PKI Interoperability Models (February 2005)

3.1. Europe

The European Commission is making some of the most recent moves to promote PKI interoperability. The IDABC (Interoperable Delivery of pan-European eGovernment Services to Public Administrations, Businesses and Citizens) Programme[4] is working on a Bridge/Gateway CA project[5], beginning with a feasibility study commissioned in 2001 and published in July 2002[6], with a progress note on Trust List Usage Recommendations[7] in September 2003.

The feasibility study canvassed five general PKI interoperability models:

  • Validation Authority (VA);
  • Hierarchy;
  • Mesh (cross-certification);
  • Web/Internet Trust (white lists); and
  • Bridge.

However, it settled on its own model, dubbed the Modified BCA (Bridge Certification Authority) PKI, which combines the flexible management structure of the bridge model with the technical simplicity of trust lists and the option to use cross-certificates. This is discussed further below.

Additionally, in the second half of 2003, the EU’s Interdisciplinary Centre for Law & Information Technology issued a detailed report on The Legal and Market Aspects of Electronic Signatures.[8] It outlined EU Member States’ activities in implementing the 1999/93/EC Directive, which required that electronic signatures be recognised as the legal equivalent of handwritten signatures.

[4] <>

[5] <>

[6] European Commission – Enterprise DG: IDA, A bridge CA for Europe’s Public Administrations: Feasibility Study, July 2002

[7] European Commission: IDA, Trust List Usage Recommendations for a Bridge/Gateway CA Pilot for Public Administrations, September 2003

[8] European Commission – DG Information Society, The Legal and Market Aspects of Electronic Signatures, 30 September 2003