
The intention of the eIDAS Regulation is to provide certainty and legal standing to trust services which can be recognised across the European Union. There is no obligation to used TSPs listed in the Irish trusted list. The European Commission Trusted List Browser gives details of trusted lists for other EU member states