DECISION OF BOARD OF THE EURASIAN ECONOMIC COMMISSION

of September 25, 2018 No. 154

About certification center of service of the confidential third party of the integrated information system of the Eurasian Economic Union

For the purpose of realization of Item 18 of the Protocol on information and communication technologies and information exchange within the Eurasian Economic Union (appendix No. 3 to the Agreement on the Eurasian Economic Union of May 29, 2014) the Board of the Eurasian economic commission solved:

1. Approve the enclosed Regulations on certification center of service of the confidential third party of the integrated information system of the Eurasian Economic Union.

2. This Decision becomes effective after 30 calendar days from the date of its official publication.

Approved by the Decision of Board of the Eurasian economic commission of September 25, 2018 No. 154

Regulations on certification center of service of the confidential third party of the integrated information system of the Eurasian Economic Union

I. General provisions

1. This Provision determines appointment and the main objectives of certification center of service of the confidential third party of the integrated information system of the Eurasian Economic Union (further respectively – service DTS, the Union) created in the Eurasian economic commission (further – the Commission), and also its rights, obligation, responsibility and procedure for the termination of activities.

2. Basic purpose of certification center of service DTS is providing with certificates of keys of verification of the digital signature of the authorized confidential third parties of the Commission and state members of the Union (further – state members)

for the purpose of the organization of electronic interaction of the confidential third parties of the Commission and state members as a part of service DTS for providing using the digital signature of legal force of electronic documents in case of the international (cross-border) exchange of electronic documents within the Union.

3. For the purposes of this provision concepts which mean the following are used:

"the cryptographic standard" – set of the technical specifications establishing rules and algorithms of transformation of information with use of cryptographic key (cryptographic transformation) including forming and verifications of the EDS;

"the certificate of key of verification of the EDS" – the electronic document published by certification center, signed by the EDS of certification center with use of key of the EDS and containing information confirming accessory specified

in the certificate of key of verification of the EDS to certain subject of electronic interaction, and other information provided by the corresponding cryptographic standards and requirements

to creation, development and functioning of cross-border space of trust, approved by Council of the Commission;

"certification center" – the authorized body or the organization providing according to acts of the Commission, the legislation of state member provision of services according to the edition, distribution, storage of certificates of keys of verification of the EDS and check of validity of these certificates;

"the digital signature (digital signature)", "EDS" – information in electronic form which is attached to other information in electronic form or is otherwise connected with such information serves for control of integrity and authenticity of this information, provides impossibility of refusal of authorship, is developed by application concerning this information of cryptographic transformation with use of the closed (personal) key (EDS key) and checked with use of open key (key of verification of the EDS).

Other concepts used in this Provision are applied in the values determined by the Protocol on information and communication technologies and information exchange within the Eurasian Economic Union (appendix No. 3 to the Agreement on the Eurasian Economic Union of May 29, 2014), the Concept of use in case of interstate information exchange of services and effectual in law electronic documents approved by the Decision of Council of the Eurasian economic commission of September 18, 2014 No. 73, and requirements to creation, development and functioning of cross-border space of trust.

4. Execution of electronic documents is performed

according to requirements to creation, development and functioning of cross-border space of trust and Regulations on exchange of electronic documents in case of cross-border interaction of public authorities of state members of the Eurasian Economic Union among themselves and with the Eurasian economic commission, the approved Decision of Board of the Eurasian economic commission of September 28, 2015 No. 125.

5. Functions of certification center of service DTS are performed by Department of information technologies of the Commission.

II. Main objectives of certification center of service DTS

6. The main objectives of certification center of service DTS are:

a) the certificate of compliance of open key of verification of the EDS to the closed (personal) key, and also confirmation of authenticity of certificates of keys of verification of the EDS of the confidential third party of the Commission and the confidential third parties of state members;

b) providing guarantees of trust to certificates of keys of verification of the EDS of the confidential third party of the Commission and the confidential third parties of state members in case of the international (cross-border) exchange of electronic documents within service DTS;

c) the edition, distribution and storage of certificates of keys of verification of the EDS on requests of the confidential third party of the Commission and the confidential third parties of state members, and also check of validity of these certificates;

d) confirmation of reliability of the data specified

in certificates of keys of verification of the EDS, on requests of the confidential third party of the Commission and the confidential third parties of state members.

7. Functioning of certification center of service DTS is performed according to Regulations of certification center of service DTS according to appendix (further – Regulations).

III. Rights, obligations and responsibility of certification center of service DTS

8. For the purpose of implementation of the functions the certification center of service DTS has the right:

a) perform the information provided by users (representatives of the confidential third parties of the Commission and state members) for the purpose of receipt of certificates of keys of verification of the EDS;

b) refuse to users receipt of certificates of keys of verification of the EDS in case of provision of false information or data by them not in full for receipt of certificates of keys of verification of the EDS;

c) stop or cancel action of the issued certificates of keys of verification of the EDS in the following cases:

receipt of authentic data on violation of confidentiality of key of verification of the EDS and (or) other data which can affect possibility of further use of certificates of keys of verification of the EDS essentially;

loss of legal force of keys of verification of the EDS;

loss of appropriate means of the EDS;

change of information about the certificate holder;

other cases established by Regulations or acts of bodies of the Union;

d) provide and control accomplishment by users of requirements to information security in case of operation of means of certification center of service DTS;

e) take part in development and approval of the documents regulating questions of activities of certification center of service DTS;

e) establish effective period of the root certificate of key of verification of the EDS of certification center of service DTS and certificates of keys of verification of the EDS of users.

9. When implementing the functions the certification center of service DTS shall:

a) provide registration in accordance with the established procedure of users in certification center of service DTS based on the documents submitted by them (with obligatory verification of the data specified in them);

b) inform in writing the confidential third parties of the Commission and state members on conditions and procedure for use of the EDS and means of the EDS, on the risks connected with use of the EDS and the measures necessary for safety of the EDS and its check;

c) acquaint the confidential third parties of the Commission and state members with operating procedure of certification center of service DTS;

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info