If we are talking about cryptography, surely, „key” is one of the most essential concepts which comes in mind as an association. In case of public key infrastructures (PKIs), keys are even more important. Our public key identifies us and, if stored well, its private correspondent guarantees its safety; if unauthorized parties do not have access to the private key, its public counterpart is safe from unlawful usage as well. This is why adequate key management is unavoidable, which, in case of qualified e-signatures has been the problem of the end users so far, although we can state that this will change very soon.

The revolutionization of e-signatures’ key management has been among the ideas of researchers, developers and regulators for a long time. The main concept of the reform is that the user of the e-signature service would entrust a third party with handling the private key, so this way they can sign documents while the key is stored by the trust service provider; all the end user has to do is to approve the signature generation, without worrying about key management.

Since we are talking about qualified electronic signatures, relevant specifications and the following audit processes require a whole lot of security mechanisms and safeguards regarding the used environments; such mechanisms include different management and administrative security regulations, usage of reliable systems and products, inter alia secure communication channels. Qualified remote signature service’s functional mechanisms and security aspects will be introduced in details later on this blog.

The mechanism behind qualified remote e-signatures

Securing qualified remote e-signatures

Sources:
BERTA István Zsolt – NAGY E-SZIGNÓ KÖNYV
ETSI Newsroom - ETSI releases three specifications for cloud-based digital signatures https://www.etsi.org/newsroom/press-releases/1573-2019-04-etsi-releases-three-specifications-for-cloud-based-digital-signatures