The qualified trusted certification service for qualified certificates for electronic seals
WEBSITE UNDER CONTRUCTION
The qualified trusted certification service for qualified certificates for electronic seals is provided by NASES in two ways:
- The private key is in remote administration in the HSM module on the Central Government Portal and the qualified electronic seal will be used to automatically authorise their own electronic official documents (decisions). In this case, we recommend applying the procedure referred to in methodological guidance No 3/2015 of the National Agency for Network and Electronic Services to the procedure for the issue and initialisation of a qualified certificate for a qualified electronic seal on the Central Government Portal.
- The data for the execution of the qualified electronic seal and the qualified certificate for the electronic seal shall be stored in the qualified electronic seal (QSCD) establishment and this device shall be held by a public authority as the originator of a qualified electronic seal. The list of QSCD can be found on the website of the National Security Authority.
The provision of qualified trust services for the execution and verification of qualified certificates for electronic seal in both ways is free of charge. In the second way, the public authority has to procure some of the supported QSCDs in its own direction. The technical conditions of National Agency for Network and Electronic Services currently allow that the Slovak National Certification Authority National Agency for Network and Electronic Services can provide support for the following QSCD:
- Chip card Gemalto IDPrime 940, format FULLSIZE, software Gemalto SAC, with required technical parameters:
Product name: IDPrime 940
Applet Version: IDPrime Java Applet 4.4.2.A
Common Criteria (CC): CC EAL5+ / PP QSCD
Certified facilities – QSCD according to Regulation (EU) no. 910/2014
Name of the QSCD in the list issued by the European Commission:“Carte IAS Classic en version 4.4.2 avec serveur MOC 1.1 sur plateforme Multiapp v4.0.1″
URL certification: https://www.ssi.gouv.fr/uploads/20190211_568.pdf
Validity of QSCD certification: do 11.06.2028
WARNING – when buying QSCD equipment Gemalto IDPrime 940 it is necessary to verify at the seller if the equipment meets higher stated parameters. Required technical parameters meet actual technical conditions of the certification authority National Agency for Network and Electronic Services, which are succefull saving of qualified certificate for supported QSCS equipment.
These products can be used for the safe generation and storage of private and public keys (key pairs), qualified certificates to produce qualified electronic signatures or to produce a qualified electronic seal.
- Chip card Siemens (ATOS) version CardOSv4.4
Please note that qualified certificates issued by the Slovak National Certification Authority on chip cards Siemens (ATOS) version CardOSv4.4 will be canceled on the 16th of December 2021.
According to Article 19 (1) and (2) of Regulation (EU) No 910/2014 and on the basis of guidance received from the National Security Authority, as a body overseeing qualified trust service providers, the operator of qualified trust services is obliged to notify any changes when providing their qualified trust services to all customers and reliant parties. In the sense of the above the Slovak National Certification Authority informs about the fact that the chip cards Siemens (ATOS) version CardOSv4.4 certification expires on the 15th of December 2021.
According to Act no. 272/2016 Coll. on Trust Services Providers are obliged to secure that the issued qualified certificate will contain accurate, true and complete data. All subjects and owners of chip cards Siemens (ATOS) version CardOSv4.4 with valid qualified mandate certificate for electronic signature, or qualified certificate for electronic seal, which validity is later than the date 15th of December 2021, will have canceled these certificates. NASES has been providing information on the approaching expiration of the certificates of the mentioned chip cards of clients applying for the issuance of new certificates since January 2021.
Subjects and owners of these types of chip cards are recommended to ensure that qualified certificates are issued in advance by standard procedure applicable to the issue of the certificate on another device for making qualified electronic signatures or seals.
PROCEDURE FOR APPLYING AND PROVIDING A QUALIFIED TRUST SERVICE FOR THE EXECUTION AND VERIFICATION OF QUALIFIED CERTIFICATES FOR ELECTRONIC SEAL
1. Completion of the application for the provision of qualified trust services
- The public authority shall fill in the mandatory fields specified in II. part of the application,
- Public authority shall indicate in III. part of the application the second possibility of requesting the execution of a qualified trust service for the execution and verification of qualified certificates for the electronic seal and at the same time indicate one of the ways, how it requires the service to be provided:
If the private key is in remote message in the HSM module on the Central Government Portal and the qualified electronic seal will be used for automatic authorization of own electronic official documents (decisions), the public authority then applies the procedure stated in methodological guidance No 3/2015 of the National Agency for Network and Electronic Services to the procedure for the issue and initialisation of a qualified certificate for a qualified electronic seal on the Central Public Administration Portal.
If the data for the execution of a qualified electronic seal and a qualified certificate for the electronic seal are stored in a qualified electronic seal design device, we would like to warn you, that public authority has to procure some of the supported QSCD device in its own direction.
ANNEX TO APPLICATION No.1 => the public authority must fill in the annex to the application and the annex to the application must indicate the entities for which it requests the provision of qualified trust services for the issuance and verification of qualified electronic seal certificates.
2. Completion of the request for cancellation of the provided qualified trust services
- The public authority shall fill in the mandatory fields specified in II. parts of the application,
- Public authority in III. parts of the application shall indicate the 2nd possibility that it requests the cancellation of the provided qualified trusted service of issuing and verifying qualified certificates for the electronic seal and at the same time fills in Annex no. 1, listing all mandatory fields.
3. The application can be submitted or delivered as follows:
- Paper application to address Národná agentúra pre sieťové a elektronické služby, Trnavská cesta 100/II, 821 01 Bratislava
- Electronically to the electronic mailbox Národná agentúra pre sieťové a elektronické služby through the Central Government Portal´s electronic procedure „Všeobecná agenda“ (note: subject of the message has to be „Žiadosť o poskytovanie kvalifikovaných dôveryhodných služieb)
- You can also send application as a scan to the e-mail address firstname.lastname@example.org
It is necessary to appear in person at the office of the National Agency for Network and Electronic Services in the process of issuing a qualified certificate for a qualified electronic seal, with the date and time to be agreed in advance with the registration staff of Slovak National Certification Authority (SNCA).
If necessary, it is possible to be represented by an authorized person.