ANNEX I CRequirements for construction, testing, installation, and inspection
COMMON SECURITY MECHANISMS
PART BSECOND-GENERATION TACHOGRAPH SYSTEM
9.KEYS AND CERTIFICATES
9.1.Asymmetric Key Pairs and Public Key Certificates
9.1.3Member State Level
CSM_61
At Member State level, all Member States required to sign tachograph card certificates shall generate one or more unique ECC key pairs designated as MSCA_Card. All Member States required to sign certificates for vehicle units or external GNSS facilities shall additionally generate one or more unique ECC key pairs designated as MSCA_VU-EGF.
CSM_62
The task of generating Member State key pairs shall be handled by a Member State Certificate Authority (MSCA). Whenever a MSCA generates a Member State key pair, it shall send the public key to the ERCA in order to obtain a corresponding Member State certificate signed by the ERCA.
CSM_63
An MSCA shall choose the strength of a Member State key pair equal to the strength of the European root key pair used to sign the corresponding Member State certificate.
CSM_64
An MSCA_VU-EGF key pair, if present, shall consist of private key MSCA_VU-EGF.SK and public key MSCA_VU-EGF.PK. An MSCA shall use the MSCA_VU-EGF.SK private key exclusively to sign the public key certificates of vehicle units and external GNSS facilities.
CSM_65
An MSCA_Card key pair shall consist of private key MSCA_Card.SK and public key MSCA_Card.PK. An MSCA shall use the MSCA_Card.SK private key exclusively to sign the public key certificates of tachograph cards.
CSM_66
An MSCA shall keep records of all signed VU certificates, external GNSS facility certificates and card certificates, together with the identification of the equipment for which each certificate is intended.
CSM_67
The validity period of an MSCA_VU-EGF certificate shall be 17 years plus 3 months. The validity period of an MSCA_Card certificate shall be 7 years plus 1 month.
CSM_68
As shown in Figure 1 in section 9.1.7, the private key of a MSCA_VU-EGF key pair and the private key of a MSCA_Card key pair shall have a key usage period of two years.
CSM_69
An MSCA shall not use the private key of an MSCA_VU-EGF key pair for any purpose after the moment its usage period has ended. Neither shall an MSCA use the private key of an MSCA_Card key pair for any purpose after the moment its usage period has ended.
CSM_70At any moment in time, an MSCA shall dispose of the following cryptographic keys and certificates:
The current MSCA_Card key pair and corresponding certificate
All previous MSCA_Card certificates to be used for the verification of the certificates of tachograph cards that are still valid
The current EUR certificate necessary for the verification of the current MSCA certificate
All previous EUR certificates necessary for the verification of all MSCA certificates that are still valid
CSM_71If an MSCA is required to sign certificates for vehicle units or external GNSS facilities, it shall additionally dispose of the following keys and certificates:
The current MSCA_VU-EGF key pair and corresponding certificate
All previous MSCA_VU-EGF public keys to be used for the verification of the certificates of VUs or external GNSS facilities that are still valid