Personal tools

Skip to content. | Skip to navigation

Sections
You are here: Home PEPPOL Components eSignature

eSignature

 

eSignatures identify companies or single persons, allowing the receiver of a document to confirm the identification of the sender (authenticity) and provide assurance that the document has not been modified in transit (integrity). The originator of the document uses an eSignature issued by the relevant certification authority. These authorities may be public or private, national, regional or domain specific. The party receiving the document needs to know who issued the eSignature in order to validate it accordingly.

 

PEPPOL’s vision is to create interoperability between the different national schemes, so that a contracting authority can validate certificates issued in other EU member states, enabling electronic submission of tenders across borders. This means that an economic operator (supplier) can use the eSignature of its choice when submitting an offer to any public sector awarding entity.

 

PEPPOL addresses specific problems relating to the creation, verification and acceptance of eSignatures accompanying eProcurement documents, to enable cross border signature validation. The PEPPOL validation infrastructure consists of a network of federated validation services, able to validate qualified signature certificates from trusted certification authorities according to the national ‘Trusted Services List’ (TSL) and also non-qualified certificates as long as they are accepted in certain procurement domains.

 

Use of the eSignature validation software is not mandatory for organisations piloting PEPPOL components. However, it is a valuable add-on service and has application beyond PEPPOL to any ‘trust model’ that comprises various certification authorities. The eSignature verification service is also independent of the PEPPOL transport infrastructure.

 

To realise this vision, the PEPPOL project deliverables include:

  • XKMS and OASIS DSS interface specifications
  • Architecture and trust models
  • eID and eSignature quality classification  and policies
  • Trans-national verification system – prototype documentation
  • Pilot evaluation guidelines and online testing facilities
  • Development of open source software components and demonstrator tools
  • Documented benchmarking and best practices
 

PEPPOL is currently inviting contracting authorities and their suppliers to pilot these solutions.

 
Please download the eSignature factsheet
 

For more detailed information about the PEPPOL project, its components, ICT Architecture, and specifications, please follow the link to the PEPPOL EIA (Enterprise Interoperability Architecture) repository or send us an e-mail to: questions@peppol.eu.


Document Actions