scope:

This document specifies the application interface to SmartCards during the usage phase, used as Secure Signature Creation Devices (SSCD) to enable interoperability and usage of those cards on a national or European level. The specification is based on the EU directive on electronic signatures [3] and takes into account E-SIGN documents and standards mentioned in the scope to be respected. The functionalities described in this document map the general requirements of the EU directive to asymmetric techniques as required by the corresponding protection profile [6] and cover additional services, useful in signature environments. The specification is separated into two parts. Part 1 describes the mandatory services for the usage of Smart Cards as SSCDs. This covers the signing function, storage of certificates, the related user verification, establishment and use of trusted path and channel, key generation and the allocation and format of resources required for the execution of those functions and related cryptographic token information [17]. Part 2 describes optional services based on the same technology as available in signature devices. This covers key decipherment and client(card holder) server authentication, signature verification and related cryptographic token information [17].