Regulation (EU) No. 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services in electronic transactions in the internal market and repealing Directive 1999/93/EC (EIDAS) establishes the conditions under which Member States shall recognize the electronic identification means of natural and legal persons belonging to a notified electronic identification scheme of another Member State, as well as rules for trust services and a legal framework for electronic signatures, electronic seals, electronic time stamps, electronic documents, certified electronic delivery services and certificate services for website authentication.
Before a Trusted Electronic Services Provider (PSEC) starts providing qualified trust services, it must submit to the supervisory body (in Spain, SETSI, Secretaría de Estado de Telecomunicaciones y para la Sociedad de la Información) an application for approval to start operating together with a conformity assessment report issued by an assessment body accredited with the accreditation body (in Spain, ENAC, Entidad Nacional de Acreditación).
Once the trust service provider has provided all the information required to start its activity, including the conformity assessment report (IEC, in English CAR Conformity Assessment Report) issued by a duly accredited conformity assessment body, the supervisory body will verify whether the provider and the trust services it provides meet the requirements set out in Regulation (EU) 910/2014 and,if so, will grant the qualification and update the TSL trust list including the Provider’s information. The #EIDAS Regulation obliges all member states to accept certificates issued by providers included in the TSL lists of the other states (in addition to their own).
Certification service providers issuing qualified certificates under Directive 1999/93/EC must submit a conformity assessment report to the supervisory body no later than July 1, 2017.