9.1.2 European Level U.K.

CSM_53At European level, a single unique ECC key pair designated as EUR shall be generated. It shall consist of a private key (EUR.SK) and a public key (EUR.PK). This key pair shall form the root key pair of the entire European Smart Tachograph PKI. This task shall be handled by a European Root Certificate Authority (ERCA), under the authority and responsibility of the European Commission.U.K.

CSM_54The ERCA shall use the European private key to sign a (self-signed) root certificate of the European public key, and shall communicate this European root certificate to all Member States.U.K.

CSM_55The ERCA shall use the European private key to sign the certificates of the Member States public keys upon request. The ERCA shall keep records of all signed Member State public key certificates.U.K.

CSM_56As shown in Figure 1 in section 9.1.7, the ERCA shall generate a new European root key pair every 17 years. Whenever the ERCA generates a new European root key pair, it shall create a new self-signed root certificate for the new European public key. The validity period of a European root certificate shall be 34 years plus 3 months.U.K.

Note: The introduction of a new root key pair also implies that ERCA will generate a new motion sensor master key and a new DSRC master key, see sections 9.2.1.2 and 9.2.2.2.U.K.

CSM_57Before generating a new European root key pair, the ERCA shall conduct an analysis of the cryptographic strength that is needed for the new key pair, given it should stay secure for the next 34 years. If found necessary, the ERCA shall switch to a cipher suite that is stronger than the current one, as specified in CSM_50.U.K.

[F1CSM_58 Whenever it generates a new European root key pair, the ERCA shall create a link certificate for the new European public key and sign it with the previous European private key. The validity period of the link certificate shall be 17 years plus 3 months. This is shown in Figure 1 in section 9.1.7 as well.] U.K.

Note: Since a link certificate contains the ERCA generation X public key and is signed with the ERCA generation X-1 private key, a link certificate offers equipment issued under generation X-1 a method to trust equipment issued under generation X.U.K.

Textual Amendments

F1 Substituted by Commission Implementing Regulation (EU) 2018/502 of 28 February 2018 amending Implementing Regulation (EU) 2016/799 laying down the requirements for the construction, testing, installation, operation and repair of tachographs and their components (Text with EEA relevance).

CSM_59The ERCA shall not use the private key of a root key pair for any purpose after the moment a new root key certificate becomes valid.U.K.

CSM_60At any moment in time, the ERCA shall dispose of the following cryptographic keys and certificates:U.K.

The current EUR key pair and corresponding certificate
All previous EUR certificates to be used for the verification of MSCA certificates that are still valid
Link certificates for all generations of EUR certificates except the first one

ANNEX I CU.K.Requirements for construction, testing, installation, and inspection

Appendix 11

COMMON SECURITY MECHANISMS U.K.

PART BU.K. SECOND-GENERATION TACHOGRAPH SYSTEM

9.KEYS AND CERTIFICATESU.K.

9.1. Asymmetric Key Pairs and Public Key Certificates U.K.

9.1.2 European Level U.K.

CSM_54The ERCA shall use the European private key to sign a (self-signed) root certificate of the European public key, and shall communicate this European root certificate to all Member States.U.K.

CSM_55The ERCA shall use the European private key to sign the certificates of the Member States public keys upon request. The ERCA shall keep records of all signed Member State public key certificates.U.K.

CSM_59The ERCA shall not use the private key of a root key pair for any purpose after the moment a new root key certificate becomes valid.U.K.

CSM_60At any moment in time, the ERCA shall dispose of the following cryptographic keys and certificates:U.K.