What is an Electronic Registered Delivery Service (QERDS)?
A Qualified Electronic Recorded Delivery Service (QERDS) is a digital service that allows documents and messages to be sent and received securely between two parties. It offers the same legal security as registered mail as we know it from the past, but digitally. The purpose is to verify the identity of both the sender and the recipient and to ensure the integrity of the information sent.​
​​
What electronic registered delivery services are there?
An electronically registered delivery service has two forms.​
​​
1. Electronic registered delivery service (ERDS)
An electronic registered delivery service (ERDS) provides secure transmission and receipt of messages and documents.
-
Provides secure transmission and receipt of messages and documents by using encryption and tracking. It is certain that the information was sent securely and delivered unchanged to the recipient.
-
Provides no evidence that the information was actually received (can only be read) by the person to whom the information was sent by the sender.
-
Does not have a valid ETSI certification by an accredited Certification Assessment Body (CAB) and may not meet all the strict requirements of the eIDAS 2.0 regulation.​​​​
​​​
2. Qualified electronic registered delivery service (QERDS)
-
Offers the same legal value as registered mail, which we know from the past.
-
Is supported by qualified certificates, secure timestamps and a qualified trust service provider (QTSP).
-
Has a valid ETSI certification by an accredited Certification Assessment Body (CAB) and demonstrably meets all the strict requirements of the eIDAS 2.0 regulation.​​​​
​​​​​​
Wat are the differences between ERDS and QRDS?
-
Legal status: ERDS provides basic legal certainty, but QERDS has full legal recognition under the eIDAS regulation and is considered equivalent to registered mail.
-
Certification: QERDS uses qualified certificates issued by a qualified trust service provider (QTSP), while ERDS has no obligation for such certificates. In addition, the QERDS trust service is ETSI certified by an accredited CAB.
-
Security: QERDS provides advanced security measures, such as qualified timestamps, to ensure message integrity, while ERDS does not always have this.​​
What does the eIDAS trust service QERDS look like?
The eIDAS Trust Service QERDS (Qualified Electronic Registered Delivery Service) is designed to enable secure and legally binding transmission and receipt of electronic documents and messages. This service complies with strict requirements set out in the eIDAS Regulation and includes the following core aspects:
-
Identity verification: Both the sender and the recipient are verified by means of qualified certificates issued by a qualified trust service provider (QTSP). This ensures the authenticity of all parties involved.
-
Secure transmission: All messages and documents are transmitted via a secure channel, using cryptographic technologies, such as encryption, to protect the confidentiality and integrity of the content.
-
Time stamps: Each message sent and received is provided with a qualified timestamp. This provides irrefutable evidence of the time at which the transaction took place and guarantees the integrity of the process. 4. Proof of receipt and delivery: QERDS generates legally binding proof of both sending and receiving, which is crucial in the event of disputes or legal proceedings.
-
Interoperability within the EU: QERDS complies with the interoperability requirements set out in the eIDAS Regulation, allowing the service to be used in all Member States of the European Union.
​​
How the QERDS works in practice
-
Identity verification: The sender and recipient of the document must first identify themselves via an officially recognised method, such as a passport or digital identification (via mobile phone). This ensures that the persons involved are reliably identified before an electronic message is sent or received.
-
Sending the document: The sender sends the document via a qualified electronic registered delivery service (QERDS). The document is encrypted and the system generates a timestamp and proof of sending, which contains the exact time and the identity of the sender. The QERDS uses qualified digital signatures QES to authenticate the sending and ensure the integrity of the document.
-
Receipt of the document: The recipient receives the document via the QERDS, whereby the system generates a proof of receipt, including a timestamp of receipt and the identity of the recipient. The document is checked for integrity by the service.
​​​​​​​​Which ETSI standards must the eIDAS trust service QERDS comply with?
The eIDAS Regulation refers to specific standards developed by the European Telecommunications Standards Institute (ETSI) to ensure that trust services, such as the Qualified Electronic Registered Delivery Service (QERDS), are secure and interoperable within the EU. Why are these standards important?
-
Interoperability: The standards ensure that QERDS systems can be used throughout the EU.
-
Legal certainty: They ensure that the QERDS meets the legal requirements of eIDAS.
-
Security: They impose strict requirements on systems and processes to prevent misuse or counterfeiting.
​Below you will find an overview of the most important ETSI standards that an eIDAS-compliant Qualified Electronic Registered Delivery Service (QERDS) must comply with.
​
1. General standard for trust services and TSPs
-
ETSI EN 319 401: “General Policy Requirements for Trust Service Providers”
-
Defines the general requirements that a Trust Service Provider (TSP) must meet.
-
Includes security management requirements, operational procedures, and audit requirements.
-
​​​
2. Standards for electronic delivery services
-
ETSI EN 319 521: “Electronic Policy and security requirements for Electronic Registered Delivery Service Providers”
-
Contains the basic requirements that the provision of electronic delivery services must meet.
-
-
ETSI EN 319 522: “Electronic Registered Delivery Services".
​​​​
3. Standards for timestamping within QERDS
-
ETSI EN 319 421: “Policy and security requirements for Trust Service Providers issuing Time-Stamps"
-
Defines requirements for QTSPs for issuing timestamps. This includes reliability, time accuracy, and the use of secure cryptographic techniques.
-
-
ETSI EN 319 422: "Policy and security requirements for Trust Service Providers issuing Qualified Time-Stamps"
-
Sets additional requirements for the issuance of qualified time stamps under eIDAS.
-
​​
4. Standards for Registered Electronic Mail (REM)
Registered Electronic Mail (REM) is a specialized form of electronic recorded delivery that builds on the formats, protocols and mechanisms used for regular email messages. The standards surrounding electronic recorded delivery services contain general concepts and requirements that apply to all forms of electronic recorded delivery. Because REM is a specific variant, the REM guidelines build on the relevant ERDS documents. They refer to the necessary provisions and define the interpretations and specific requirements that apply exclusively to registered electronic mail.
-
ETSI EN 319 531: “Policy and security requirements for Registered Electronic Mail Service Providers"
-
Contains the basic requirements that REM TSPs must meet.
-
-
ETSI EN 319 532: “Registered Electronic Mail (REM) Services".
​
​​​Additional specifications and security requirements
Depending on the design and setup of the trust service, reference will be made from the above standards to various technical specifications and/or additional security requirements. Examples of these are:
-
ETSI TS 119 524-1: "Electronic Signatures and Infrastructures (ESI); Testing Conformance and Interoperability of Electronic Registered Delivery Services; Part 1: Testing conformance"
-
ETSI TS 119 524-2: "Electronic Signatures and Infrastructures (ESI); Testing Conformance and Interoperability of Electronic Registered Delivery Services; Part 2: Test suites for interoperability testing of Electronic Registered Delivery Service Providers"
-
ETSI TS 119 534-1: "Electronic Signatures and Infrastructures (ESI); Testing Conformance and Interoperability of Registered Electronic Mail Services; Part 1: Testing conformance"
-
ETSI TS 119 534-2: "Electronic Signatures and Infrastructures (ESI); Testing Conformance and Interoperability of Registered Electronic Mail Services; Part 2: Test suites for interoperability testing of providers using same format and transport protocols"
-
These standards address the testing of conformance and interoperability of Qualified Electronic Registered Delivery Services (QERDS).
-
-
ETSI TS 119 461: "Electronic Signatures and Infrastructures (ESI); Policy and security requirements for trust service components providing identity proofing of trust service subjects"
-
Defines the policy and security requirements for trust service components that perform identity verification.
-
The Importance of QES in Qualified Electronic Recorded Delivery Services (QERDS)
​To ensure the legal validity and security of documents sent via a Qualified Electronic Registered Delivery Service (QERDS), a Qualified Electronic Signature (QES) is essential. The QES is required to guarantee the authenticity of the sender, ensure the integrity of the document and non-repudiation, meaning that neither the sender nor the recipient can deny the transaction. Without a QES, a QERDS cannot provide the full legal guarantees required for secure and verifiable document exchange. For more information on QES, please refer to our dedicated page on qualified electronic signatures.