eIDAS (electronic IDentification, Authentication and trust Services) is the regulation on e-identification and e-transactions effective in the European Union, which is aimed at simplification of the use of cross-border e-services through harmonised standards and operating principles.
Pursuant to the regulation, since 1 July 2016:
- all Estonian state and local authorities and private companies providing a public service must recognise the e-signatures of European Union member states;
- the same is valid contrariwise: other public sector European Union member states must also recognise the digital signatures given by Estonian citizens;
- it is obligatory to accept such electronic signatures given by the citizens of the European Union which are equivalent to the e-signatures used within the state.
In Europe, four levels are used for determining the reliability of electronic signatures. The highest level, i.e. an electronic signature equivalent to a handwritten signature, is called a digital signature in Estonia. Many countries (depending on the means of signing) are also using lower level signatures, which are legally valid there. For a signature with lower security level to stand out clearly, different signatures are differentiated in the DigiDoc4 client with colour codes (yellow and with note ‘Valid with restrictions’).
- eIDAS regulation and use of e-signatures on the RIA website
- eIDAS regulation (in Estonian)
- eIDAS implementing provision (in English) about which signatures European Union member states must be able to handle
- Read more on trust services on the id.ee website
Important to know:
the Estonian name of the eIDAS regulation is: “e-identimise ja e-tehingute jaoks vajalike usaldusteenuste kohta siseturul ja millega tunnistatakse kehtetuks direktiiv 1999/93/EÜ”.
It was adopted on 23 July 2014 by the Council of the European Union and the European Parliament.
In July 2016, a directly applicable implementing provision of the European Union came into effect, which brought into force the eIDAS Regulation. As a result, there are four levels of e-signatures:
Level 1 – QES (Qualified Electronic Signature)
The highest level of e-signatures, which is equal to handwritten signatures and is also called a digital signature in Estonia. The signature meets the technological requirements established in standards. The backgrounds of both the owner of the signature and the issuer of the certificate are checked. Additionally, the signature is given with a means that is deemed suitable (ID-cards, digital IDs, mobile-IDs and qualified Smart-ID accounts in Estonia. Read more about digital documents).
Level 2 – AdES/QC – Advanced
An e-signature with a qualified certificate. The signature meets the technological requirements established in standards. The backgrounds of both the owner of the signature and the issuer of the certificate are checked.
- Level 3 – AdES (Advanced Electronic Signature) – The signature meets the technological requirements established in standards, but the background of the holder of the certificate used to give the signature as well as the background of the issuer of the certificate may be unknown.
- Level 4 – Other electronic signatures – all other electronic signatures that do not meet valid standards.
- Level 1 – QES (Qualified Electronic Signature)
The easiest way to check the validity and use limits of an electronic signature is with the help of the DigiDoc4 Client. In order to ensure better differentiation, it uses a three-colour system in addition to an explanatory text:
- green means that everything is OK
- yellow means that the user must be careful and decide on the suitability of a specific signature themselves
- red means that the signature cannot be regarded as valid in the given situation
Signature validity marking:
- Signature is valid – marked with green This digital signature is equal to a hand-written signature.
- Signature is valid (Restrictions) – marked with green and yellow. This is used if the signature level is AdES/QC, i.e. it is not a signature equal to a hand-written signature, but it may still be suitable for use in a specific situation. More information can be obtained from the signature details.
- Signature is valid (Warnings) – marked with green and yellow. The warning is usually displayed if the signature is valid, but the container has a specific characteristic. Usually containers acquire such characteristics by accident in the creation process. The warning is displayed because containers cannot be changed without the signature becoming invalid. More information can be obtained from the signature details.
- Signature is unknown – marked with red. This means that the program was not able to check the signature’s validity at the moment. More information can be obtained from the signature details.
- Signature is not valid – marked with red. This means that the digital signature has been declared invalid.
You can read more about this topic from the RIA blog.
The BDOC-TS or ASiC-E LT or AdES LT signature (container format .asice) is a BDOC signature with a timestamp. Unlike in the case of the LT-TM format (digitally signed files with .bdoc extension), the long-term evidential value is ensured with a timestamp based on the RFC 3161 standard. ASiC-E LT signatures have the best international compatibility. DigiDoc4 automatically uses the .asice format when signing all new documents.