Riferimenti normativi

Questa lista di riferimenti è ripresa dal capitolo 1.2 delle prescrizioni tecniche e amministrative. Si tratta di collegamenti che facilitano l'acquisizione dei documenti referenziati.






Prescrizioni tecniche e amministrative


ETSI  EN 319 411-2 V2.4.1 (2021-11) Electronic Signatures and Infrastructures (ESI); Policy and Security Requirements for Trust Service Providers issuing certificates; Part 2: Requirements for trust service providers issuing EU qualified certificates
ETSI TS 119 431-1 V1.2.1 (2021-05) Electronic Signatures and Infrastructures (ESI); Policy and security requirements for trust service providers; Part 1: TSP service components operating a remote QSCD / SCDev
ETSI TS 119 461 V1.1.1 (2021-07) Policy and security requirements for trust service components providing identity proofing of trust service subjects
ETSI EN 319 412-1 V1.4.4 (2021-05) Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 1: Overview and common data structures
ETSI EN 319 412-2 V2.2.1 (2020-07) Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 2: Certificate profile for certificates issued to natural persons
ETSI EN 319 412-3 V1.2.1 (2020-07) Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 3: Certificate profile for certificates issued to legal persons
ETSI EN 319 412-4 V1.2.1 (2021-11) Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 4: Certificate profile for web site certificates
ETSI EN 319 412-5 V2.3.1 (2020-04) Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 5: QCStatements
ETSI EN 319 421 V1.1.1 (2016-03) Electronic Signatures and Infrastructures (ESI); Policy and Security Requirements for Trust Service Providers issuing Time-Stamps
ETSI EN 319 422, V1.1.1 (2016-03)  Electronic Signatures and Infrastructures (ESI); Time-stamping protocol and time-stamp token profiles


RFC 5280 (mai 2008) Internet X.509 Public Key Infrastructure - Certificate and CRL Profile


FIPS 140-2 (2001), Security Requirements for Cryptographic Modules
FIPS 140-3 (2019), Security Requirements for Cryptographic Modules


EN 419211-2:2013 Protection profiles for secure signature creation device. Part 2: Device with key generation
EN 419211-3:2014 Protection profiles for secure signature creation device. Part 3: Device with key import
EN 419211-4:2014 Protection profiles for secure signature creation device. Part 4: Extension for device with key generation and trusted channel to certificate generation application
EN 419211-5:2014 Protection profiles for secure signature creation device. Part 5: Extension for device with key generation and trusted channel to signature creation application
EN 419211-6:2014 Protection profiles for secure signature creation device. Part 6: Extension for device with key import and trusted channel to signature creation application
EN 419241-1:2018 Trustworthy Systems Supporting Server Signing – Part 1: General System Security Requirements
EN 419241-2:2019 Protection Profile for QSCD for Server Signing
EN 419221-5:2018 Protection Profiles for TSP Cryptographic Modules – Part 5: Cryptographic Module for Trust Services


ISO/IEC 15408-3:2008 Information technology – Security techniques. Evaluation criteria for IT security —Part 3: Security assurance components



Common PKI Specifications for Interoperable Applications. Version 2.0 – 20 January 2009

https://www.bakom.admin.ch/content/bakom/it/pagina-iniziale/digitale-e-internet/comunicazione_digitale/firma-elettronica/referenza-normalizzazione.html