crypto component services - is there a market?
Stefan Kelm
stefan.kelm at secorvo.de
Fri Apr 20 11:54:57 EDT 2007
Ian,
> Hmmm... last I heard, qualified certificates can only be issued to
> individuals, and invoicing (of the e-form that the regulations speak)
> can only be done by VAT-registered companies.
True.
> Is that not the case? How is Germany resolving the contradictions?
By using pseudonyms within the certificate's common name. This
is not only done in Germany but in other countries as well.
Even CAs (and, at least in Germany, the root CA) are being
issued qualified certificates, thus they need to use
pseudonyms. The timestamping service by Deutsche Post, e.g.,
has a qualified certificate with the following DN:
Subject DN : CN = TSS DP Com 31:PN
OU = Signtrust
O = Deutsche Post Com GmbH
C = DE
>> Since electronic invoices need to be archived in
>> most countries some vendors apply time-stamps and
>> recommend to re-apply time-stamps from time to time.
>
>
> Easier to invoice with paper!
potentially much more expensive, though.
Cheers,
Stefan.
--------------------------------------------------------
T.I.S.P. - Lassen Sie Ihre Qualifikation zertifizieren
vom 25.-30.06.2007 - http://www.secorvo.de/college/tisp/
--------------------------------------------------------
Stefan Kelm
Security Consultant
Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
stefan.kelm at secorvo.de, http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B
Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list