UPC: More information about access to new CMS

All very well, but we still have no clarification on which type of certificate for authentication will be required. Also, whilst it is nice to know that LuxTrust should be able to provide suitable secure devices, what about any other providers? Or, in the space of the approximately 11 weeks left before the (purported) start of the sunrise period, are all of the thousands of eligible attorneys from across the whole of Europe supposed to obtain their (individual) secure device from just ONE provider? That hardly seems like the most workable solution.

This "extra information" is still extremely vague and still places the onus on the users and the providers to figure out how to comply. This is reinforced by the extraordinarily unhelpful and vague "answers" provided on the FAQ page that is linked to from the new document, e.g.: "In case the selected provider did not provide a physical device (smart card or token), you can select a trusted provider located in another country, Please refer to the following list on the EU Trust Services portal" "Although the list of providers state only EU member states, several providers listed in this list have in place procedures of recognition for both EU citizens and non-EU citizens and for foreign citizens when they generate the personal certificates. Please refer to the selected provider to have the detailed information." "Some providers listed in the trusted list are certified to use “online” identification means (like video conferencing) but for a limited choice of qualified signature creation device. Please refer to the selected provider to have the detailed information."

Also "You need a device containing “Qualified certificate for electronic signature”.... ....To login to the CMS a client authentication certificate is needed: it is USUALLY installed by the provider on the same secure device. IN GENERAL, the providers include these two types of certificates (authentication and signature) on the same device. You should check this with your selected provider." It does seem like a lot of work is being left to the users. I've heard that the LuxTrust solution will satisfy the test link that's been provided but this relates only, as far as I know, to the authentication certificate. I presume, but am in no way certain, that the LuxTrust signature certificate will be OK.

The problem is with the current login is that the system is looking for eIDAS compatibility of the authentication certificate whereas only the qualified signature certificate is eIDAS compatible. Their software needs re-working. A problem is that they do not respond to contact messages pointing out this situation.