[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [dss-x] RE: Some more thoughts concerning the legal aspects
Hi Pim, > In countries that do support server-based signing with qualified > signatures, > what are the (minimum) requirements for user authentication? I'm not quite sure what you mean with user authentication. The authentication of the certificate holder ? That's ensured by possession and knowledge of the smart card and its related PIN. If you're thinking of authentication within the document delivery process I don't know that there are special 'legal' regulations. These problems are somehow circumvented by the demand for a revision period where the certificate holder must have a time slot to look at the documents requested for signing and reject signing request. This time slot must be at least several hours. Now you can see why there is a Async profile ;-) But this is the German way to do it. But other countries have other views. E. g. we didn't succeed to get a british QC, CAs say 'No need for QC, advanced certs are good enough ...' Greetings Andreas ___________________________________________________ Andreas Kühne phone: +49 177 293 24 97 mailto: kuehne@trustable.de Trustable Ltd. Niederlassung Deutschland Ströverstr. 18 - 59427 Unna Amtsgericht Hamm HRB 5868 Directors Andreas Kühne Heiko Veit Company UK Company No: 5218868 Registered in England and Wales
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]