
Article 1 
A signature complies with this Decision if it is an  XML, CMS or PDF advanced electronic signature at conformance level B, T or LT level or using an associated signature container, where  it complies  with the technical specifications listed in the Annex.
Article 2 

1. A signature also complies with this Decision if it is in a format other than those referred to in Article 1, provided that:
(a) the trust service provider used by the signatory is established in the United Kingdom or the EU, and
(b) the public sector body in question is offered signature validation possibilities in accordance with paragraph 2, suitable, where possible, for automated processing.
2. The signature validation possibilities shall:
(a) allow  the public sector body  to validate the received electronic signatures online, free of charge and in a way that is understandable for non-native speakers;
(b) be indicated in the signed document, in the electronic signature or in the electronic document container; and
(c) confirm the validity of an advanced electronic signature provided that:
((1)) the certificate that supports the advanced electronic signature was valid at the time of signing, and when the advanced electronic signature is supported by a qualified certificate, the qualified certificate  met, at the time of signing, all necessary requirements for qualified status;
((2)) the signature validation data corresponds to the data provided to the relying party;
((3)) the unique set of data representing the signatory is correctly provided to the relying party;
((4)) the use of any pseudonym is clearly indicated to the relying party if a pseudonym was used at the time of signing;
((5)) when the advanced electronic signature is created by a qualified electronic signature creation device, the use of any such device is clearly indicated to the relying party;
((6)) the integrity of the signed data has not been compromised;
((7)) the requirements provided for in Article 26 of Regulation (EU) No 910/2014 , or the corresponding provision of the equivalent EU law (within the meaning given by Article 3(42) of that Regulation),  were met at the time of signing;
((8)) the system used for validating the advanced electronic signature provides to the relying party the correct result of the validation process and allows the relying party to detect any security relevant issues.
Article 3 
A seal complies with this Decision if it is an  XML, CMS or PDF advanced electronic seal at conformance level B, T or LT or using an associated seal container where  it complies  with the technical specifications listed in the Annex.
Article 4 

1. A seal also complies with this Decision if it is in a format other than those referred to in Article 3, provided that:
(a) the trust service provider used by the creator of the seal is established in the United Kingdom or the EU, and
(b) the public sector body in question is offered seal validation possibilities in accordance with paragraph 2, suitable, where possible, for automated processing.
2. The seal validation possibilities shall:
(a) allow  the public sector body  to validate the received electronic seals online, free of charge and in a way that is understandable for non-native speakers;
(b) be indicated in the sealed document, in the electronic seal or in the electronic document container
(c) confirm the validity of an advanced electronic seal provided that:
((1)) the certificate that supports the advanced electronic seal was valid at the time of sealing, and when the advanced electronic seal is supported by a qualified certificate, the qualified certificate  met, at the time of sealing, all necessary requirements for qualified status;
((2)) the seal validation data corresponds to the data provided to the relying party;
((3)) the unique set of data representing the creator of the seal is correctly provided to the relying party;
((4)) the use of any pseudonym is clearly indicated to the relying party if a pseudonym was used at the time of sealing;
((5)) when the advanced electronic seal is created by a qualified electronic seal creation device, the use of any such device is clearly indicated to the relying party;
((6)) the integrity of the sealed data has not been compromised;
((7)) the requirements provided for in Article 36 of Regulation (EU) No 910/2014  , or the corresponding provision of the equivalent EU law (within the meaning given by Article 3(42) of that Regulation), were met at the time of sealing;
((8)) the system used for validating the advanced electronic seal provides to the relying party the correct result of the validation process and allows the relying party to detect any security relevant issues.
Article 5 
This Decision shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.
...Done at Brussels, 8 September 2015.
For the Commission
The President
Jean-Claude JUNCKER
ANNEX
Advanced electronic signatures mentioned in Article 1 of the Decision must comply with one of the following ETSI technical specifications with the exception of clause 9 thereof:


XAdES Baseline Profile ETSI TS 103171 v.2.1.1.
CAdES Baseline Profile ETSI TS 103173 v.2.2.1.
PAdES Baseline Profile ETSI TS 103172 v.2.2.2.




Associated signature container mentioned in Article 1 of the Decision must comply with the following ETSI technical specifications:


Associated Signature Container Baseline Profile ETSI TS 103174 v.2.2.1


Advanced electronic seals mentioned in Article 3 of the Decision must comply with one of the following ETSI technical specifications, with the exception of clause 9 thereof:


XAdES Baseline Profile ETSI TS 103171 v.2.1.1
CAdES Baseline Profile ETSI TS 103173 v.2.2.1
PAdES Baseline Profile ETSI TS 103172 v.2.2.2

Associated seal container mentioned in Article 3 of the Decision must comply with the following ETSI technical specifications:


Associated Seal Container Baseline Profile ETSI TS 103174 v.2.2.1
