SEID 2.0 becomes the new standard for using PKI and Digital Certificates
The new Norwegian certificate profiles in SEID version 2.0 will replace the previous certificate profiles and facilitate the use of PKIs and digital certificates across Europe. The new certificate profiles include both personal ID and enterprise certificates.
Personal digital identities and enterprise identities based on PKI and certificates are used extensively throughout Norway, and are crucial for maintaining security in private and public organisations, including socially critical infrastructure. This is specified trough a standard called SEID. The current SEID version 1.0 has been in use for 15 years. However, in 2018, the EU regulation on electronic IDentification, Authentication and Trust Services (eIDAS) was adopted into Norwegian law, setting new requirements for digital certificates.
Continuing National Certificate Profiles while Harmonising with Europe
SEID is a collaborative project between a number of Norwegian stakeholders from both public and private sectors on eID and electronic signatures. Buypass has played a key role in updating the current version to SEID 2.0 .
SEID 2.0 not only continues the recommended national certificate profiles, but harmonises them with the common European certificate profiles defined by eIDAS. In doing so, SEID guarantees uniform certificate profiles in the Norwegian market and safeguards the use of certificates across national borders.
This enables certificate recipients to predict the type of information they can expect to find in certificates from Norwegian certificate issuers, as well as how the information will be interpreted and the expected quality of the information.
Stronger Cryptography and Second-Generation Certificate Authority (G2 CA) from Buypass
In addition to adapting our personal ID certificates and enterprise certificates to new certificate profiles, Buypass is also working to further increase the security levels of our products.
We are increasing the key length from RSA 2048 bits to RSA 3072 bits, and facilitating the use of ECC (Elliptic Curve Cryptography) keys in our enterprise certificates.
Furthermore, Buypass will adopt to a new generation of CA`s for issuing certificates throughout autumn 2021. These changes will allow our certificates to be more flexible and better adapted to current needs and requirements.
Norwegian organisations must adopt SEID 2.0
In order to use the new certificate profiles, changes must be made to the systems that uses certificates for employees and organisations in Norway. These changes may depend on adapting 3.party applications and thus may take several months to fully implement. It is thus important that Norwegian organisations begin this process now, to ensure that their systems can support SEID 2.0 when the standard take effect.
To ensure that our certificates comply with the new standard, Buypass will upgrade multiple types of certificates from SEID 1.0 to 2.0 throughout the year. This responsibility also lies with the IT departments and management teams that have the task of facilitating the use of SEID 2.0 in their organisation’s certificate-based applications and systems.
Facts about SEID
- SEID manages the type of information in personal ID and enterprise certificates in Norway
- SEID 2.0 will be phased in from 1 September 2021
- SEID 2.0 complies with the certificate requirements set by the eIDAS regulation, which was adopted into Norwegian law in 2018
- Certificates with SEID 1.0 that are valid for three years can issued up to 1 June 2022
- Certificates with SEID 1.0 will be able to be used until their expiry after three years
- Some certificates will be automatically updated from version 1.0 to 2.0