ANNEX II
REQUIREMENTS FOR MEMBER STATES’ NOTIFICATIONS
1. Notifications of information on registrars and registers
(1)
Member States shall provide the following information to the Commission on their registrars and registers:
(a)
the name of the register;
(b)
at least one URL where the register is available for access, which shall use state of the art transport layer encryption;
(c)
the name of the registrar that is responsible for that register;
(d)
where applicable, the registration number of the registrar;
(e)
the Member State in which the registrar is established;
(f)
the contact email and contact phone number of the registrar, for matters related to the register;
(g)
where applicable, the URL of a webpage for additional information about the registrar and the register;
(h)
the URL of the webpage where the registration policy that applies to the register and related information are located;
(i)
one or more certificates compliant with IETF RFC 3647 which can be used to verify the signature or seal created by the registrar on the register data and for which the certified identity data include the name of the registrar, and where applicable, the registration number of the registrar, as provided in points (c) and (d), respectively.
(2)
That information referred to in point (1) shall be provided per register and registrar.
2. Notifications of information on wallet providers and on the mechanisms by which to validate the authenticity and validity of wallet units
(1)
Member States shall provide the following information to the Commission on wallet providers:
(a)
the name of the wallet provider;
(b)
where applicable, the registration number of the wallet provider;
(c)
where applicable, the name of the body responsible for the provision of the wallet solution;
(d)
the Member State in which the wallet provider is established;
(e)
the contact email and contact phone number of the wallet provider, for matters related to the wallet solutions it provides;
(f)
where applicable, the URL of the webpage for additional information about the wallet provider and the wallet solution;
(g)
the URL of the webpage where the policies, terms and conditions of the wallet provider that apply to the provision and use of the wallet solution it provides are located;
(h)
one or more certificates compliant with IETF RFC 3647 that can be used to authenticate and validate the components of the wallet unit the wallet provides, and for which the certified identity data includes the name, and where applicable, the registration number of the wallet provider, as specified in points (a) and (b), respectively;
(i)
for each wallet solution provided by the wallet provider, the name and the reference number of the wallet solution it provides, as the Commission shall publish this information in the Official Journal of the European Union pursuant to Article 5d of Regulation (EU) No 910/2014.
(2)
That information referred to in point (1) shall be provided per provider.
3. Notifications of information on providers of person identification data and on the mechanisms enabling the authentication and validation of person identification data
(1)
Member States shall provide the following information to the Commission on providers of person identification data:
(a)
the name of the provider of person identification data;
(b)
where applicable, a registration number of the provider of person identification data;
(c)
where applicable, the name of the body responsible for ensuring that the person identification data is associated with the wallet unit;
(d)
the Member State in which the provider of person identification data is established;
(e)
the contact email and contact phone number of the provider of person identification data, for matters related to the person identification data it provides;
(f)
where applicable, the URL of the webpage that contains additional information about the person identification data provider;
(g)
the URL of the webpage that contains the policies, terms and conditions of the provider of person identification data that apply to the provision and use of the person identification data it provides;
(h)
one or more certificates compliant with IETF RFC 3647 that can be used to verify the signature or seal created by the provider of person identification data on the person identification data it provides, and for which the certified identity data include the name, and where applicable, the registration number of the person identification data provider, as specified in points (a) and (b), respectively.
(2)
That information referred to in point (1) shall be provided per provider.
4. Notifications of information on providers of wallet-relying party access certificates
(1)
Member States shall provide the following information to the Commission on providers of wallet-relying party access certificates:
(a)
the name of the provider of wallet-relying party access certificates;
(b)
where applicable, a registration number of the provider of wallet-relying party access certificates;
(c)
the Member State in which the provider of wallet-relying party access certificates is established;
(d)
the contact email and contact phone number of the provider of wallet-relying party access certificates, for matters related to the access certificates it provides to wallet-relying parties;
(e)
where applicable, the URL of the webpage of the provider of wallet-relying party access certificates that contains additional information about the provider and the access certificates it provides to wallet-relying parties;
(f)
the URL of the webpage that contains the policies, terms and conditions that apply to the provision and use of the access certificates it provides to wallet-relying parties;
(g)
one or more certificates compliant with IETF RFC 3647 that can be used to verify the signature or seal created by the provider of wallet-relying party access certificates on the access certificate it provides to wallet-relying parties, with, where applicable, the information required to distinguish wallet-relying party access certificates from other certificates.
(2)
The information referred to in point (1) shall be provided per provider of wallet-relying party access certificates.