Commission Implementing Regulation (EU) 2016/799Show full title

Commission Implementing Regulation (EU) 2016/799 of 18 March 2016 implementing Regulation (EU) No 165/2014 of the European Parliament and of the Council laying down the requirements for the construction, testing, installation, operation and repair of tachographs and their components (Text with EEA relevance)

CSM_234 [F1An IDE may perform verification of a signature over downloaded data itself or it may use a control card for this purpose. In case it uses a control card, signature verification shall take place as shown in Figure 13. For verifying the temporal validity of a certificate presented by the IDE, the control card shall use its internal current time, as specified in CSM_167. The control card shall update its current time if the Effective Date of an authentic valid source of time certificate is more recent than the card’s current time. The card shall accept only the following certificates as a valid source of time: U.K.

  • Second-generation ERCA link certificates

  • Second-generation MSCA certificates

  • Second-generation VU_Sign or Card_Sign certificates issued by the same country as the control card’s own card certificate.

In case it performs signature verification itself, the IDE shall verify the authenticity and validity of all certificates in the certificate chain in the data file, and it shall verify the signature over the data following the signature scheme defined in [DSS]. In both cases, for every certificate read from the data file, it is necessary to verify that the Certificate Holder Authorisation (CHA) field is correct:

  • The CHA field of the EQT certificate shall indicate a VU or Card (as applicable) certificate for signing (see Appendix 1, data type EquipmentType).

  • The CHA of the EQT.CA certificate shall indicate an MSCA.

  • The CHA of the EQT.Link certificate shall indicate the ERCA.]

Notes to Figure 13: U.K.
The equipment that signed the data to be analysed is denoted EQT.U.K.
The EQT certificates and public keys mentioned in the figure are those for signing, i.e. VU_Sign or Card_Sign.U.K.
The EQT.CA certificates and public keys mentioned in the figure are those for signing VU or Card certificates, as applicable.U.K.
The EQT.CA.EUR certificate mentioned in the figure is the European root certificate that is indicated in the CAR of the EQT.CA certificate.U.K.
The EQT.Link certificate mentioned in the figure is the EQT's link certificate, if present. As specified in section 9.1.2, this is a link certificate for a new European root key pair created by the ERCA and signed with the previous European private key.U.K.
The EQT.Link.EUR certificate is the European root certificate that is indicated in the CAR of the EQT.Link certificate.U.K.

Textual Amendments