eIDAS

eIDAS (for “electronic IDentification, Authentication and trust Services”) is a set of European Union regulations.

eIDAS Regulations

There are different eIDAS regulations:

  • eIDAS1
  • eIDAS2

eIDAS1 is regulated in EU Regulation 910/2014, that derogated EU Directive 1999/93/CE.

It is completely applied since 1 July 2016.

Electronic Signature Formats compatible with eIDAS

eIDAS compelled the creation of electronic signature formats in order to comply with eIDAS regulation:

  • XAdES
  • CAdES
  • PAdES

You can read this post about digital signature, including digital signature formats.

There is no signature format compatible with PKCS #7, as it was considered outdated when compared to CMS and it did not include some necessary compatibilities.

eIDAS defines baseline formats where a signature format has a level. (e.g. CAdES 8-level).

There is a table that informs the equivalence between the signature format+level and signature profile. Example: CAdES-BES is equivalent to CAdES 8-Level.

eIDAS Concepts

Types of certifications:

  • Physical Person
  • Representative of Juridical Person
  • Representative of entity without juridical representation
  • Representative of single and joint administrator

Each member states is compelled to choose a supervision organization. In the case of Spain in 2018, it is the Secretaría de Estado para la Sociedad de la Información y la Agenda
Digital
, from the Ministerio de Energía, Turismo y Agenda Digital.

Trust service provider (TSP) provide trust services such as digital signature.

Conformity Assessment Bodies (CAB) are the organization that can assess the trust service prodiers. In Spain, they are designed by ENAC, and there are 4 as of 2025.

Supervisory Body (SB) can be a ministry within a member state.

New services added by eIDAS2 over the original eIDAS:

  • New trust service
    • Remote electronic signature and seal
    • Electronic attribute declaration
    • Electronic archival
    • eLedgers
  • EUid
  • Digital wallet

eIDAS2 created the European Digital Identity Cooperation Group (EDIGC) to cooperate and exchange information between the state members.

There are also single point of contacts (SPoCs).

eIDAS2 is further developed in execution acts. European Telecommunications Standards Institute (ETSI).

The adoption of the European Digital Identity Wallet (EUDIW) is mandatory for all the state members.

You might also be interested in…

You might also be interested in…

  • Vanesa Sánchez, Ángel Martín; “eIDAS2: la nueva realidad digital “, parte 1, parte 2; Preparatic.org

Leave a Reply

Your email address will not be published. Required fields are marked *