At the moment no technical difficulties are known.
Smart Registration Service
At the moment no technical difficulties are known.
Maintenance work Developer Website08. - 15. October 2021
Dear customers, due to maintenance work our website for developers is currently not available since October 8th . We will inform you as soon as the site is back online.
Maintenance window Signing Service08. August 2021, Worldwide
There will be a maintenance window for Signing Service on Tuesday, 8th of August 2021, from 02:00 to 06:00 AM. The work on the application may lead to short service interruptions (max. 1-2 minutes).
QES Problem12. July 2021, worldwide
The problem with the QES signature is solved:
Since about 11.10 am on 12.7.21, a declaration of will could not be processed until 1 pm. After that, all subscribers were able to sign again, who did not rely on the lookup call. This problem was finally solved up to about 3.45 pm.
The reason for this was an error in the network configuration when switching a system.
The problem is now examined in detail and measures are defined. Further updates will be communicated on this status page after solving the problem.
Investigation of details of this issue was done and the reasons were clearly identified:
Issue with one network component in combination with some external events which lead to a longer downtime as expected.
The supplier of the network component was involved and the first fixes are implemented. Further activities are defined to additionally monitor this situation of combined events and react on this. It will be implemented in the upcoming sprints.
Technical News on our Servcies
- Signing Service
- Smart Registration Service
Technical updates - Signing Service
Start Developer Page01. October 2021
We updated our home page with an integration section dedicated for our partners and upcoming parters. It covers all aspects of signing application integration including videos etc. The page can be selected via the main menu - topic "Know-How" - "Developer Site" or you could directly open it by the link https://dev.trustservices.swisscom.com/
Switzerland: New version of the validator of the Federal Administration31. August 2021, Switzerland
The federal administration has released a new version of the signature validator at https://validator.ch. By now recent problems with algorithms (like SHA512) and the validation of the new CA generation are resolved. This means there is no longer any obstacle to switch to the new CA4 certificate generation for ZertES (SigE) in Switzerland.
Swisscom has added information in section 2.3 what happens in case of a longterm certificate if the crytological protection is no longer sufficient due to the progress in technology:
Should Swisscom have to revoke the signature certificate due to insufficient algorithms, the applicant for this certificate will be informed and receive an offer for a new certificate with sufficient cryptological protection.
Technical updates - Smart Registration Service
12.10.21 Update RA Agency Contracts12. October 2021, worldwide
The RA agency contracts were renewed. These have now also been extended to the new revised DPA of Switzerland. I.e. it invents the mention of the DPA, which, however, is exactly oriented towards the GDPR. In this respect, little has changed in terms of the content of commissioned processing in this area. The process has also been described again as it is currently in the app. New extended rules apply to the TOMs: The phone can also be secured by choosing a shorter (6-digit) PW if the number of retries is limited.
SRS: Integration of German eID (Personalausweis/ID card)06. September 2021, Germany
In the scope of the Smart Registration Service (SRS) the use of the German ID Card as integrated eID registration is now possible for QES (eIDAS). This option must be ordered and must be setup. In case of a voucher people can directly choose this way of registration. The method is explained here: SRS eID - YouTube. Please contact our sales support.
SRS-Bank - technical change09. July 2021
Dear Partner we inform you that there will be a small technical update on the use of SRS Bank that can imply a potential change on your implementation.
Change: The target URL will contain additionally a token so that it will be longer than the current target URL provided by the SRS API today. New target URL: https://ident.playgroud.klarna.com/SESSION_ID?access_token=ey******* . The URL will be around 700 characters, but we recommend not to limit it. The target URL must not be encoded.
Timeline: the change will be done on Production by Sept. 1st, 2021.
We kindly ask to check if a change is needed on your implementation and apply it latest by end of August 2021.
CA4: Update of application documentation16. April 2021
During the vetting due to the new activation of the new parallel accesses for teh seal based on the new root certificate CA4, we noticed that the application documents, which were previously available to us to issue a new seal certificate, are not sufficient or partly no longer valid (e.g. identity cards of the applicants) for some small number of our customers. The access of these customers to the new account will therefore be delayed until the necessary application documents are available in accordance with our regulatory regulations. They will be contacted by our Sales Support. Up to the activation of the new CA4 seal they could use their current seal.
Swisscom Timestamp now Qualified for eIDAS23. December 2020, worldwide
The regulatory supervisory body RTR in Austria informed us today that the Telekom Control Commission has decided that Swisscom can also offer the time stamp as qualified for eIDAS.
NEW: The qualified timestamp is now published in the eIDAS trust list officially.
New CA4 in October15. February 2021, Switzerland
The new CA4
The new rules and regulations require certification service providers and trust service providers to use better algorithms to ensure the trustworthiness of signatures in the future. Swisscom will first replace the root certificate authority instance (CA) for Switzerland (CH jurisdiction) and later also for the EU (eIDAS jurisdiction), thereby adapting the entire certificate chain and providing for the new algorithms. This concern, on the one hand, the so-called "padding algorithm" which will switch from currently SASSA-PKCS1 v1_5 to RSASSA-PSS, and on the other hand the key length, which will be increased from 2048 to 3072.
What are the implications?
- The size of the signature in the signed document changes, i.e. the signature takes up more space. Since signature applications make estimates to the best of their knowledge of how much space a signature requires, it may be that this estimate is no longer correct and therefore a signature is no longer possible.
- If you use standard applications that display trusted signatures, such as Adobe Reader, the latter will continue to trust the signatures. However, if you have special applications that first require the root certificate of the certificate chain for trustworthiness, you must reinstall it.
When will the changes take effect?
We are planning a changeover in quarter I/II 2021. In addition to the existing account ("ClaimedID") we will issue a new ClaimedID based on the new certificate chain to customers. After 2-3 months we will switch off the old ClaimedIDs. In this respect, it is possible to test and switch individually during this period of time.
What do you need to do?
If you are the developer of the signature application you are using, you should observe the notes on the development information page https://github.com/SCS-CBU-CED-IAM/AIS/wiki/Swisscom-CA-4 . Otherwise, you should inform the partner which provided you with the signature application. At the same time, however, we will also inform all our partners.
We will inform you with further details in February 2021.