What is timestamping?4 December 2019
Types of Qualified Certificates4 December 2019
The European legal system defines the electronic signature as “electronic data attached to other electronic data or logically associated with them that the signer uses to sign”.
According to the European legal system, there is no other possible interpretation than the fact that in the preparation of an electronic signature an electronic signature creation device must be used; it has been defined as a “software or hardware used to create electronic signatures” through electronic signature creation data.
The current Spanish Electronic Signature Law states:
- “The subjects that make the use of the electronic signature possible are the so-called certification service providers. For this purpose they issue electronic certificates,… ”
Art. 3.1: The electronic signature is the set of data in electronic form, entered together with others or associated with them, that can be used as a means of identification of the signer. ”
- Electronic signature (basic)
- Advanced electronic signature (AdES): The one made with a qualified electronic signature certificate and meets the security requirements referred in Article 26 of the eIDAS Regulation. The advanced electronic signature guarantees by itself, according to article 26 of the eIDAS Regulation:
- Qualified electronic signature (QES): An advanced electronic signature that provides an additional level of guarantee on the identity of the signer and improved protection and a level of security on the creation of the signature. This is because it is created by a qualified electronic signature creation device (QSCD). A qualified electronic signature has the equivalent legal effect of a handwritten signature and is recognized as a qualified electronic signature in all member states of the European Union.
A. be linked to the signer only;
B. allow the signer's identification;
C. have been created using electronic signature creation data that the signer can use, with a high level of trust, under his exclusive control, and
D. be linked to the data signed by it in such a way that any subsequent modification thereof is detectable.
- The qualified electronic certificate guarantees the identification of the signer with a very high level of security, thanks to the controls of the qualified provider on the one hand, but also thanks to the requirements on the content of the electronic certificate imposed by the eIDAS Regulation.
- Data Integrity: The use of public key cryptography of the electronic signature guarantees the integrity of the data. This means that any change in the data or signed document will be detected.
- Non-repudiation: The use of public key cryptography of the electronic signature provides the property of non-repudiation, this means that the signer cannot deny having signed.
- Legal equivalence to the handwritten signature (only referred to Qualified signature): It has full legal recognition thanks to the eIDAS Regulation that legally equals it with the handwritten signature.