Trust Environment

VDSIC hosts Governance Board which establishes the foundational trust and rules.

Sets Global Standards: Defines and maintains the core VDS technical specifications, operational policies, and security requirements.

Manages Root Trust: Operates and secures the Governance List (Root LoTL), the ultimate trust anchor referencing accredited Scheme Operators.

Accredits Scheme Operators: Evaluates and approves organizations to act as Scheme Operators for specific VDS domains (e.g., countries, industries).

Ensures Global Interoperability: Facilitates harmonization to ensure VDS verification works seamlessly across different schemes and platforms.

Provides Oversight: Monitors compliance and security practices across the environment.

Operating under VDSIC’s authority, the Scheme Operator manage specific VDS schemes.

Manage Scheme Trust: Establish and maintain lists (Scheme LoTLs), which list the accredited Trust Service Providers (TSPs) and authorized Trust Service Lists (TSLs) within their specific domain.

Define Scheme Policies: May set scheme-specific policies and requirements, complementing VDSIC’s global standards.

Validate Manifests: Validate the scope of Manifest IDs within their scheme (via VDSManifestScope extension), ensuring uniqueness and preventing overlaps. Sign and publish the Manifest files used within their scheme.

Oversee Scheme Participants: Monitor the compliance of TSPs (including CAs) and VDS Issuers operating under their scheme’s rules.

TSPs, often acting as Certificate Authorities (CAs), are the entities accredited to issue the digital credentials underpinning VDS security.

Issue Signing Certificates: Provide X.509 digital certificates to authorized Issuers of VDS after rigorous identity validation, adhering to VDSIC and Scheme Operator policies (e.g., based on ETSI EN 319 411-1).

Manage Certificate Lifecycle: Securely handle the entire lifecycle of VDS signing certificates, including issuance, renewal, suspension, and critically, revocation (providing CRLs or OCSP services).

Maintain Trust Service Lists (TSLs): Publish and maintain digitally signed TSLs (compliant with ETSI TS 119 612 and VDSIC extensions) that list their services, authorized CAs (VDSAuthorityID), and provide crucial URIs for accessing public certificates (VDSCertResource) and Manifest files (VDSManifestResource).

Ensure Security: Employ robust security practices, including secure key generation and management (often using Hardware Security Modules – HSMs), compliant with international standards (ISO 27002).

These are the organizations authorized by Scheme Operator within a specific scheme to create and sign instances of VDS.

Generate VDS’s instances: Create Visible Digital Seals strictly following the rules and constraints defined in the specific Manifest file for their use case.

Sign VDS Data: Use their private key (corresponding to a valid, CA-issued certificate) to cryptographically sign the VDS Header and Payload hash, ensuring data authenticity and integrity.

Secure Key Management: Responsible for securely protecting their private signing keys.

Comply with Rules: Adhere to all operational and technical standards set by their Scheme Operator.

TEPs are the crucial endpoint applications that read and verify VDS’s data.

Acquire VDS’s Data: Read VDS’ ‘s data from various carriers (QR codes, NFC tags, digital files, URL fragments).

Execute Verification Process: Perform the step-by-step validation: check VDS structure, traverse the trust chain (TSLs), retrieve and validate the Manifest, retrieve and validate the signing certificate (including revocation checks), and cryptographically verify the VDS signature.

Interpret & Present Data: Use the validated Manifest to correctly decode and interpret the VDS’ ‘s Payload. Utilize the Response Formatting Function (RFF) defined in the Manifest to securely and consistently display the verified information to the end-user.