Qualified certificates for website authentication
Open for public feedbackArt.45(2) sets out reference standards for qualified certificates for website authentication. This is to ensure that there is trust and transparency in online transactions.
THE REGULATION On this page you can find details about the Regulation that gives legal basis to EU Digital Identity Wallets as well as an overview of the current status of all related implementing Regulation.
The European Digital Identity Regulation (Regulation (EU) 2024/1183), which entered into force on 20 May 2024, amends the original eIDAS Regulation
(Regulation (EU) No 910/2014). It is the legal basis for the European Digital Identity Framework, the infrastructure, standards, and specifications that enable secure and privacy-preserving digital identification across the EU.
The new Regulation amends various Articles of the original eIDAS Regulation, including important provisions on the management of digital identities, namely the use of digital wallets. It states that everyone in the EU has the "right to a digital identity that is under their sole control and that enables them to exercise their rights in
the digital environment and to participate in the digital economy."
The European Digital Identity Regulation sets the basic legal framework with high-level requirements, but the technical details of how to implement that law need to be specified. Implementing acts fill in these details: Implementing acts are always made open to public consultation, with feedback taken into consideration. Want to learn what they are and how they are adopted? The following implementing acts are currently open for public consultation. This is your chance to guide and shape the future of the European Digital Identity Framework, and ensure that EU Digital Identity Wallets meet the needs of everyone in Europe.
Art.45(2)
sets out reference standards for qualified certificates for website authentication. This is to ensure that there is trust and transparency in online transactions.
Art.45j(2)
sets out reference standards and specifications for the qualified electronic archiving of electronic data and electronic documents. These include rules on issuing reports to a...
sets out reference standards and specifications for the qualified electronic archiving of electronic data and electronic documents. These include rules on issuing reports to authorised relying parties.
Read more
Art.27/37(5)
provides reference formats of electronic signatures and electronic seals, and reference methods where alternative formats are used. Member States must recognise these...
provides reference formats of electronic signatures and electronic seals, and reference methods where alternative formats are used. Member States must recognise these formats and methods in order to process electronically signed or sealed documents or data.
Read more
Art.24(5)
provides a list of reference standards, specifications and procedures as regards requirements for qualified trust service providers.
Follow those steps and don't miss out on making your voice heard! Explore all the European Digital Identity Regulation implementing acts. Find a brief description, updates on its current status, and links to each act.
Art.45j(2) sets out reference standards and specifications for the qualified electronic archiving of electronic data and electronic documents. These include rules on issuing reports to authorised relying parties.
Art.24(5) provides a list of reference standards, specifications and procedures as regards requirements for qualified trust service providers.
Art.27/37(5) provides reference formats of electronic signatures and electronic seals, and reference methods where alternative formats are used. Member States must recognise these formats and methods in order to process electronically signed or sealed documents or data.
Art.5a(23) provides the necessary provisions to ensure that Member States set-up of European Digital Identity Wallets that are interoperable and successfully enable their adoption.
Art.5c(6) established the requirements for certification of the conformity of European Digital Identity Wallets, detailing requirements for national certification schemes.
Art.11a(3) sets out necessary provisions for Member States to ensure correct identity matching in cross-border authentications.
Art.46a/b(7) sets out the formats and procedures for the annual reports of the designated supervisory bodies responsible for the supervision of the European Digital Identity Wallets and of the designated supervisory bodies responsible for the supervision of trust services.
Art.29a(2)/39(a) establishes the reference standards for the management of remote qualified electronic signature creation devices and qualified electronic seal creation devices as qualified trust services.
Art 28(6), 38(6) sets out the reference standards and requirements relating to qualified certificates for electronic signatures and qualified certificates for electronic seals.
Art.22(5) ensures the validation of the qualified status of the trust service provider and of the trust service they provide, this amending decision lays down technical specifications and formats relating to trusted lists. This includes a reference to a new version of the standard referenced in Commission
Implementing Decision (EU) 2015/1505 as well as the specifications on the format of signatures or seals to be used by Member States to sign or seal their national trusted lists.
Art.32(3), 40/32a(3), 40a sets out a list of reference standards and, where necessary, establishes specifications and procedures for the validation of:
Art.44(2) sets out a list of reference standards and, where necessary, establishes specifications and procedures for processes for sending and receiving data in the context of qualified electronic registered delivery services.
Art.5a(23) covers the proper implementation of protocols and interfaces, which are crucial for the effective operation of European Digital Identity Wallets. Common protocols and interfaces enable data sharing between wallet units and relying parties.
Art.5a(23) ensures the smooth lifecycle management of both personal identification data and electronic attestations of attributes, covering issuance, verification, revocation and suspension.
Art.5e(5) defines how security breaches must be handled, and when and how breached wallets should be suspended.
Art.31(3)/39(3) sets out the formats and procedures for the notification by Member States on certified qualified electronic signature/seal creation devices to the Commission, and on the cancellation of their certification, as applicable. Read less
Art.24(1c) establishes the required specifications and methods, including relevant standards for qualified trust service providers to verify the identity and attributes of natural or legal persons when issuing attestations.
Art.12(6), 46e(7) sets out the provisions on the procedural arrangements for the peer reviews of electronic identification schemes to be notified by Member States to the Commission.
Art.20(4) sets out rules to support the harmonised accreditation of conformity assessment bodies responsible for assessing the compliance of qualified trust service providers and the qualified trust services they provide with the applicable requirements. These include rules on the conformity assessment report,
and on the conformity assessment.
Art.33(2)/40 sets out reference standards and, where necessary, establishes specifications and procedures for qualified validation services for qualified electronic signatures and for qualified electronic seals
Art.5a(23) establishes an electronic notification system for Member States that is run by the Commission.
Art.5d(7) sets out rules for Member States to submit information on certified wallet solutions for the machine-readable list of certified wallets to be published and maintained by the European Union.
Art.5b(11) sets out rules for the registration of wallet relying parties via national registers.
Art.21(4) establishes the formats and procedures for notifying supervisory bodies of trust service providers intention to offer qualified trust services.
Art. 45d(5), 45e(2), 45f(6), 45f(7) provides the specifications needed to issue Qualified Electronic Attestations of Attributes (QEAA) and Electronic Attestations of Attributes (EAA), including how to achieve interoperability and details on revocation mechanisms.
Art.34(2)/40 sets out a list of reference standards and, where necessary, establishes specifications and procedures for the qualified preservation service for qualified electronic signatures and for qualified electronic seals. Read less
Art.19a(2) lays down requirements for non-qualified trust service providers. The requirements relate to the management of legal, business, operational and other direct or indirect risks to the provision of non-qualified trust services. Read less
Art.42(2) sets out reference standards and, where necessary, establishes specifications and procedures for the binding of date and time to data and for establishing the accuracy of time sources with regards to qualified electronic time stamps.
The European DigitalIdentity Regulation
The European Digital Identity Regulation and Framework
The European Digital Identity Regulation and Framework amends the original eIDAS Regulation
What are implementingacts?
Implementing acts ready for your feedback
Qualified certificates for website authentication
Open for public feedback
Qualified electronic archiving services
Open for public feedback
Formats of advanced electronic signatures and seals
Open for public feedback
Qualified trust service providers
Open for public feedback
Participating in the publicconsultation is simple:
Overview of all the EUDI Wallets Implementing Acts
Overview of all the EUDI Wallets Implementing Acts
Documents
Filter implementing acts:
Qualified electronic archiving services
Open for public feedback
Qualified trust service providers
Open for public feedback
Formats of advanced electronic signatures and seals
Open for public feedback
Integrity and core functionalities
Adopted
Certification
Adopted
Cross-border identity matching
Adopted
Annual reports by supervisory bodies
Public feedback closed
Remote qualified creation devices
Public feedback closed
Qualified certificates
Public feedback closed
Trusted lists
Public feedback closed
Reference standards & Validation procedures
Public feedback closed
Qualified electronic registered delivery services
Public feedback closed
Protocols and interfaces to be supported
Adopted
Personal identification data and electronic attestations of attributes
Adopted
Security breaches
Adopted
Certified creation devices
Public feedback closed
Identity and recipients of qualified certificates
Public feedback closed
Peer review of electronic identification schemes
Public feedback closed
Accreditation of conformity assessment bodies
Public feedback closed
Recognition of qualified validation services
Public feedback closed
Trust framework
Adopted
List of certified wallets
Adopted
Registration of relying parties
Adopted
Qualified trust service applications
Public feedback closed
Verification of electronic attestation of attributes
Public feedback closed
Qualified preservation services
Public feedback closed
Risk management procedures for non-qualified trust services providers
Public feedback closed
Qualified electronic time stamps
Public feedback closed
