2. Trust anchors
For the compliance, Trust anchors are Gaia-X endorsed entities responsible to manage certificate to sign claims.
To be compliant with the Gaia-X Trust Framework, all keypairs used to sign claims must have at least one of the Trust Anchor in their certificate chain.
At any point in time, the list of valid Trust Anchors is stored in the Gaia-X Registry.
2.1 List of defined trust anchors
| Name | Defined as |
|---|---|
| State | The Trust Service Providers (TSP) must be a state validated identity issuer. - For participant, if the legalAddress.country is in EEA, the TSP must be eiDAS compliant. - Until end of 2022 Q1, to ease the onboarding and adoption this framework DV SSL can also be used. - Gaia-X association is also a valid TSP for Gaia-X association members. |
| eiDAS | Issuers of Qualified Certificate for Electronic Signature as defined in eIDAS Regulation (EU) No 910/2014 (homepage: https://esignature.ec.europa.eu/efda/tl-browser/#/screen/home) (machine: https://ec.europa.eu/tools/lotl/eu-lotl.xml) |
| DV SSL | Domain Validated (DV) Secure Sockets Layer (SSL) certificate issuers are considered to be temporarily valid Trust Service Providers. (homepage: https://wiki.mozilla.org/CA/Included_Certificates) (machine: https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReportPEMCSV) |
| Gaia-X | To be defined after 2022Q1. |
| EDPB CoC | List of Monitoring Bodies accreditated to the Code of Conduct approved by the EDBP (list of EDBP’s CoC: https://edpb.europa.eu/our-work-tools/documents/our-documents_fr?f%5B0%5D=all_publication_type%3A61&f%5B1%5D=all_topics%3A125) |
| gleif | List of registered LEI issuers. (homepage: https://www.gleif.org/en/about-lei/get-an-lei-find-lei-issuing-organizations) (machine: https://api.gleif.org/api/v1/registration-authorities) |