Conformant to the latest ETSI TS 119 612 V2.1.1 (2015-07) Electronic Signatures and Infrastructures (ESI); Trusted Lists;
and 2015/1505/EU COMMISSION IMPLEMENTING DECISION of 8 September 2015, laying down technical specifications and formats relating to trusted lists pursuant to Article 22(5) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market

This version can handle simultaneously all the ten types of the Trusted List:
1) EU Member State Trusted List, version 5
2) List of Lists of the EU, version 5
3) non EU countries, international organization Trusted List, version 5
4) List of Lists of non EU countries and international organization, version 5
5) EU Member State Trusted List, version 4
6) List of Lists of the EU, version 4
7) non EU countries, international organization Trusted List, version 4
8) List of Lists of non EU countries and international organization, version 4
9) EU Member State Trusted List, version 3
10) List of Lists of the EU, version 3

New functions:
- migrateTrusted List version 4 to version 5 (as described in Annex J of TS 119 612) with a single click, make detailed log on the changes

Performance:
- better and faster rendering of the navigation tree

Tags: Machine processable form-XML, Human readable form-PDF, Compliance, Analyze trusted lists

Improvements:
- including the scheme territory, sequence number and list issue date time in report headers
- new report “same public keys” for detecting whether the same public key appears more than once in the Trusted List, available in the popup menu by clicking on the root node

Improvements:
1) Generate self-signed Certificate for Signing the Trusted List: the information included in the certificate are filled automatically based on the selected Member State and with information from the last issued Trusted List of that Member State.

2) Improved handling of changes in the LOTL machine processable form signing certificates and LOTL human readable form SSL certificates:
- TLEdit detects that EU has published new certificates and provides a warning to the user.
- On user confirmation, TLEdit automatically adjust the proper content of the PointersToOtherTSL element.

Tags: Generate self-signed certificate for signing the Trusted List, List of lists-LOTL, Human readable form-PDF, Machine processable form-XML

Improved functions:
- Check Against TSL Function can validate all types of PAdES and XAdES signatures
- Check Against TSL Function can validate all signatures presented in ASiC containers
- Check Against TSL Function can validate a single certificate or time-stamp

BugFix:
- proper representation of Service Digital Identity when more than one certificate related to the same public key and have identical subject names (see Trusted Lists of Austria issued after December 5, 2014)

Tags: Check against TSL, Compliance

Improvements:
- including the pointer to the human readable version of the LOTL in PointersToOtherTSL element

Bugfix: the text of PolicyOrLegalNotice/TSLLegalNotice has updated to align the wording with CD 2013/662/EU (the occurrence of the word "the" has been removed before the word "Directive")

Performance:
- better and faster rendering of XML trees
- faster XML validation

Tags: Performance, TSL editing

Conformant to the latest ETSI TS 119 612 V1.2.1 (2014-04) Electronic Signatures and Infrastructures (ESI); Trusted Lists; standard

This version uses simultaneously the proper standard version for all the six types of the Trusted List:
1) TS 119 612 V1.2.1 (2014-04): non EU countries, international organization Trusted List, version 4
2) TS 119 612 V1.2.1 (2014-04): List of Lists of non EU countries and international organization, version 4
3) TS 119 612 V1.1.1 (2013-06): EU Member State Trusted List, version 4
4) TS 119 612 V1.1.1 (2013-06): List of Lists of the EU, version 4
5) TS 102 231 V3.1.2 (2009-12): EU Member State Trusted List, version 3
6) TS 102 231 V3.1.2 (2009-12): List of Lists of the EU, version 3

Improved functions:
- upgrade (convert) Trusted List version 3 to version 4 with a single click, make detailed log on the changes
- Content Errors function (available in the popup menu) reports only the errors found during the content validation check

Improvements:
- Preferences menu item is available in the Apple menu on Mac OS X
- new “add additional names” button on TSP trade name editor pane for adding new text fields to input the VAT number and/or official national trade registration number
- compatibility with the Java 8 Runtime Environment

Performance:
- better and faster Analyze Trusted Lists

Tags: Java8, Performance, TSL editing

Some improvements for the Trusted List maintained and issued by international organizations.

Tags: Trusted List editing

Conformant to the latest ETSI TS 119 612 V1.1.1 (2013-06) Electronic Signatures and Infrastructures (ESI); Trusted Lists;
and 2013/662/EU COMMISSION IMPLEMENTING DECISION of 14 October 2013 amending Decision 2009/767/EC as regards the establishment, maintenance and publication of trusted lists of certification service providers supervised/accredited by Member States

This version can handle simultaneously all the six types of the Trusted List:
1) EU Member State Trusted List, version 3
2) List of Lists of the EU, version 3
3) EU Member State Trusted List, version 4
4) List of Lists of the EU, version 4
5) non EU countries, international organization Trusted List, version 4
6) List of Lists of non EU countries and international organization, version 4

New functions:
- upgrade (convert) Trusted List version 3 to version 4 with a single click, make detailed log on the changes
- new Content Errors function (available in the popup menu) that reports only the errors found during the content validation check
- all the generated reports can be viewed in an external browser also
- generate a self-signed certificate for signing the Trusted List (see: TS 119 612, Section 5.7.1), available in the Tools menu
- XML validation against the proper XML schemas determined on the basis of the value of the TSLVersionIdentifier field
- added new country: HR (Croatia)

Improvements:
- keeping PDF/A conformance during signing of the human readable from by converting the visible signature text to graphics

Performance:
- better and faster rendering of the navigation tree

Tags: Analyze trusted lists, Certificate, Check against TSL, Compliance, Human readable form-PDF, Java7, Machine processable form-XML, Member state, Performance, Signature, TSL editing, Generate self-signed certificate for signing the Trusted List

TLEdit now supports and handles automatically the new certificate published on page 8 of the Official Journal of the European Union C 374 of 22.12.2011 that can be used by the Commission to sign electronically the machine processable version of the list of lists (LOTL).

Tags: List of lists-LOTL

TLEdit now tested and fully compatible with the Java 7 Runtime Environment.

Tags: Java 7

Bugfix: Analyze trusted lists function didn’t find the machine processable and human readable form of the trusted list that was published in a ZIP file if the ZIP entry contains uppercase extension.
TLEdit now handles the ZIP entries as case insensitive file extensions.

Tags: Analyze trusted lists

TLEdit now uses the latest certified CryptoSigno Interop v2.3.0 b141 security module for signature generation and verification.

Improvements on the Check against trusted lists function:
- Verifying and validating XAdES v1.4.2 (ETSI TS 101 903 V1.4.2 2010-12) signatures.
- Displaying CRLs found in the validated signature in tree view.

Tags: Signature

Improvements on the signature verification of Trusted Lists:
- Automatically using the Member State signing certificate published in the list of lists (LOTL) for signature verification.
- If the Member State signing certificate is not published in the LOTL, the supposed signing certificate can be selected from the file system.

Improvements on the Check against trusted lists function:
- Using the CA QC/PKC certificates listed in the Trusted List as Trust Anchors, automatically downloading the freshest Trusted List based on the country code of the certificate issuer.

Improvements on the certificate viewer component:
- Using certification path builder wizard to build and display the upper hierarchy above CA services listed as accredited/supervised in a Member State Trusted List. Using the intermediate and root certificates from the signature, downloading the missing certificates using the URLs from the AIA extension and performing cross-certification as a last resort.

Improvements on the Content audit function of the LOTL:
- The report now includes the country code and name of the Member State whose certificate is missing from the PointersToOtherTSL/OtherTSLPointer element.

Tags: Signature, Check against TSL, List of lists-LOTL, Certificate

Performance tuning.
- TLEdit startup is 62% faster than before
- loading of a big TSL is 54% faster now

Tags: Performance

Improved localization, ability to change the spoken language on-the-fly by loading new lingual dictionaries from the local file system (see also Tutorial 7).

New options at adding a new service:
- insert at the beginning
- append to the end
- insert before the selected item.

Improved revocation check algorithm in Check against trusted lists function.

Configurable keystore types for signing the TSL.

Tags: Localization, Check against TSL, Signature

A new Icon size submenu is available in the View menu to resize icons of the navigation tree on-the-fly.

TLEdit now is able to download and display machine processable and human readable form of the trusted list that was published in a ZIP file.

Shorter and more informative tooltip on Pointers to other TSLs and Policy or legal notice pane.

A new Open URI button is available on the Pointer to other TSL pane to download the referred machine processable or human readable form.

Bugfix: Only the first URI of SchemeTypeCommunityRules was filled in the newly created TSL. Now the second, member state dependent URI is also pre-filled with the proper value.

Bugfix: Ctrl+C (copy), Ctrl+V (paste) keyboard shortcuts didn’t work properly on Windows.

Bugfix: Check against trusted lists function throwed an error after password change.

Tags: Machine processable form-XML, Human readable form-PDF, Member state

New Check against TSL function: Verification of full scale of XAdES type cross-border electronic signatures and validation on the basis of the trusted lists.

Tags: Check against TSL

The gray information box at the beginning of service and history chapters in the human readable form contains hyperlink to the corresponding provider of service and service of history (See also Hyperlink doesn't work in Adobe Reader, why?).

TLEdit now accepts the same service digital identity more than once with different service types, in accordance with CD 2009/767/EC, page L299/40.

Performance improvement of Analyze trusted lists function.

XML signature of machine processable form will not contain xades:CertificateValues anymore. Regarding to the Trust Model introduced by CD 2010/425/EC, including the relevant upper certificate chain of TSL signing certificate is not necessary and undesirable.

Tags: Human readable form-PDF, Machine processable form-XML

Change of font sizes and layout in human readable form results fewer pages in PDF (about 33% saving).

Configurable memory pool size for Java results better performance (see also File menu, Preferences, TL editing preferences, Memory and How can I configure memory allocated to Java and what is a proper size?).

Enhanced editing capability for LOTL (list of lists).

Tags: Human readable form-PDF, List of lists-LOTL, Performance

Performance improvement of rendering HTML reports.

Tags: Performance

New Analyze trusted lists function that automatically downloads the trusted lists of all Member States using the URIs from the LOTL (list of lists) and displays these in the same way as your edited, own trusted list.

Compliance with COMMISSION DECISION of 28.07.2010, amending Decision 2009/767/EC as regards the establishment, maintenance and publication of trusted lists of certification service providers supervised/accredited by Member States (C(2010) 5063).

Tags: List of lists-LOTL, Compliance

TLEdit now accepts an end certificate with Certificate Policies extension marked as critical at certification path building step of signing process.

Added exclusive canonicalization transformation to enveloped signature of machine processable form.

Tags: Machine processable form-XML, Certificate

Signing human readable form of trusted list with PAdES Basic (PKCS#7) signature.

Tags: Human readable form-PDF, Signature

Added machine processable form signing certificate and human readable form SSL certificate of LOTL ("list of lists") into OtherTSLPointer, PointersToOtherTSL element.

New LOTL preferences settings in File menu, Preferences menu item to configure the actual certificates published by EC.

TLEdit now periodically downloads the machine processable and human readable form of the LOTL, finds out the actual signing and SSL certificates, checks the equality with certificates configured in the LOTL preferences. In case of mismatch, displays a warning message for the user.

Tags: Machine processable form-XML, Human readable form-PDF, List of lists-LOTL, Certificate

Added new (non-EU member state) countries: - NO (Norway), IS (Iceland).

Bugfix: Improper handling the last opened file in case of file name contains SPACE character.

Tags: Member state

Performance tuning of provider and services import.

Tags: Performance

TLEdit now offers XML validation service for the SIE/Qualifications element at editing.

Enhanced checking rules for critical SIEs.

Tags: TSL editing

Now you can include Table of Contents in the human readable form by checking on the proper checkbox.

Tags: Human readable form-PDF

Move a service node to an other location under the same provider node.

Enhanced checking rules for history instances.

Special icon indicates service with not 'undersupervision' or 'accredited' status in the navigation tree.

Tags: TSL editing

Support for creating signature with Smart Card and private key handled by Microsoft CryptoAPI (only on Windows).

Configurable list of PKCS#11 cryptographic devices.

Signature verification with the official published certificate of the Scheme Operator.

Tags: Signature

Bugfix: At creating Human Readable format, at handling ecc:Qualifications, ecc:QualificationElement, ecc:CriteriaList element - only the first ecc:PolicySet content was printed (multiple ecc:PolicySet element is also allowed here).

Tags: Human readable form-PDF

Refinement in English translation and national flag pictures for human readable forms.

Tags: Human readable form-PDF

Improvement: Accepting "xtsl" and "xts" file extension also.

Bugfix: Text of SchemeName should be accepted both with (Corrigenda CD 2009-7806.pdf, page L299/31) and without (COMM_NATIVE_C_2009_7806_F_EN.pdf, page 22) the ending period character.

Tags: Compliance

Bugfix: MimeType in the pointer to EC List of the Lists should be application/vnd.etsi.tsl+xml (not application/vnd.etsi.tsl.xml which is a mistake in ETSI TS 102 231 V3.1.1)

Bugfix: Improper order of HistoricalInformationPeriod and PolicyOrLegalNotice in HR form.

Tags: List of list-LOTL, Human readable form-PDF

Human readable form generated by TLEdit enhanced to PDF/A (ISO 19005).

Tags: Human readable form-PDF

Improved handling of SIE in human readable form.

Tags: Human readable form-PDF, TSL editing

Pointers to others TSLs is mandatory (CD 2009/767/EC page L299/36).

Bugfix: Text of SchemeName element was not aligned with Corrigenda CD 2009-7806, L. 299/31

new text:
Supervision/Accreditation Status List of certification services from Certification Service Providers, which are supervised/accredited by the referenced Scheme Operator Member State for compliance with the relevant provisions laid down in Directive 1999/93/EC.

old text:
Supervision/Accreditation Status List of certification services from Certification Service Providers, which are supervised/accredited by the referenced Scheme Operator Member State for compliance with the relevant provisions laid down in Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures

Tags: Compliance

TLEdit now provides XML validation of trusted list against the relevant XML schemas.

New: human readable form (PDF document) creation.

Tags: TSL editing, Human readable form-PDF

Improvement: Enhanced editing capability and checking rules for the LOTL (list of list).

Bugfix: Bulgarian language codes: change from [bg,br-latn] to [bg,bg-latn].

Tags: List of lists-LOTL

Bugfix: id-at-serialNumber (OID: 2.5.4.5) was encoded with OID and # in tsl:X509SubjectName element.

Bugfix: ServiceDigitalIdentity plugin "remembers" the old certificates added.

Tags: Human readable form-PDF

Improvement: Compliance version based on TLS Plug-Tests 23-26/11/2009 F2F meeting report.

• http://uri.etsi.org/TrstSvc/Svcstatus/eSigDir-1999-93-EC-TrustedList/Svcstatus/accredited typo on page L999/40 of the Corrigenda of CD 2009/767/EC has been replaced by http://uri.etsi.org/TrstSvc/eSigDir-1999-93-EC-TrustedList/Svcstatus/accredited

• http://uri.etsi.org/TrstSvc/eSigDir-1999-93-EC-TrustedList/TSLtype/generic typo on page L999/30 of the Corrigenda of CD 2009/767/EC has been replaced by http://uri.etsi.org/TrstSvc/eSigDir-1999-93-EC-TrustedList/TSLType/generic

• Transliteration in Latin script has been added for BG (Bulgaria), EL (Greece) and CY (Cyprus).

• Capability of handling more than one local language for countries with several related languages (e.g. Spain, ES, es,ca,eu,gl)

• Language codes in accordance with Annex 1, TLS Plug-Tests 23-26/11/2009 F2F meeting report.

Bugfix: TLEdit displays NullPointerException error message in several cases due to language code change.

Bugfix: Deceptive message in content audit report when HistoricalInformationPeriod > 3653.

Tags: Compliance, List of lists-LOTL, TSL editing, Country

Bugfix: Text of LegalNotice was ranked as wrong by content audit function if it contains a second optional part (like FR) after the first mandatory part, related to Member State.

Bugfix: Import on scheme information node doesn't work properly when TSL is signed already.

Tags: TSL editing, Signature

Bugfix: Improper use of DigitalId and DigitalIdentity in ServiceDigitalIdentity element.

Bugfix: TLEdit accepts invalid URI in NonEmptyMultiLangURI and NonEmptyURI.

Tags: TSL editing

Internationalized and localized version.

Tags: Country

Updated version based on TSL Life Cycle test observations.

Updated version based on Revised draft COM Decision v.2 (clean).

Tags: TSL editing

Updated version based on ETSI TS 102 231 V3.1.1.

Tags: TSL editing

Updated version based on Draft COM Decision - Trusted List TSL Common Template spec v.1., 16.06. 2009

Tags: TSL editing

Updated version based on Technical specification for the proposed Common Template for the "Trusted List of supervised/accredited CSPs" v.0.9, 19.03.2009.

Tags: TSL editing