EU Member States Trusted Lists
Scheme Type Community Rules: specific statement for Germany
Services included in the German Trusted List are assessed against the
provisions for qualified trust services laid down in
-
Regulation (EU) Nr. 910/2014 of the European Parliament and of the Council
of 23. July 2014 on electronic identification and trust services for electronic
transactions in the internal market and repealing Directive 1999/93/EC and the
-
Trust Services
Act (Vertrauensdienstegesetz vom 18. Juli 2017 (BGBl.
I S. 2745) in its current version, in German and Draft translations
in English and French) and the regulations issued on the basis of this Act.
The national trust
infrastructure for permanent testability of qualified electronic certificates
and qualified electronic time stamps provided by the Federal Network Agency as
per § 16 (5) of the Trust Services Act in its current version (Vertrauensdienstegesetz vom 18. Juli 2017 (BGBl. I S. 2745)) is
included in the Trusted List as a nationally defined trust service.
The Federal Network Agency for
Electricity, Gas, Telecommunications, Post and Railways (Federal Network
Agency) is the competent supervisory body for services concerning the creation,
verification and validation of electronic signatures, electronic seals or
electronic time stamps, electronic registered delivery services and
certificates related to those services as per Article 3 (16) (a) of Regulation
(EU) No 910/2014 and the preservation of electronic signatures, seals or
certificates related to those services as per Article 3 (16) (c) of Regulation
(EU) No 910/2014.
The Federal Office for
Information Security (BSI) is the competent supervisory body for the creation,
verification and validation of certificates for website authentication as per
Article 3 (16) (b) of Regulation (EU) No 910/2014.
The Federal Network Agency for
Electricity, Gas, Telecommunications, Post and Railways (Federal Network
Agency) is also the national body responsible for establishing, maintaining and
publishing national trusted lists.
The Trusted List of Germany is
available in machine processable format (XML) via the following link
https://tl.bundesnetzagentur.de/TL-DE.xml
The assessment of qualified
trust service providers providing qualified trust services included in the
German Trusted List is the basis for the decision of the Supervisory Bodies to
grant a service the “qualified” status. The assessment can be executed by
accredited conformity assessment bodies or by the supervisory bodies
themselves. The accreditation of German conformity assessment bodies is granted
by the German national accreditation body, the DAkkS
(Deutsche Akkreditierungsstelle).
The List of accredited
conformity assessment bodies and the relevant certification program is
available via the following link
https://www.dakks.de/en/content/accredited-bodies-dakks
Additional Information
regarding the process of qualification of a trust service is available here:
Federal Network Agency:
https://www.elektronische-vertrauensdienste.de/EVD/DE/Fachkreis/AntragQuali/AntragQuali-start.html (only in German)
Federal Office for Information
Security: https://www.bsi.bund.de/DE/Themen/DigitaleGesellschaft/eIDAS/VDA_Qualifizierung/VDA_Qualifizierung_node.html (only in German)
Qualified Signature/Seal
Creation Devices have to be certified to be used in
the context of qualified electronic signatures or seals. The Certification is
conducted by designated bodies as per Article 30 (1) of Regulation (EU) No
910/2014 and as per Article 39 (2) in conjunction with Article 30 (1) of
Regulation (EU) No 910/2014.
The Federal Network Agency
designates on request an organization as a private body as per Article 30 (1)
of Regulation (EU) No 910/2014 and as per Article 39 (2) in conjunction with
Article 30 (1) of Regulation (EU) No 910/2014, provided the accreditation body
as per § 1 (1) of the Accreditation Body Act (DAkkS)
has established through accreditation that the private body meets the necessary
requirements. The designation can be restricted in terms of content, be issued
on a provisional basis or be issued for a limited period and be subject to
constraints.
The Federal Network Agency drew
up and published the technical criteria to be met for designation as a private
body as per Article 30 (1) of Regulation (EU) No 910/2014 which is available via
the following link
https://www.elektronische-vertrauensdienste.de/EVD/DE/Fachkreis/Empfehlungen/Empfehlungen-start.html (only in German).
The Federal Office for
Information Security is the public body as per Article 30 (1) of Regulation
(EU) No 910/2014 and Article 39 (2) in conjunction with Article 30 (1) of
Regulation (EU) No 910/2014.
A list of designated German
certification bodies is available via the following link
https://www.elektronische-vertrauensdienste.de/EVD/DE/Fachkreis/Zertifizierungsstellen/Zertifizierungsstellen-start.html (only in German)