Skip to content

12. Process Description on How to Become a Gaia-X Compliant Participant

Note

This process description features the process for Gaia-X Loire (25.10) version. Please note that there are important differences between the two versions and they are not compatible with each other. We recommend to follow the Loire specifications as they reflect the latest version and will also be valid for the Danube release. During the process, regardless of the version, the participant will create and obtain three Gaia-X Verifiable Credentials (VCs) that can be combined to a Gaia-X Verifiable Presentation (VP): The Legal Person (LP) Credential, the Legal Registration Number (LRN) Credential, and the Issuer Credential confirming the acceptance of the Terms and Conditions of Gaia-X.

12.1 Gaia-X Standard Compliance for Participants with Loire (25.10)

12.1.1 Prerequisites:

  1. The participant is familiar with the concepts and relevant standards of Gaia-X, regarding Gaia-X Participant Identities, i.e., the Verifiable Credential model, digital signatures, X.509 certificates, and digital wallets. If not, we recommend the latest version of the Gaia-X Identity Credentials and Access Management ICAM document or the Gaia-X Academy for general introduction.

  2. The participant has control over a private key (either RSA or EC) that shall be used for digital signatures and signing Gaia-X Credentials.

  3. The participant has a valid Value Added Tax (VAT) identifier, or EORI (Economic Operators Registration and Identification), or LEI (Legal Entity Identifier) Code available for the entity that aims to become a Gaia-X Compliant Participant.

  4. The participant has acquired a certificate from one of the Gaia-X approved Trust Service Provider (TSP). The list of TSP can be found in the Gaia-X Registry. Any of the Gaia-X Registry provided by the Gaia-X Digital Clearing House can be used to retrieve the list of Trust Service Providers (TSP). The certificate requirements can be found here. The X.509 certificate has been checked against an available GXDCH Registry Service for acceptance.

  5. The participant has the public part of the certificate published via the DID:WEB method to establish a Public Key Infrastructure (PKI) for digital signature verification. Gaia-X provides a DID:WEB generator for this purpose. After publication, the DID:WEB Document is checked for availability and conformance with the DID standards via Uniresolver or DID Lint.

12.1.2 Process description

A - The participant wants to obtain Gaia-X Compliant Participant Credentials

B - The participant uses a credential signer to create the required Credentials and apply Digital Signatures to them A signer tool is made available by Gaia-X for sovereign deployment in the Gaia-X Community Repository if needed.

C - The participants prepares the Legal Person (LP) Credential and the Issuer (Terms and Conditions) Credential for Signature.

  1. Based on the Gaia-X Ontology, the Legal Person (LP) or its power of attorney, Credential and the Issuer (Terms and Conditions) Credential need to be prepared and to be signed by the participant. Examples for both Credentials, are available:
  2. Legal Person (LP) Example: https://gaia-x.eu/.well-known/legal-person.json

  3. Issuer (Terms and Conditions) Example: https://gaia-x.eu/.well-known/terms-and-conditions.json

  4. Both Credential Payloads need to be signed into Enveloped Verifiable Credentials (EVC):

  5. Apply signatures to both Verifiable Credentials to receive the corresponding EVCs.
  6. The JWT payloads of both signed Verifiable Credentials can be decoded and checked via an JWT Decode, i.e., JWT Debugger.

D - Obtain the Legal Registration Number (LRN) Credential

  1. Select a GXDCH Notary Service from any available GXDCH v2 endpoint.

  2. Select the type of Legal Registration Number Credential the participant wants to use. This must be either LEI Code, VAT ID, or EORI.

  3. Based on the Gaia-X Ontology, provide the Legal Registration Number associated with the participant and receive the JWT Credential signed by the respective GXDCH.

  4. Envelop the JWT Credential received from the GXDCH to an EVC using your signer tool.

E - Combine the three Gaia-X Verifiable Credentials to form a Gaia-X Participant Credential

  1. Use your own Verifiable Presentation (VP) Signer to combine the three Veriable Credentials into a Verifiable Presentation containing all three VCs.

  2. Verify the resulting Gaia-X Participant Credential in the form of a Verifiable Presentation (VP) against any of the available GXDCH Compliance Service v2 endpoints.

Congratulations, you have created and obtained a Gaia-X Compliant Participant Identity.

F - Store and make available your Gaia-X Participant Credential(s)

  1. Store and expose the Gaia-X Participant Credential VP as JWT via any Webservice to make it publicly available; or
  2. Store the three Verifiable Credentials (VCs) together with your keys and DID:WEB in your wallet for later usage and presentation.

Congratulations, you can use a Gaia-X Compliant Participant VC and you can start to create your services Verifiable Credentials to obtain labels.

12.2 Gaia-X Compliance for Participants with Tagus (22.10)

As this version of the Compliance Document corresponds to the Loire version (V2), the process for Tagus (V1) is not presented here. We strongly recommend using Loire (V2) rather than Tagus (V1), as Loire carries significant improvements.

Suggest a modification