If I shall put the two AES based on a qualified certificate, in fact exactly the same e-signatures, in front of you and were to tell you about one of them that it was created by a QES-CD, which one would be better for you, huh?
Besides, obviously, “the American one”, when it comes to e–signatures, the one created by a QES-CD is better.
But what exactly makes it better?
What is a qualified electronic signature creation device?
Qualified electronic signature creation device is a configured software or technical equipment used to create e-signatures that meets the requirements set out in the eIDAS regulation. It follows that those are certified devices – tokens and cards.[1]
The private key for creating e-signatures is generated directly on this device and remains stored on it. This guarantees a higher level of security. A QES-CD is therefore what separates QES from the rest of AES.
But do I need it though?
The Czech “recognised electronic signature” does not have to meet the criteria for QES.
Therefore, it does not have to be created by the QES-CD for it to be acceptable in official communication with authorities.
It follows that for such purposes, in the Czech Republic, it is enough if one has the private key stored anywhere on the computer or any other device.
Do you have and use a QES-CD? And can I see it?
[1] For example, see here.
Comentarios