> Hmmm... last I heard, qualified certificates can only be issued to
> individuals, and invoicing (of the e-form that the regulations speak)
> can only be done by VAT-registered companies.


> Is that not the case?  How is Germany resolving the contradictions?

By using pseudonyms within the certificate's common name. This
is not only done in Germany but in other countries as well.
Even CAs (and, at least in Germany, the root CA) are being
issued qualified certificates, thus they need to use
pseudonyms. The timestamping service by Deutsche Post, e.g.,
has a qualified certificate with the following DN:

Subject DN         : CN  = TSS DP Com 31:PN
                     OU  = Signtrust
                     O   = Deutsche Post Com GmbH
                     C   = DE

>> Since electronic invoices need to be archived in
>> most countries some vendors apply time-stamps and
>> recommend to re-apply time-stamps from time to time.
> Easier to invoice with paper!

potentially much more expensive, though.



T.I.S.P.  -  Lassen Sie Ihre Qualifikation zertifizieren
vom 25.-30.06.2007 - http://www.secorvo.de/college/tisp/
Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to