Qualified website certificates & authentication: Planning, testing & certification of your trust service

Become a qualified Trust Service Provider (TSP) for website authentication with TÜV NORD

Are you currently setting up or developing a qualified trust service to create certificates for website authentication and wish to prove that you meet the requirements of the eIDAS Regulation? We are here to support you: From planning your services to the necessary tests and right through to the conformity assessment (certification), we can provide you with all the services you need to obtain qualification from the relevant supervisory authority, which in Germany is the Federal Network Agency (BNetzA). In addition, we offer you customized workshops or provide training courses to give you an insight into the world of eIDAS & ETSI.

Stay qualified: Do you need to reconfirm that you are implementing the current provisions of the eIDAS Regulation? We check your processes and documentation and accompany you on your way to successful re-certification.

Our services in the field of website authentication

  

Training courses introducing you to the world of eIDAS & ETSI

Project-specific workshops to prepare for certification

Support for the development of technical infrastructures

GAP analysis of the implemented documents or processes

Certification/conformity assessment in accordance with eIDAS or ETSI

The standards we use to audit:

  

Website Authentication: Testing according to ETSI EN 319 401 Website Authentication: Testing according to ETSI EN 319 401 Website Authentication: Testing according to ETSI EN 319 401 Website Authentication: Testing according to ETSI EN 319 401

ETSI EN 319 401

General Policy Requirements for Trust Service Providers



  

Website Authentication: Testing according to ETSI EN 319 411-1/-2 Website Authentication: Testing according to ETSI EN 319 411-1/-2 Website Authentication: Testing according to ETSI EN 319 411-1/-2 Website Authentication: Testing according to ETSI EN 319 411-1/-2

ETSI EN 319 411-1/-2

Policy and security requirements for Trust Service Providers issuing certificates


  

Website Authentication: Testing according to the Baseline Requirements & Extended Validation Certificate Guidelines (CA/Browser-Forum) Website Authentication: Testing according to the Baseline Requirements & Extended Validation Certificate Guidelines (CA/Browser-Forum) Website Authentication: Testing according to the Baseline Requirements & Extended Validation Certificate Guidelines (CA/Browser-Forum) Website Authentication: Testing according to the Baseline Requirements & Extended Validation Certificate Guidelines (CA/Browser-Forum)

CA/Browser-Forum

Baseline Requirements & Extended Validation Certificate Guidelines: Requirements that a certification body must meet to issue digital certificates for SSL/TLS servers

Website Authentication: Testing according to the eIDAS Regulation Website Authentication: Testing according to the eIDAS Regulation Website Authentication: Testing according to the eIDAS Regulation Website Authentication: Testing according to the eIDAS Regulation

eIDAS Regulation

Article 45 & Annex IV:
Requirements for qualified certificates for website authentication

  

Your benefits at a glance

  • Entry into the European market: Successful certification will enable you to access the European single market.
  • Approval as qualified Trust Service Provider: You can provide objective evidence that you meet the requirements of the eIDAS Regulation and are approved as a qualified Trust Service Provider.
  • Listing in the root store: Your certificate will be officially listed in the root store of the CA/Browser Forum.
  • One test, two results: With just one test, you can obtain the status of a qualified Trust Service Provider and be included in the root store of the CA/Browser Forum.

What is website authentication?

In order to be trusted by users, the operators of servers and websites on the internet must be clearly identifiable. Website authentication certificates (WAC) are issued to assure users (in particular citizens and SMEs) that there is a legal entity (or natural person) behind the website that can be identified using reliable information. In addition to this secure identification of websites and server systems in the network, the WAC certificates guarantee the confidentiality of the transmitted data and data integrity.

Why we are a strong partner for you

Expertise

Our experienced experts have already successfully completed more than 500 PKI projects of various sizes, some of which were transnational.

Industry experience

Due to many years of experience in different branches of industry we can serve companies from a wide range of industries.

Everything from a single source

We offer an all-round eIDAS package: From training and workshops, planning support and audits all the way to conformity assessment (certification).

Tailor-made for you

We focus on individual services - and solutions - that optimally fit your current company situation and your set goals.

International network of experts

Around the globe: We support you both nationally and internationally. Our global network of experts is ready to help you in all IT security issues.

Independence

Our employees are not subject to any conflicts of interest, as they are not committed to any product suppliers, system integrators, stakeholders, interest groups or government agencies.
You have questions? We are pleased to help!

Further services

Electronic signatures and seals

Electronic Signatures

We accompany trust service providers for electronic signatures on the way to their qualification status: from the planning of their services to the required tests up to the conformity assessment / re-certification.
Read more

Electronic Seals

Become a qualified trust service provider (VDA) for electronic seals: We support you in planning your service(s), perform audits according to eIDAS & ETSI and accompany you on your way to conformity assessment.
Read more
Validation Services for Electronic Signatures, Seals and Timestamps

Validation Services for Electronic Signatures, Seals and Timestamps

Validation services are indispensable for assessing the correctness and integrity of electronically signed, sealed and timestamped documents. They review certificates in real time and ensure transparency.
Read more
Electronic Archives and Archiving Services

Electronic Archives and Archiving Services

Documents that are electronically signed or marked with a timestamp are subject to ageing, just like their hard copy counterparts. If the certificates or mathematical algorithms used there are no longer up to date, this results in them losing their value as evidence.
Read more
Electronic Identification (eID)

Electronic Identification (eID)

Electronic identification systems have the great advantage that they save companies time and expense, and significantly simplify communication for customers – provided that the systems work securely and that they are trustworthy.
Read more

Electronic Registered Delivery Services

Electronic registered delivery services transmit electronic data such as emails between third parties and provide evidence relating to sending and receiving the transmitted data at a certain date and time.
Read more

Cooperative Intelligent Transport Systems (C-ITS)

We support you on your way to an IT-secure C-ITS solution: from planning or further development, through testing, to successful certification according to the security requirements of the European Commission.
Read more