Leading experts from ecsec GmbH and LuxTrust S.A. have joined forces to develop a novel “ChipGateway Protocol”, which enables generation of qualified electronic signatures in cloud-based environments and contributed this to OASIS to foster the development of open standards for electronic signatures.

Browser-based generation of Qualified Electronic Signatures increasingly challenging

Browser vendors are progressively blocking plug-in interfaces, which particularly prevents using Java-applets, that are merely used for accessing smartcards in web applications. The proposed innovative “ChipGateway Protocol” provides a suitable solution to this problem, allowing to use smartcards and to sign electronically in any browser without using plug-ins, and particularly without using Java in the browser. Today, this protocol, which has jointly be developed by LuxTrust and ecsec, has been submitted to the non-profit consortium OASIS, which drives the development, convergence and adoption of open standards for the global information society and is committed to creating open standards for digital signature services.

eIDAS Regulation enables the ease of Qualified Electronic Signatures on the Cloud

The Regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions (eIDAS) is fully applicable in all European Member States since July 2016. The eIDAS Regulation addresses, among other things, qualified electronic signatures, which shall replace their handwritten equivalents. While generation of qualified electronic signatures traditionally required using local smartcards, or similar cryptographic devices, the eIDAS Regulation introduced “remote electronic signatures”, which enable generating qualified signatures within cloud applications. “Unfortunately, until now there is no common and convenient approach on the market for accessing local signature creation devices from cloud-based applications,” stated Stefan Hagen, Co-Chair of the OASIS Digital Signature Services eXtended (DSS-X) TC.

“ChipGateway Protocol” enables Cloud-based Applications to Sign Locally

The “ChipGateway Protocol” fills in the gap of the eIDAS standards for using local signature creation devices from cloud-based applications. Using the “ChipGateway Protocol”, which was inspired by the protocols used for the German eID card as specified in BSI TR-03124 and implemented in the certified Open eCard App, it is possible to generate qualified electronic signatures in browser-based web and cloud applications. “The ‘ChipGateway Protocol’ makes it now possible for a remote signing server to access the locally connected signature creation devices using simple functions for listing available tokens as well as certificates and for requesting a signature in order to provide a seamless and user-friendly signing experience”, explained Dr. Detlef Hühnlein, CEO of ecsec GmbH.

Contribution to OASIS is a Starting point for Development of an Open eIDAS-Ecosystem

The innovative “ChipGateway Protocol” has today been contributed to the OASIS Digital Signature Services eXtended (DSS-X) Technical Committee (TC), which is committed to creating open standards for electronic signature services. “It has been a pleasure to join forces with ecsec GmbH to develop the ‘ChipGateway Protocol’”, explained Thomas Kopp, Chief Scientist at LuxTrust S.A.. “As we are convinced that open standards are crucial for the prospering development of the eIDAS-Ecosystem, we are pleased to contribute the ‘ChipGateway Specification’ to OASIS in order to foster the development of an open ecosystem for trust services and electronic transaction services in Europe and beyond. This also demonstrates the innovative approach of LuxTrust as European Trust Services Provider of eIDAS Qualified Electronic Signatures.”

EU-funded FutureTrust project is proudly supporting eIDAS-related standardisation

We warmly welcome the contribution of the ‘ChipGateway Protocol’ as input for standardization and heartily invite all interested stakeholders to join us and contribute to the development of an open eIDAS-Ecosystem”, added Stefan Hagen, Co-Chair of the OASIS Digital Signature Services eXtended (DSS-X) TC. As multiple DSS-X experts are also active within the EU-funded FutureTrust project, it is not surprising that this project is committed to supporting the forthcoming standardization efforts. “We are proudly supporting the development of eIDAS-related standards and additionally aim at providing an Open Source reference implementation of the novel ‘ChipGateway Protocol’”, added Jon Shamah, FutureTrust Associate Partner Manager. “FutureTrust invites all interested parties to benefit from these exciting developments and join the project as associated partner.”