scope:

The scope of the present document is policy and security requirements for trust service components providing identity proofing of trust service subjects. Such a trust service component can be provided by the Trust Service Provider (TSP) itself as an integral part of the trust service or by a specialized Identity Proofing Service Provider (IPSP) acting as a subcontractor to the TSP.

The present document provides requirements for a Baseline Level of Identity Proofing (LoIP) aimed to support issuing of certificates at the NCP policy level as specified in ETSI EN 319 411-1 [i.7] as well as the QCP policy level as specified in ETSI EN 319 411-2 [i.8]. The Baseline LoIP also aims to support identity proofing for other ETSI trust services standards such as ETSI TS 119 431-1 [i.10] and ETSI EN 319 521 [i.12]. Annex A indicates how to use the present document in conjunction with these standards.

NOTE 1: The present document has the potential to have wider applicability than the defined scope, but any application for other purposes than enrolment to trust services is out of scope.

The present document aims at supporting identity proofing in European and other regulatory frameworks. Specifically, but not exclusively, the present document aims to support issuing of qualified certificates as defined in Regulation (EU) No 910/2014 [i.1] (the eIDAS Regulation) Article 24.1. The present document aims to meet the requirements of Article 24.1 as follows: 24.1 (a) by clause 9.2.1, 24.1 (b) by clause 9.2.4, 24.1 (c) by clause 9.2.5, 24.1 (d) by clauses 9.2.2 and/or 9.2.3 depending on the decision of the competent national authority.

The present document can be used by Conformity Assessment Bodies (CABs) as the basis for confirming that an organization is trustworthy and reliable in its identity proofing process.

NOTE 2: See ETSI EN 319 403-1 [i.6] for guidance on the assessment of TSP processes and services.