Riferimenti normativi
Questa lista di riferimenti è ripresa dal capitolo 1.2 delle prescrizioni tecniche e amministrative. Si tratta di collegamenti che facilitano l'acquisizione dei documenti referenziati.
OFIEle Ordinanza sui servizi di certificazione nel campo della firma elettronica (RS 943.032)
LOTC Legge federale del 6 ottobre 1995 sugli ostacoli tecnici al commercio (RS 946.51)
Prescrizioni tecniche e amministrative
ETSI EN 319 411-2 V2.6.1(2025-06) Electronic Signatures and Infrastructures (ESI); Policy and Security Requirements for Trust Service Providers issuing certificates; Part 2: Requirements for trust service providers issuing EU qualified certificates
ETSI TS 119 431-1 V1.3.1 (2024-12) Electronic Signatures and Infrastructures (ESI); Policy and security requirements for trust service providers; Part 1: TSP service components operating a remote QSCD / SCDev
ETSI TS 119 461 V2.1.1 (2025-02) Policy and security requirements for trust service components providing identity proofing of trust service subjects
ETSI EN 319 412-1 V1.6.1 (2025-06) Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 1: Overview and common data structures
ETSI EN 319 412-2 V2.4.1 (2025-06) Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 2: Certificate profile for certificates issued to natural persons
ETSI EN 319 412-3 V1.3.1 (2023-09) Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 3: Certificate profile for certificates issued to legal persons
ETSI EN 319 412-4 V1.4.1 (2025-06) Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 4: Certificate profile for web site certificates
ETSI EN 319 412-5 V2.5.1 (2025-06) Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 5: QCStatements
ETSI EN 319 421 V1.3.1 (2025-07) Electronic Signatures and Infrastructures (ESI); Policy and Security Requirements for Trust Service Providers issuing Time-Stamps
ETSI EN 319 422, V1.1.1 (2016-03) Electronic Signatures and Infrastructures (ESI); Time-stamping protocol and time-stamp token profiles
RFC 5280 (mai 2008) Internet X.509 Public Key Infrastructure - Certificate and CRL Profile
FIPS 140-2 (2001), Security Requirements for Cryptographic Modules
FIPS 140-3 (2019), Security Requirements for Cryptographic Modules
EN 419211-2:2013 Protection profiles for secure signature creation device. Part 2: Device with key generation
EN 419211-3:2014 Protection profiles for secure signature creation device. Part 3: Device with key import
EN 419211-4:2014 Protection profiles for secure signature creation device. Part 4: Extension for device with key generation and trusted channel to certificate generation application
EN 419211-5:2014 Protection profiles for secure signature creation device. Part 5: Extension for device with key generation and trusted channel to signature creation application
EN 419211-6:2014 Protection profiles for secure signature creation device. Part 6: Extension for device with key import and trusted channel to signature creation application
EN 419241-1:2018 Trustworthy Systems Supporting Server Signing – Part 1: General System Security Requirements
EN 419241-2:2019 Protection Profile for QSCD for Server Signing
EN 419221-5:2018 Protection Profiles for TSP Cryptographic Modules – Part 5: Cryptographic Module for Trust Services
ISO/IEC 15408-3:2022 Information technology – Security techniques. Evaluation criteria for IT security —Part 3: Security assurance components
Common PKI Specifications for Interoperable Applications. Version 2.0 – 20 January 2009