Qualified certificate

A qualified certificate according to Regulation (EU) No 910/2014. (Previously EC Directive 1999/93 / EC - "Signature Directive") a digital certificate that meets the following requirements:

It must have the following content:
- Indication that the certificate is issued as a qualified certificate;
- Details of the issuer and the country in which it is established;
- Name of the owner or a pseudonym that can be identified as such;
- any other attributes of the holder;
- Signature verification key of the owner;
- Start and end of the period of validity of the certificate;
- Serial number of the certificate;
- the advanced electronic signature of the issuing certification service provider;
- if applicable, restrictions on the scope of the certificate and
- if applicable, limits on the value of the transactions for which the certificate can be used.
The issuer must meet the requirements of the directive for the reliability and security of its certification services.

This definition of the qualified certificate was adopted accordingly in the national signature laws of the member states of the European Community and the other states of the European Economic Area , in particular in the German Signature Act , the Austrian Signature Act and the Liechtenstein Signature Act . However, the country-specific requirements for the certification service providers who issue qualified certificates can differ significantly. Contrary to the requirements of the directive, qualified certificates in Germany must be provided with a qualified electronic signature .

Qualified certificates enable the creation of qualified electronic signatures that are equivalent to a handwritten signature.

The issuing of qualified certificates is subject to the supervision of a competent authority. In Germany this is the Federal Network Agency for Electricity, Gas, Telecommunications, Post and Railways (formerly RegTP ), in Austria the Telecommunications Control Commission (TKK) as part of the Rundfunk und Telekom Regulierungs GmbH (RTR). In many countries - including Germany and Austria - issuers of qualified certificates can be accredited by the responsible authorities. This accreditation is voluntary, but is required for the use of the certificates in some areas (e.g. in social insurance). The Federal Network Agency and RTR each operate a national root certification authority (Root CA) for qualified certificates.

Web links

Individual evidence

↑ Signature guideline, Appendix I: Requirements for qualified certificates ( Memento of December 26, 2007 in the Internet Archive )
↑ Signature Guideline, Appendix II: Requirements for certification service providers who issue qualified certificates ( Memento of November 13, 2007 in the Internet Archive )

[1] Signature guideline, Appendix I: Requirements for qualified certificates ( Memento of December 26, 2007 in the Internet Archive )

[2] Signature Guideline, Appendix II: Requirements for certification service providers who issue qualified certificates ( Memento of November 13, 2007 in the Internet Archive )