Commission Implementing Decision (EU) 2021/1073 of 28 June 2021 laying down techn... (32021D1073)
INHALT
Commission Implementing Decision (EU) 2021/1073 of 28 June 2021 laying down technical specifications and rules for the implementation of the trust framework for the EU Digital COVID Certificate established by Regulation (EU) 2021/953 of the European Parliament and of the Council (Text with EEA relevance)
- COMMISSION IMPLEMENTING DECISION (EU) 2021/1073
- of 28 June 2021
- laying down technical specifications and rules for the implementation of the trust framework for the EU Digital COVID Certificate established by Regulation (EU) 2021/953 of the European Parliament and of the Council
- (Text with EEA relevance)
- Article 1
- Article 2
- Article 3
- Article 4
- ANNEX I
- FORMAT AND TRUST MANAGEMENT
- Generic data structure, encoding mechanisms and transport encoding mechanism in a machine-readable optical format (hereinafter called ‘QR’)
- 1.
- Introduction
- 2.
- Terminology
- 3.
- Electronic Health Certificate Container Format
- 3.1.
- Structure of the payload
- 3.2.
- CWT Claims
- 3.2.1.
- CWT Structure Overview
- 3.2.2.
- Signature Algorithm
- 3.2.3.
- Key Identifier
- 3.2.4.
- Issuer
- 3.2.5.
- Expiration Time
- 3.2.6.
- Issued At
- 3.2.7.
- Health Certificate Claim
- 4.
- Serialisation and creation of the DCC payload
- 5.
- Transport Encodings
- 5.1.
- Raw
- 5.2.
- Barcode
- 5.2.1.
- Payload (CWT) Compression
- 5.2.2.
- QR 2D Barcode
- 6.
- Trust List Format (CSCA and DSC list)
- 6.1.
- Simplified CSCA/DSC
- 6.2.
- ICAO eMRTD PKI and Trust Centers
- 7.
- Security Considerations
- 7.1.
- HCERT signature validity time
- 7.2.
- Key management
- 7.3.
- Input data validation
- 8.
- Trust Management
- 8.1.
- The Key Identifier (kids)
- 8.2.
- Differences to the ICAO eMRTD PKI trust model
- ANNEX II
- RULES FOR THE PURPOSE OF POPULATING THE EU DIGITAL COVID CERTIFICATE
- 1.
- Disease or agent targeted/Disease or agent from which the holder has recovered: COVID-19 (SARS-CoV-2 or one of its variants)
- 2.
- COVID-19 vaccine or prophylaxis
- 3.
- COVID-19 vaccine medicinal product
- 4.
- COVID-19 vaccine marketing authorisation holder or manufacturer
- 5.
- Number in a series of doses as well as the overall number of doses in the series
- 6.
- Member State or third country in which the vaccine was administered/test was carried out
- 7.
- The type of test
- 8.
- Manufacturer and commercial name of the test used (optional for NAAT test)
- 9.
- Result of the test
- ANNEX III
- COMMON STRUCTURE OF THE UNIQUE CERTIFICATE IDENTIFIER
- 1.
- Introduction
- 2.
- Composition of the unique certificate identifier
- 3.
- General requirements
- 4.
- Options for unique certificate identifiers for vaccination certificates
- ANNEX IV
- PUBLIC KEY CERTIFICATE GOVERNANCE
- 1.
- Introduction
- 2.
- Terminology
- 3.
- DCCG communication flows and security services
- 3.1.
- Authentication and connection establishment
- 3.2.
- Country Signing Certificate Authorities and Validation Model
- 3.3.
- Integrity and authenticity of uploaded data
- 3.4.
- Requirements on the technical DCCG architecture
- 4.
- Certificate Lifecycle Management
- 4.1.
- Registration of National Backends
- 4.2.
- Certificate authorities, validity periods and renewal
- 4.3.
- Revocation of certificates
- 5.
- Certificate Templates
- 5.1.
- Cryptographic requirements
- 5.1.1.
- Requirements on the DSC
- 5.1.2.
- Requirements on TLS, Upload and CSCA certificates
- 5.2.
- CSCA certificate (NB
- CSCA
- )
- 5.3.
- Document Signer Certificate (DSC)
- 5.4.
- Upload Certificates (NBUP)
- 5.5.
- National Backend TLS Client Authentication (NB
- TLS
- )
- 5.6.
- Trust list signature certificate (DCCG
- TA
- )
- 5.7.
- DCCG TLS Server certificates (DCCG
- TLS
- )
Feedback