ISO 17442 Part 2: The LEI in Digital Certificates
Digital certificates are widely used, and their standards and technology platforms are mature and audited. Many policy and law makers have embedded digital certificates at the core of their digital signature legislation. Related products and services are widely available.
In order to facilitate the use of LEIs in digital certificates, the updated ISO standard 17442-2 was released in August 2020. This technical standard is necessary for the certificate authority industry to embed LEIs consistently into digital certificates.
With the release of the updated LEI ISO standard, GLEIF seeks to engage Certificate Authorities and Trust Service Providers, downstream application providers as well as private and public policy makers to encourage organizations to embed LEIs whenever certificates and seals are issued in a business context. This would apply to company seals as well as certificates for persons acting on behalf of a business. This also results in LEI issuance for the legal entity if the legal entity has not already obtained one.
GLEIF believes that digital certificates with embedded LEIs are an important enabler of digital transformation. This is because the qualified digital certificate by itself guarantees the identity of the signer and its signature guarantees document integrity and frames it in time, using qualified time stamps. Incorporating LEIs into digital certificates and document e-signature processes therefore can provide an additional layer of trust proof, since the LEI is a global secure mechanism that provides reliable data on organizational identity.
Using this model, data can be checked consistently using automation, regardless of the organization’s location, in the same way certificate validation is performed. Digital certificates with embedded LEIs also provide a direct link to the regularly updated LEI reference data, enabling more automated monitoring for revocation. The net result is strong and reliable validation of an organization’s data, together with the identity of those acting on behalf of the company.
GLEIF’s annual report publication process provides a demonstration of the value of using digital certificates with embedded LEIs. GLEIF’s 2019 annual report was published by ESMA on its website to provide a best practice example of a report published in the European Single Electronic Format (ESEF) format. The report is published in human and machine-readable Inline XBRL (eXtensible Business Reporting Language) and HTML formats, with LEIs embedded within both the annual report and the digital certificates of the report’s signing executive officers. The combination of these two features provides something completely unprecedented: instantly available, digitally verifiable credentials that confirm both the authenticity of document and the key individuals responsible for its content.
For parties interested to learn more, please contact GLEIF at firstname.lastname@example.org.