Experts’ meeting regarding the procedure of trust service conformity assessment with the requirements of eIDAS Regulation, determined for the qualified trust service

At the Institute for Business Education (GZS), the EIDES Association held its first meeting on the topic of conformity assessment of trust services with the requirements of eIDAS Regulation, established for the qualified trust service, which will be executed by the body responsible for determining the previously mentioned conformity. The meeting was attended by 15 participants, among whom were representatives of companies which responded to a “Public call for cooperation in pilot accreditation procedures of conformity assessment bodies (OUS) according to Regulation (EU) 910/2014” issued by Slovenian Accreditation, namely for acquiring the status of OUS as well as the status of qualified supplier in accordance with the requirements of eIDAS Regulation. Representatives of the Ministry of Public Administration, which is competent for supervision and implementation of eIDAS Regulation, and some other interested members of the association also attended the meeting.

The debate, which involved all attendees, was focused on questions of normative and standardisation bases for content identification requirements and, consequently, on the scope and complexity of preparatory work for the conformity assessment procedure of trust services with the requirements for the qualified trust service, which will need to be executed by the concerned provider of a certain service.

Representatives of companies which registered for the accreditation procedure for obtaining the status of OUS (SIQ and Bureau Veritas), representatives of registration authorities which registered for the procedure of obtaining the status of qualified provider pursuant to the eIDAS Regulation (CA NLB, PoštarCA, GOV.CA MJU in CA MORS), and the competent inspector highlighted some dilemmas in connection to the incompleteness of eIDAS Regulation requirements and/or ETSI standards which should be followed in carrying out the pilot procedures.

The view taken by the majority of participants in the debate was that due to the relatively short period of time available, if we wish Slovenia to accredit OUS by 1 July 2017, the certificates of which, awarded to trust service providers, will be internationally accepted and valid, it is necessary to follow the requirements of eIDAS Regulation in pilot procedures as well as relevant ETSI standards in interpreting the way of fulfilling individual requirements of eIDAS Regulation, when and where advisable.