For a Trust Service Provider, certification (also called qualification in some contexts) is the single most important step to be undertaken. Certification demonstrates that the practices of the Trust Service Provider match the requirements of one or more official reference documents.
It means that subscribers and users relying on the service are ensured that this service operates in a proper and audited mode with respect to security, legality, accuracy, continuity of service, protection of private life, etc...
It also means that the material generated by the service (certificates, timestamps, etc) can be relied upon with a strong legal evidence.
The use of a qualified timestamping service is actually mandated to French administrations by the French “RGS decree” for exchanges between administrations or with their users.
For all these reasons, Universign focused on obtaining many certifications and qualifications. Conformance audits have been performed by an independant and officially accredited auditor.
Universign is proud to announce that we are:
- the first French Time-Stamping Authority qualified under the French RGS
- the first French Time-Stamping Authority certified to comply with the European standard ETSI TS 102 023
You can find below all the official certifications and qualifications obtained by Universign.
Do you want to know more?
The ETSI (European Telecommunications Standards Institute) is an international organization, recognized by the European Union, which produces ICT (Information and Communications Technologies) standards.
The RGS (General Security Reference Document) is a set of reference documents for electronic exchanges for French administrations. It defines the rules for information systems that must be applied to secure data exchanged, notably regarding confidentiality and integrity. RGS is jointly published by the ANSSI and the DGME.
The DGME (General Direction for State Modernisation) is a department of the French Budget, Public Accounts, Public Function and State Reformation Ministry. It offers advices to French administrations about their strategies for modernization. It identifies key assets and supports them on the operational steps to implement the changes. The goal: to change public administration and to control and rationalize public expenditures in order to improve the quality of public services delivered to users.
The ANSSI (National Agency for Information Systems Security) is attached to the General Secretary for Defense and for National Security. This public agency is in charge of the application of the security policies against hacking through:
- actions for supervision and detection;
- support of products and services development for security;
- advices and support for administrations and key sensitive operators;
- information and rules for information systems security.
The COFRAC (French Accreditation Comity) is a public agency in charge of the implementation of national regulations and European directives. This agency certifies the competencies and the impartiality of accredited agencies in order to obtain an international level of acceptance for their services. The COFRAC accredits the certification agencies that audit the trust services providers which are candidates for RGS qualification.
The LSTI is a private certification company specialized in information and communication security. It is an independent company accreditated to perform audits as regards the RGS. LSTI has performed the Universign qualification audits.