06 March 2023
- Additional requirements and guidance added in the “Becoming a qualified trust service provider” section.
29 September 2022
- From the 1 October 2022, the ICO has responsibility for the management and publication of the trusted list.
- We have added the binary (DER) and text (Base64 encoded) format certificates for the UK Trusted List.
19 August 2022
- Brief description added to explain the trusted list is an authoritative source of information for qualified trust providers and their services.
- Individual sections updated to say the ICO will be taking responsibility for the trusted list from 1 October 2022 and describing any impact.
- Within the “Using the UK Trusted List” section we have replaced the word ‘hash’ with ‘digest’.
- Added new UK Trusted List page. This contains a download link to the UK trusted list, information on the trusted list and the rules under which it operates.
The UK eIDAS Regulations provide the legal framework for the use of electronic trust services offered within the UK and recognise equivalent services offered in the EU.
Electronic trust services can be used in a number of ways to provide security for electronic documents, communications and transactions e.g. to help ensure that documents sent electronically have not been altered in any way and that the sender can be easily recognised. Electronic trust services allow for such security properties to be applied and then validated and thus help ensure confidence in the electronic transfer of information.
This guide is for organisations providing trust services in the UK such as certificates for electronic signatures, certificates for electronic seals, certificates for website authentication, electronic time stamps and, electronic registered delivery services.
It gives a brief introduction to the UK eIDAS Regulations, summarises the requirements for trust services, and explains the ICO’s role in supervising trust service providers in the UK.