ETSI EN 319 532-1 V1.1.1 (2018-09)

Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM) Services; Part 1: Framework and architecture

ETSI EN 319 532-1 V1.1.1 (2018-09)

Name:ETSI EN 319 532-1 V1.1.1 (2018-09)   Standard name:Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM) Services; Part 1: Framework and architecture
Standard number:ETSI EN 319 532-1 V1.1.1 (2018-09)   language:English language
Release Date:04-Sep-2018   technical committee:ESI - Electronic Signatures and Infrastructures
Drafting committee:   ICS number:
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Electronic Signatures and Infrastructures (ESI) - Registered Electronic Mail (REM) Services - Part 1: Framework and architecture35.040.01Kodiranje informacij na splošnoInformation coding in generalICS:Ta slovenski standard je istoveten z:ETSI EN 319 532-1 V1.1.1 (2018-09)SIST EN 319 532-1 V1.1.1:2018en01-november-2018SIST EN 319 532-1 V1.1.1:2018SLOVENSKI
STANDARD



SIST EN 319 532-1 V1.1.1:2018



ETSI EN 319 532-1 V1.1.1 (2018-09) Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM) Services; Part 1: Framework and architecture
EUROPEAN STANDARD SIST EN 319 532-1 V1.1.1:2018



ETSI ETSI EN 319 532-1 V1.1.1 (2018-09) 2
Reference DEN/ESI-0019532-1 Keywords e-delivery services, registered e-delivery services, registered electronic mail ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00
Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88
Important notice The present document can be downloaded from: The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at If you find errors in the present document, please send your comment to one of the following services: Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media.
© ETSI 2018. All rights reserved.
DECTTM, PLUGTESTSTM, UMTSTM and the ETSI logo are trademarks of ETSI registered for the benefit of its Members. 3GPPTM and LTETM are trademarks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. oneM2M logo is protected for the benefit of its Members. GSM and the GSM logo are trademarks registered and owned by the GSM Association. SIST EN 319 532-1 V1.1.1:2018



ETSI ETSI EN 319 532-1 V1.1.1 (2018-09) 3 Contents Intellectual Property Rights . 4 Foreword . 4 Modal verbs terminology . 4 Introduction . 5 1 Scope . 7 2 References . 7 2.1 Normative references . 7 2.2 Informative references . 7 3 Definitions and abbreviations . 8 3.1 Definitions . 8 3.2 Abbreviations . 10 4 REM logical model . 10 4.1 Introduction . 10 4.2 Black-box model . 11 4.2.1 Functional viewpoint . 11 4.2.2 Sequence viewpoint . 12 4.2.2.1 REM styles of operation . 12 4.2.2.2 REM Store and Forward style of operation . 13 4.2.2.3 REM Store and Notify style of operation . 14 4.3 4-corner model . 17 4.3.1 Functional viewpoint . 17 4.3.2 Sequence viewpoint . 18 4.3.2.1 REM S&F to S&F interaction . 18 4.3.2.2 REM S&F to S&N interaction . 20 4.3.2.3 REM S&N to S&F interaction . 22 4.4 Extended model . 24 4.4.1 Functional viewpoint . 24 4.4.2 Sequence viewpoint . 26 4.4.2.1 Multi-hop sequence over S&F nodes only . 26 4.4.2.2 Multi-hop sequence involving a S&N node . 27 5 REM interfaces . 29 6 REM events and evidence . 31 6.1 Overview . 31 6.2 Events and evidence . 31 6.2.1 A. Events related to the submission . 31 6.2.2 B. Events related to the relay between REMSs. 32 6.2.3 C. Events related to the acceptance/rejection by the recipient . 32 6.2.4 D. Events related to the consignment. 33 6.2.5 E. Events related to the handover to the recipient . 34 6.2.6 F. Events related to connections with non-ERDS systems . 34 History . 35
SIST EN 319 532-1 V1.1.1:2018



ETSI ETSI EN 319 532-1 V1.1.1 (2018-09) 4 Intellectual Property Rights Essential patents IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https://ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners. ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks. Foreword This European Standard (EN) has been produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). The present document is part 1 of a multi-part deliverable covering Registered Electronic Mail (REM) Services, as identified below: Part 1: "Framework and architecture"; Part 2: "Semantic contents"; Part 3: "Formats"; Part 4: "Interoperability profiles".
National transposition dates Date of adoption of this EN: 23 August 2018 Date of latest announcement of this EN (doa): 30 November 2018 Date of latest publication of new National Standard or endorsement of this EN (dop/e):
31 May 2019 Date of withdrawal of any conflicting National Standard (dow): 31 May 2019
Modal verbs terminology In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and "cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). "must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation. SIST EN 319 532-1 V1.1.1:2018



ETSI ETSI EN 319 532-1 V1.1.1 (2018-09) 5 Introduction Business and administrative relationships among companies, public administrations and private citizens are more and more implemented electronically. Trust is essential for their success and continued development of electronic services. It is therefore important that any entity using electronic services have suitable security controls and mechanisms in place to protect their transactions and to ensure trust and confidence with their partners. Electronic signatures are commonly used worldwide to ensure authenticity and integrity of electronic documents, making it possible to transform traditional paper-based processes into electronic ones providing a comparable or even higher level of assurance. As communication is becoming predominantly internet-based, secure and provable exchange of documents is essential to the full digital transformation. An electronic registered delivery service (ERDS hereinafter) provides secure and reliable delivery of electronic messages between parties, producing evidence of the delivery process for legal accountability. Evidence can be seen as a declaration by a trusted party that a specific event related to the delivery process (submission of a message, relay of a message, delivery of a message, refusal of a message, etc.) happened at a certain time. Evidence can be immediately delivered to the interested party (together with the message or separately) or can be kept in a repository for later access. It is common practice to implement evidence as digitally signed data. Registered electronic mail (REM hereinafter) is a specific type of electronic registered delivery, which builds on the formats, protocols and mechanisms used in ordinary e-mail messaging. In a number of national, regional or sector-specific communities electronic registered delivery and registered electronic mail services are already in place, and even more are being developed. Without the definition of common standards there will be no consistency in the services provided, making it difficult for users to compare them. Under these circumstances, users might be prevented from easily changing to alternative providers, damaging free competition. Lack of standardization might also adversely affect interoperability between implementations which are based on different models. The present document is one of a set of interrelated documents (framework of ERDS standards hereinafter) ETSI has produced to facilitate a consistent form of electronic registered delivery service inside and outside Europe, especially with regard to the form of evidence provided, in order to maximize interoperability even between domains governed by different policy rules. This set of documents includes the following deliverables: • ETSI EN 319 522 [i.16]: a multi-part deliverable providing technical specifications for Electronic Registered Delivery Services. • ETSI EN 319 532 [i.17]: a multi-part deliverable providing technical specifications for Registered Electronic Mail Services. • ETSI EN 319 521 [i.18]: providing Policy and Security Requirements for Electronic Registered Delivery Service Providers. • ETSI EN 319 531 [i.19]: providing Policy and Security Requirements for Registered Electronic Mail Service Providers. • ETSI TS 119 524 [i.20]: a multi-part deliverable providing requirements for Testing Conformance and Interoperability of Electronic Registered Delivery Services. • ETSI TS 119 534 [i.21]: a multi-part deliverable providing requirements for Testing Conformance and Interoperability of Registered Electronic Mail Services. The documents covering ERDS contain the general concepts and requirements which apply to all kinds of electronic registered delivery services. Since REM is a specific type of electronic registered delivery, the documents covering REM service build on the corresponding documents covering ERDS by referencing the necessary provisions, and define the interpretation and specific requirements which apply only to registered electronic mail. SIST EN 319 532-1 V1.1.1:2018



ETSI ETSI EN 319 532-1 V1.1.1 (2018-09) 6 Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC [i.4] (Regulation (EU) No 910/2014, or Regulation hereinafter) provides a legal framework to facilitate cross-border recognition between existing national legal systems related to electronic registered delivery services. That framework aims to open new market opportunities for European Union trust service providers to offer new pan-European electronic registered delivery services. The Regulation defines the so-called qualified electronic registered delivery service (QERDS hereinafter), which is a special type of ERDS, where both the service and its provider need to meet a number of additional requirements that the regular ERDSs and their providers do not need to meet. The framework of ERDS standards aims to cover the common and worldwide-recognized requirements to address electronic registered delivery in a secure and reliable way, independent of the applicable legislative framework. The documents contain generic requirements which can be applied in any geographic region. At the same time, the framework of ERDS standards aims to support demonstrating compliance to the Regulation (EU) No 910/2014 [i.4] (and related secondary legislation), both for non-qualified and qualified electronic registered delivery services. Specific clauses are included defining requirements for qualified services only, especially in the documents covering policy and security requirements. However, the legal effects of services implemented according to the framework of ERDS standards are outside the scope of the documents [i.16] to [i.21]. The present document is part 1 of ETSI EN 319 532 [i.17], which is a multi-part deliverable covering Registered Electronic Mail (REM) Services, as detailed in the Foreword. ETSI EN 319 522 contains the general concepts and requirements which apply to all kinds of ERDSs. Since registered electronic mail is a specific type of electronic registered delivery, the general provisions given in ETSI EN 319 522 apply to registered electronic mail as well. Hence, parts 1 and 2 of ETSI EN 319 532 are aligned with ETSI EN 319 522, and they reference the necessary provisions of the corresponding part.
SIST EN 319 532-1 V1.1.1:2018



ETSI ETSI EN 319 532-1 V1.1.1 (2018-09) 7 1 Scope The present document specifies the logical model and basic concepts of registered electronic mail (REM) service. The present document relies on ETSI EN 319 522-1 [1] for all concepts and requirements which are generally applicable to all electronic registered delivery services, and defines the interpretation and specific requirements which apply only to registered electronic mail. 2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at https://docbox.etsi.org/Reference/. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are necessary for the application of the present document. [1] ETSI EN 319 522-1: "Electronic Signatures and Infrastructures (ESI); Electronic Registered Delivery Services; Part 1: Framework and Architecture". 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. [i.1] ETSI EN 319 532-2: "Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM) Services; Part 2: Semantic Contents". [i.2] ETSI EN 319 532-3: "Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM) Services; Part 3: Formats". [i.3] ETSI EN 319 532-4: "Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM) Services; Part 4: Interoperability profiles". [i.4] Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC. [i.5] ETSI EN 319 522-2: "Electronic Signatures and Infrastructures (ESI); Electronic Registered Delivery Services; Part 2: Semantic Contents". [i.6] ETSI TS 119 612: "Electronic Signatures and Infrastructures (ESI); Trusted Lists". [i.7] IETF RFC 5751: "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification". SIST EN 319 532-1 V1.1.1:2018



ETSI ETSI EN 319 532-1 V1.1.1 (2018-09) 8 [i.8] IETF RFC 5321: "Simple Mail Transfer Protocol". [i.9] IETF RFC 1939: "Post Office Protocol - Version 3". [i.10] IETF RFC 3501: "Internet Message Access Protocol - Version 4rev1". [i.11] IETF RFC 5246: "The Transport Layer Security (TLS) Protocol Version 1.2". [i.12] IETF RFC 4422: "Simple Authentication and Security Layer (SASL)". [i.13] IETF RFC 3207: "SMTP Service Extension for Secure SMTP over Transport Layer Security". [i.14] IETF RFC 2595: "Using TLS with IMAP, POP3 and ACAP". [i.15] IETF RFC 7817: "Updated Transport Layer Security (TLS) Server Identity Check Procedure for Email-Related Protocols". [i.16] ETSI EN 319 522 (all parts): "Electronic Signatures and Infrastructures (ESI); Electronic Registered Delivery Services". [i.17] ETSI EN 319 532 (all parts): "Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM) Services". [i.18] ETSI EN 319 521: "Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Electronic Registered Delivery Service Providers". [i.19] ETSI EN 319 531: "Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Registered Electronic Mail Service Providers". [i.20] ETSI TS 119 524 (all parts): "Electronic Signatures and Infrastructures (ESI); Testing Conformance and Interoperability of Electronic Registered Delivery Services". [i.21] ETSI TS 119 534 (all parts): "Electronic Signatures and Infrastructures (ESI); Testing Conformance and Interoperability of Registered Electronic Mail Services". 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: consignment: act of making the user content available to the recipient within the boundaries of the electronic registered delivery service Electronic Registered Delivery Service Provider (ERDSP): entity which provides electronic registered delivery service NOTE: It can be a Trust Service Provider as defined in Regulation (EU) No 910/2014 [i.4]. ERD dispatch: ERD message which contains the user content, some ERDS relay metadata and ERDS evidence ERD event: relevant event in the electronic delivery process, which may be attested by an ERDS evidence ERD message: data composed of an optional user content, ERDS relay metadata and zero or more ERDS evidence ERD payload: ERD message which contains the user content and some ERDS relay metadata ERD User Agent/Application (ERD-UA): system consisting of software and/or hardware components by which senders and recipients participate in the exchange of data with electronic registered delivery service providers SIST EN 319 532-1 V1.1.1:2018



ETSI ETSI EN 319 532-1 V1.1.1 (2018-09) 9 Electronic Registered Delivery Service (ERDS): electronic service that makes it possible to transmit data between the sender and recipients by electronic means and provides evidence relating to the handling of the transmitted data, including proof of sending and receiving the data, and that protects transmitted data against the risk of loss, theft, damage or any unauthorized alteration NOTE: An electronic registered delivery service is provided by one ERDSP. ERDSPs can cooperate in transferring data from a sender to a recipient when they are subscribed to different ERDSPs (see 4-corner and extended models in clauses 4.3 and 4.4 of ETSI EN 319 522-1 [1]). ERDS evidence: data generated by the electronic registered delivery service, which aims to prove that a certain event has occurred at a certain time ERDS handover metadata: data related to the user content which is generated by the electronic registered delivery service and handed over to the ERD user agent/application of the recipient ERDS receipt: ERD message which contains ERDS evidence and some ERDS relay metadata ERDS relay metadata: data related to the user content which is generated by the electronic registered delivery service for the purpose of relaying to another electronic registered delivery service ERDS serviceinfo: ERD message which contains some ERDS relay metadata handover: act of having the user content successfully cross the border of the recipient's electronic registered delivery service towards the recipient's ERD user agent/application original message: data including user content and submission metadata recipient: natural or legal person to which the user content is addressed Registered Electronic Mail (REM): enhanced form of e-mail transmitted by registered electronic mail service Registered Electronic Mail Service (REMS): electronic registered delivery service which builds on the formats, protocols and mechanisms used in ordinary e-mail messaging Registered Electronic Mail Service Provider (REMSP): entity which provides registered electronic mail service NOTE:
It can be a Trust Service Provider as defined in Regulation (EU) No 910/2014 [i.4]. REM dispatch: ERD dispatch in the form of a REM envelope REM envelope: signed data structure generated by the registered electronic mail service which contains any of the user content, ERDS relay metadata and/or ERDS evidence REM interoperability domain: homogeneous operational space consisting of a set of REMSPs able to properly interoperate among themselves REM interoperability domain rules: set of rules defining a REM interoperability domain REM message: ERD message in the form of a REM envelope REMS notification: ERDS serviceinfo or ERDS receipt, in the form of a REM envelope, which includes a reference to the user content to be delivered REM payload: ERD payload in the form of a REM envelope REMS receipt: ERDS receipt in the form of a REM envelope sender: natural or legal person that has submitted the user content submission metadata: data submitted to the electronic registered delivery service together with the user content user content: original data produced by the sender which has to be delivered to the recipient SIST EN 319 532-1 V1.1.1:2018



ETSI ETSI EN 319 532-1 V1.1.1 (2018-09) 10 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: CSI Common Service Interface ERD Electronic Registered Delivery ERD-UA ERD User Agent/Application ERDS Electronic Registered Delivery Service ERDSP Electronic Registered Delivery Service Provider ESMTP Extended SMTP EU European Union I-REMS Intermediate REMS IMAP Internet Message Access Protocol MIME Multipurpose Internet Mail Extensions PDF Portable Document Format POP Post Office Protocol POP3 Post Office Protocol version 3 R-REMS Recipient's REMS REM Registered Electronic Mail REMID REM Interoperability Domain REMS Registered Electronic Mail Service REMSP Registered Electronic Mail Service Provider S&F Store and Forward S&N Store and Notify S-REMS Sender's REMS S/MIME Secure/Multipurpose Internet Mail Extensions SASL Simple Authentication and Security Layer SMTP Simple Mail Transfer Protocol TL Trusted List NOTE: As per ETSI TS 119 612 [i.6]. TLS Transport Layer Security TSP Trust Service Provider URI Uniform Resource Identifier URL Uniform Resource Locator XML eXtensible Mark-up Language 4 REM logical model 4.1 Introduction Registered electronic mail service (REMS henceforth) is a specific type of electronic registered delivery service (ERDS henceforth), which builds on the formats, protocols and mechanisms used in ordinary e-mail messaging. The logical model of ERDS in general, as described in clause 4 of ETSI EN 319 522-1 [1], is applicable to REMS. See clause 4.1 of ETSI EN 319 522-1 [1] for an introduction to ERDS. The next clauses describe the interpretation of the general ERDS model as applied in the specific case of REM. Clause 4.2 further specifies the black-box model described in clause 4.2 of ETSI EN 319 522-1 [1], focusing on the outer interfaces of the REMS. Clause 4.3 further specifies the 4-corner model described in clause 4.3 of ETSI EN 319 522-1 [1], explaining the interaction between the services of different REMSPs. Clause 4.4 further specifies the extended model described in clause 4.4 of ETSI EN 319 522-1 [1], providing the details about the interaction of the REMS with other REMSs in the case when more than 2 providers take part in the delivery process. SIST EN 319 532-1 V1.1.1:2018



ETSI ETSI EN 319 532-1 V1.1.1 (2018-09) 11 4.2 Black-box model 4.2.1 Functional viewpoint In the simplest case, a REMS can be represented as a black box, conveying messages between a sender and a recipient and producing the appropriate ERDS evidence. Figure 1 below provides a simple representation.
Figure 1: Black-box REM model The
...

  • Relates Information
  • ISO 8130-9:1992

    ISO 8130-9:1992 - Coating powders
    09-28
  • EN 352-2:2020/FprA1

    EN 352-2:2021/oprA1:2023
    09-28
  • IEC TS 61158-4:1999

    IEC TS 61158-4:1999 - Digital data communications for measurement and control - Fieldbus for use in industrial control systems - Part 4: Data Link protocol specification Released:3/24/1999 Isbn:2831847656
    09-28
  • HD 566 S1:1990

    HD 566 S1:1998
    09-28
  • ISO 5131:1982/Amd 1:1992

    ISO 5131:1982/Amd 1:1992
    09-28
  • EN 60598-2-22:1990

    EN 60598-2-22:1996
    09-27
  • ISO 8504-2:1992

    ISO 8504-2:1992 - Preparation of steel substrates before application of paints and related products -- Surface preparation methods
    09-27
  • EN 12165:2024

    prEN 12165:2022
    09-27
  • IEC TS 61158-6:1999

    IEC TS 61158-6:1999 - Digital data communications for measurement and control - Fieldbus for use in industrial control systems - Part 6: Application Layer protocol specification Released:3/24/1999 Isbn:2831847613
    09-27
  • ISO 4252:1992

    ISO 4252:1992 - Agricultural tractors -- Operator's workplace, access and exit -- Dimensions
    09-27