Confirmation of compliance to German Signature Law

Security of qualified electronic signatures
In Germany, certified electronic signature products used by a certification service must incorporate the security characteristics as laid down in §17 of the German Signature Act (SigG) and §15 of the German Signature Ordinance (SigV). In addition to secure signature creation devices and signature application components, these products also contain components for generating and transmitting signature keys (key generator), assuring the verifiability of the certificates (information service) and issuing qualified time stamps. Fulfilment of these requirements must have been verified and confirmed by an approved body in accordance with the test criteria in Annex I SigV (ITSEC or Common Criteria). The test and confirmation requirements for products for qualified electronic signatures are designed to ensure fulfilment of the demanding specifications covering the relevant security-technical functions for the generation and verification of certified electronic signatures by suitable products in compliance with the SigG and SigV. 

Schedule of all BSI-Certifications for OpenLimit Software (german)

SigG and SigV conformity of the OpenLimit software
The OpenLimit SignCubes Basis Components 2.1, as a modular client application, have additionally been tested against the (internationally recognised) Common Criteria under the aspect of SigG and SigV conformity by the German Office for Security in Information Technology (BSI). In addition to the technical security of the product in accordance with the Common Criteria, conformity with the SigG and SigV with regard to the relevant security-technical functions of the OpenLimit SignCubes Basis Components 2.1 in the sense of generating and verifying certified electronic signatures was proven and confirmed by the BSI.

Signature legislations in Europe
Compliance with the SigG and SigV is also of significance for other signature legislation in European countries that is derived from Directive 1993/93/EC from the European Parliament and Council dated 13th December, 1999 on the common basic principles of electronic signatures.

SigG confirmation

Relevance for users

  • Signatures created with OpenLimit are compliant with the German Signature Act.
  • Signature test with OpenLimit is compliant with the German Signature Act.
  • Documents electronically signed with OpenLimit have got the same legal validity as documents manually signed in Germany.