--- title: "eIDAS signature legal effect selector: SES, AES, AES-QC, or QES" canonical_url: "https://www.sorena.io/artifacts/eu/electronic-identification-and-trust-services-regulation/signature-legal-effect-selector-workflow" source_url: "https://www.sorena.io/artifacts/eu/electronic-identification-and-trust-services-regulation/signature-legal-effect-selector-workflow" author: "Sorena AI" description: "Select the right eIDAS signature level by legal effect, risk, qualified certificate status, QTSP evidence, QSCD use, validation result, and cross-border recognition." published_at: "2026-05-09" updated_at: "2026-05-09" keywords: - "eIDAS signature levels" - "SES" - "AES" - "QES" - "qualified electronic signature" - "qualified certificate" - "QTSP" - "QSCD" - "trusted lists" - "EU eIDAS Regulation" - "electronic signature" - "advanced electronic signature" --- **[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform [Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io) --- # eIDAS signature legal effect selector: SES, AES, AES-QC, or QES Select the right eIDAS signature level by legal effect, risk, qualified certificate status, QTSP evidence, QSCD use, validation result, and cross-border recognition. *Workflow* *EU eIDAS* ## eIDAS signature legal effect selector workflow Choose between simple electronic signature, advanced electronic signature, advanced signature based on a qualified certificate, and qualified electronic signature under eIDAS. Use the selector when a contract, public-service form, onboarding flow, approval record, or regulated transaction needs a defensible signature level and reusable validation evidence. This workflow helps product, legal, procurement, and identity teams select the eIDAS signature level that matches the legal effect they need. It separates the evidential baseline for any electronic signature from the stricter requirements for an advanced electronic signature, an advanced electronic signature based on a qualified certificate, and a qualified electronic signature. ## Start with the legal effect you need Under eIDAS, an electronic signature cannot be rejected in legal proceedings only because it is electronic or because it is not qualified. That makes a simple electronic signature useful for lower-risk evidence of intent, but it does not give the signature the same legal effect as handwriting. Choose QES when the process needs the eIDAS rule that a qualified electronic signature has the equivalent legal effect of a handwritten signature. Choose AES or AES based on a qualified certificate when you need stronger identity, integrity, and validation evidence but do not need, or cannot support, the full QES chain. - Use SES for low-risk approvals where the main need is evidence that a person accepted or approved data electronically. - Use AES when the risk requires a signature uniquely linked to and capable of identifying the signatory, under the signatory's sole control, with later changes to the signed data detectable. - Use AES based on a qualified certificate when the public-service or relying-party requirement asks for an advanced signature with a qualified certificate, but not necessarily QES. - Use QES when handwritten-signature equivalence, cross-border public-sector recognition at the highest eIDAS signature level, or a high-assurance signing ceremony is required. Sources for this answer: - [Regulation (EU) No 910/2014 (eIDAS)](https://eur-lex.europa.eu/eli/reg/2014/910/oj?ref=sorena.io) - Supports the legal-effect split between ordinary electronic signatures and qualified electronic signatures, and the Article 26 requirements for advanced electronic signatures. - [European Commission Digital Building Blocks - eSignature](https://ec.europa.eu/digital-building-blocks/sites/spaces/DIGITAL/pages/467109036/eSignature?ref=sorena.io) - Supports practical use of eSignature standards, tools, DSS, trusted-list browser resources, and validation tests for EU electronic signature creation and verification. ## Selector criteria for SES, AES, AES-QC, and QES Run the selector before choosing a vendor or signature widget. The decisive question is not whether a signature looks formal; it is whether the signing process can prove the required legal effect, identity assurance, certificate status, device status, and validation outcome at the time of signing. Record the selected level, the reason lower levels are insufficient or sufficient, and the evidence source that proves the selected level. - SES selection: retain the signed content, signer identifier used in the journey, consent or approval event, authentication context, timestamp, IP or device evidence where collected, and integrity controls around the stored record. - AES selection: add evidence that the signature is uniquely linked to the signatory, identifies the signatory, uses signature creation data under the signatory's sole control, and detects later changes to the signed data. - AES-QC selection: add proof that the supporting certificate was a qualified certificate for electronic signature, issued by a qualified trust service provider, valid at signing time, and not suspended or revoked for the relevant period. - QES selection: add proof that the signature is advanced, uses a qualified certificate, and was created by a qualified electronic signature creation device, including remote QSCD evidence where a QTSP manages the device. - Cross-border public service check: if a Member State requires advanced signatures for an online public-sector service, check whether eIDAS Article 27 recognition rules require accepting AES, AES-QC, and QES formats or methods. Sources for this answer: - [Regulation (EU) No 910/2014 (eIDAS)](https://eur-lex.europa.eu/eli/reg/2014/910/oj?ref=sorena.io) - Supports the selector criteria for AES requirements, qualified certificates, qualified signature creation devices, validation, and public-service recognition. - [ETSI EN 319 412-2 certificate profile for natural persons](https://www.etsi.org/search/standard?ref=sorena.io) - Supports using certificate-profile evidence for EU qualified certificates, including QCStatements and interoperability of qualified certificate implementations. - [ETSI TS 119 431-1 remote QSCD policy requirements](https://www.etsi.org/search?ref=sorena.io) - Supports remote QSCD evidence for server signing services, including policies for TSP services operating remote QSCD or signature creation devices. ## Validation evidence to keep with the signed record For AES-QC and QES, validation evidence should show more than a cryptographic pass or fail. It should show whether the certificate was qualified at signing time, whether the QTSP and service had qualified status, whether the certificate was valid for the relevant moment, and whether the signature was created with a QSCD where QES is claimed. Use trusted lists as part of the evidence chain. eIDAS requires Member States to establish, maintain, and publish trusted lists with information about qualified trust service providers and their qualified services; ETSI TS 119 612 defines trusted-list status fields used by validation systems. - Store the validation report, validation policy, signature format, signed document digest, signing time or best-signature-time basis, certificate chain, and revocation evidence. - For qualified-certificate claims, store the certificate identity, issuer QTSP, qualified certificate indication, certificate validity period, revocation or suspension status source, and the trusted-list entry used. - For QES claims, store the QSCD indication or qualification determination and the evidence that the certificate and device status were valid at signing time. - For remote signing, store the QTSP service identity, remote QSCD service status, signature activation evidence, and the source showing the QTSP was qualified for the relevant service. - For rejected or downgraded signatures, keep the failed validation reason separately from the business decision to accept, re-sign, escalate, or reject the transaction. Sources for this answer: - [Regulation (EU) No 910/2014 (eIDAS)](https://eur-lex.europa.eu/eli/reg/2014/910/oj?ref=sorena.io) - Supports the validation checks for QES and AES based on qualified certificates, including certificate status, QTSP issuance, signatory data, integrity, and QSCD use. - [ETSI TS 119 612 trusted lists](https://www.etsi.org/deliver/etsi_ts/119600_119699/119612/02.03.01_60/ts_119612v020301p.pdf?ref=sorena.io) - Supports using EU Member State trusted lists, the List Of Trusted Lists, service current status, and service history as evidence for QTSP and qualified-service status. - [European Commission Digital Building Blocks - eSignature](https://ec.europa.eu/digital-building-blocks/sites/spaces/DIGITAL/pages/467109036/eSignature?ref=sorena.io) - Supports practical validation tooling references such as the eIDAS dashboard, trusted-list browser, DSS resources, and validation tests. ## Escalation rules for high-risk or cross-border signatures Escalate the selector when the transaction is cross-border, public-sector facing, high value, statutory-form sensitive, or likely to be disputed. The escalation should decide whether QES is required, whether AES-QC is enough, whether a non-EU trust service can be accepted, and whether the relying party can validate the evidence without manual reconstruction. Do not label a signature as QES unless the record supports all three parts: advanced-signature requirements, qualified certificate status, and QSCD creation. A qualified certificate alone is not enough for QES if the device evidence is missing. - Escalate to legal when the relying party asks for handwritten-signature equivalence or when national law may require a particular signature level. - Escalate to identity architecture when the chosen journey cannot preserve sole-control evidence, certificate qualification evidence, or signed-data integrity evidence. - Escalate to procurement when a vendor claims QTSP, QES, or remote QSCD support but cannot identify the qualified service on an EU trusted list. - Escalate to operations when validation depends on live trusted-list, OCSP, CRL, timestamp, or preservation services that are not monitored or retained. - Escalate to compliance when accepting third-country trust services, because eIDAS recognition of third-country qualified-equivalent services depends on implementing acts or an EU agreement. Sources for this answer: - [Regulation (EU) No 910/2014 (eIDAS)](https://eur-lex.europa.eu/eli/reg/2014/910/oj?ref=sorena.io) - Supports escalation points for QES requirements, cross-border recognition within Member States, qualified trust services, and third-country trust-service recognition. - [ETSI TS 119 612 trusted lists](https://www.etsi.org/deliver/etsi_ts/119600_119699/119612/02.03.01_60/ts_119612v020301p.pdf?ref=sorena.io) - Supports checking whether the QTSP service status was granted, withdrawn, ceased, or historically valid at the relevant signing or validation time. - [ETSI TS 119 431-1 remote QSCD policy requirements](https://www.etsi.org/search?ref=sorena.io) - Supports escalation when a remote signing service claims remote QSCD support, server signing, or signature activation under sole-control requirements. *Recommended next step* *Placement: before sources* ## Turn the SES, AES, AES-QC, or QES choice into reusable evidence Sorena can help convert this selector into a signature-level record, vendor evidence checklist, trusted-list validation pack, and acceptance criteria for EU eIDAS workflows. - [Open Research Copilot for eIDAS signatures](/solutions/research-copilot.md): Ask source-linked questions about eIDAS signature levels, qualified certificates, QTSP evidence, QSCD support, and validation records using the cited sources on this page. - [Review an eIDAS signature workflow](/contact.md): Check whether a signing journey is aiming for SES, AES, AES-QC, or QES and whether the retained evidence supports that claim. ## Primary sources - [Regulation (EU) No 910/2014 (eIDAS)](https://eur-lex.europa.eu/eli/reg/2014/910/oj?ref=sorena.io) - Primary legal source for eIDAS signature legal effects, AES requirements, QES definition, qualified certificates, QSCDs, validation, trusted lists, and cross-border recognition. - Quote: "qualified electronic signature" - [European Commission Digital Building Blocks - eSignature](https://ec.europa.eu/digital-building-blocks/sites/spaces/DIGITAL/pages/467109036/eSignature?ref=sorena.io) - Commission source for practical eSignature resources, including DSS, trusted-list browser, eIDAS dashboard, and validation-test references. - Quote: "eSignature HUB" - [ETSI TS 119 612 trusted lists](https://www.etsi.org/deliver/etsi_ts/119600_119699/119612/02.03.01_60/ts_119612v020301p.pdf?ref=sorena.io) - Technical source for trusted-list structure, service status, List Of Trusted Lists, and evidence used to determine QTSP and qualified-service status. - Quote: "Trusted Lists" - [ETSI EN 319 412-2 certificate profile for natural persons](https://www.etsi.org/search/standard?ref=sorena.io) - Technical source for certificate-profile requirements relevant to qualified certificates for electronic signatures issued to natural persons. - Quote: "Certificate Profiles" - [ETSI TS 119 431-1 remote QSCD policy requirements](https://www.etsi.org/search?ref=sorena.io) - Technical source for policy and security requirements for trust service providers operating remote QSCD or server signing services. - Quote: "remote QSCD" ## Related Topic Guides - [eIDAS 2 deadlines and compliance calendar for EUDI Wallet and trust services](/artifacts/eu/electronic-identification-and-trust-services-regulation/deadlines-and-compliance-calendar.md): Calendar of grounded eIDAS and eIDAS 2 milestones for EUDI Wallet delivery, implementing acts, annual supervision reports, QTSP transitions, pilots, and ARF evidence. - [eIDAS 2.0 vs eIDAS: EUDI Wallet and trust-service changes](/artifacts/eu/electronic-identification-and-trust-services-regulation/eidas2-vs-eidas.md): Compare the original eIDAS electronic identification and trust-service framework with the eIDAS 2.0 amendments for EUDI Wallets, relying parties, attestations, QWACs, and supervision. - [eIDAS Certificates and Authentication: qualified certificates, QWACs, and validation checks](/artifacts/eu/electronic-identification-and-trust-services-regulation/certificates-and-authentication.md): Grounded guide to eIDAS qualified certificates, website authentication certificates, trusted lists, relying-party checks, and validation evidence. - [eIDAS checklist and evidence pack for trust services, signatures, and EUDI Wallet relying parties](/artifacts/eu/electronic-identification-and-trust-services-regulation/checklist-and-evidence.md): Build an eIDAS evidence pack for qualified trust services, electronic signatures, trusted-list checks, certificate validation, supervisory records, and EUDI Wallet relying-party controls. - [eIDAS compliance guide for trust services, QTSPs, signatures, and EUDI Wallet relying parties](/artifacts/eu/electronic-identification-and-trust-services-regulation/compliance.md): Grounded eIDAS compliance guide for trust-service classification, QTSP supervision evidence, qualified signatures, seals, time stamps, certificates, trusted-list validation, and EUDI Wallet relying-party records. - [eIDAS electronic signatures: SES, AES, QES legal effect and evidence](/artifacts/eu/electronic-identification-and-trust-services-regulation/electronic-signatures-and-legal-effect.md): A grounded guide to eIDAS electronic-signature legal effect: SES, AES, QES, qualified certificates, QTSP trusted-list checks, validation, recognition, and evidence records. - [eIDAS penalties and fines for trust service providers](/artifacts/eu/electronic-identification-and-trust-services-regulation/penalties-and-fines.md): Grounded guide to eIDAS Article 16 penalties, administrative fine mechanics, supervisory bodies, qualified-status withdrawal, and trusted-list evidence. - [eIDAS QES validation checks for relying parties](/artifacts/eu/electronic-identification-and-trust-services-regulation/qes-validation.md): How to validate a qualified electronic signature under eIDAS: certificate, QTSP, trusted-list, QSCD, integrity, validation result, and evidence records. - [eIDAS Qualified Trust Services: QTSP Selection](/artifacts/eu/electronic-identification-and-trust-services-regulation/qualified-trust-services-and-qtsp-selection.md): How to select an EU eIDAS qualified trust service provider: identify the qualified service type, verify trusted-list status, review supervision evidence, and retain certificate-policy records. - [eIDAS remote signature and cloud HSM controls for QTSPs](/artifacts/eu/electronic-identification-and-trust-services-regulation/remote-signature-and-cloud-hsm-controls.md): Grounded guide to eIDAS remote signature controls: remote QSCD scope, server-side signing, QTSP evidence, signer authentication, certificate validation, and trusted-list checks. - [eIDAS trust service role scoping workflow: TSP, QTSP, validator, relying party, or QTSP customer](/artifacts/eu/electronic-identification-and-trust-services-regulation/trust-service-role-scoping-workflow.md): Classify an eIDAS role by evidence: trust service provider, qualified trust service provider, signature or seal validator, EUDI Wallet relying party, relying party, or customer of a QTSP. - [eIDAS trusted list validation: LOTL, QTSP status, and evidence](/artifacts/eu/electronic-identification-and-trust-services-regulation/trust-list-validation.md): How to validate EU eIDAS trusted-list evidence: start from the Commission LOTL, confirm QTSP and qualified-service status, check certificate path and revocation data, and retain validation reports. - [eIDAS vs ESIGN and UETA: EU qualified signatures vs U.S. e-signature laws](/artifacts/eu/electronic-identification-and-trust-services-regulation/eidas-vs-esign-and-ueta.md): Compare eIDAS with ESIGN and UETA for electronic signatures, qualified certificates, trust services, cross-border recognition, validation evidence, and source gaps. - [eIDAS vs ETSI EN 319 401: legal supervision and TSP policy requirements](/artifacts/eu/electronic-identification-and-trust-services-regulation/eidas-vs-etsi-en-319-401.md): Compare eIDAS and ETSI EN 319 401 for trust services: legal scope, QTSP supervision, conformity assessment, audits, incident evidence, and operational controls. - [eIDAS vs GDPR for identity data: wallet, trust-service, and privacy obligations](/artifacts/eu/electronic-identification-and-trust-services-regulation/eidas-vs-gdpr-identity-data.md): Compare eIDAS identity, trust-service, and EUDI Wallet rules with GDPR duties for personal-data processing, minimisation, lawful basis, evidence, security, and user rights. - [eIDAS vs NIS2 for trust service providers: QTSP and cybersecurity obligations](/artifacts/eu/electronic-identification-and-trust-services-regulation/eidas-vs-nis2-trust-services.md): Compare eIDAS trust-service and QTSP duties with NIS2 cybersecurity risk-management, incident reporting, supervision, and evidence duties for trust service providers. - [Electronic Attestations of Attributes under EU eIDAS: EAA, QEAA, issuers, wallets, and validation](/artifacts/eu/electronic-identification-and-trust-services-regulation/electronic-attestations-of-attributes.md): Grounded guide to electronic attestations of attributes under amended EU eIDAS: EAA, QEAA, public-sector authentic-source attestations, wallet use, issuer checks, relying-party validation, revocation, and legal effect. - [EU eIDAS Applicability Test for Trust Services, Wallets, and Certificates](/artifacts/eu/electronic-identification-and-trust-services-regulation/applicability-test.md): A grounded eIDAS scope test for QTSPs, trust services, electronic signatures, seals, timestamps, QWACs, EUDI Wallet relying parties, and cross-border recognition evidence. - [EU eIDAS attribute attestations: EAA, QEAA, wallet, and relying party checks](/artifacts/eu/electronic-identification-and-trust-services-regulation/faq/attribute-attestations.md): What electronic attestations of attributes mean under eIDAS, how QEAAs differ from public-sector and non-qualified attestations, and what issuers, wallets, and relying parties should verify. - [EU eIDAS checklist for signatures, trust services, and wallets](/artifacts/eu/electronic-identification-and-trust-services-regulation/checklist.md): Checklist for eIDAS trust-service and EUDI Wallet controls: qualified status, trusted lists, certificates, signatures, seals, timestamps, validation evidence, and relying-party records. - [EU eIDAS FAQ: signatures, QTSPs, trusted lists, QWACs, wallets, and validation](/artifacts/eu/electronic-identification-and-trust-services-regulation/faq.md): FAQ on eIDAS trust services and the European Digital Identity framework, covering advanced and qualified electronic signatures, QTSP status, trusted lists, QWACs, EUDI Wallet relying parties, attestations of attributes, and validation evidence. - [EU eIDAS QTSP authorization and supervision guide](/artifacts/eu/electronic-identification-and-trust-services-regulation/qtsp-authorization-and-supervision.md): How qualified trust service providers obtain and keep qualified status under eIDAS, including conformity assessment reports, supervision, trusted lists, incidents, and evidence. - [EU eIDAS QTSP Due Diligence Workflow for Trusted Lists, Certificates, and Evidence](/artifacts/eu/electronic-identification-and-trust-services-regulation/qtsp-due-diligence-workflow.md): Check a qualified trust service provider under eIDAS by validating trusted-list status, qualified service scope, certificates, policies, supervision, audits, and retained evidence. - [EU eIDAS Requirements for Trust Services, Signatures, Seals, Wallets, and Evidence](/artifacts/eu/electronic-identification-and-trust-services-regulation/requirements.md): Grounded guide to core eIDAS requirements for trust service providers, qualified trust services, electronic signatures, seals, time stamps, trusted lists, and EUDI Wallet relying parties. - [EU eIDAS Trusted Lists FAQ: LOTL, QTSP status, and validation evidence](/artifacts/eu/electronic-identification-and-trust-services-regulation/faq/trusted-lists.md): How EU eIDAS Trusted Lists and the Commission LOTL support QTSP and qualified trust-service validation, with practical evidence checks for relying parties. - [EUDI Wallet readiness for service providers under eIDAS](/artifacts/eu/electronic-identification-and-trust-services-regulation/eudi-wallet-readiness.md): Readiness guide for organisations preparing to request or verify data from European Digital Identity Wallets: roles, registration, ARF alignment, selective disclosure, implementing acts, and evidence. - [EUDI Wallet Relying Parties under eIDAS](/artifacts/eu/electronic-identification-and-trust-services-regulation/faq/eudi-wallet-relying-party.md): What EUDI Wallet relying parties must do under eIDAS: register, declare intended wallet use and requested data, identify themselves to users, and keep request evidence. - [EUDI Wallet Relying Party Onboarding Workflow under eIDAS](/artifacts/eu/electronic-identification-and-trust-services-regulation/wallet-onboarding-workflow.md): A grounded onboarding workflow for organisations that want to request data from European Digital Identity Wallet users as eIDAS wallet relying parties. - [EUDI Wallet Relying Party Registration Under eIDAS](/artifacts/eu/electronic-identification-and-trust-services-regulation/eudi-wallet-relying-party-registration.md): What eIDAS Article 5b and the EUDI Wallet ARF say about wallet relying party registration, intended uses, attribute requests, certificates, evidence, and Member State gaps. - [EUDI Wallet Technical Architecture Guide under eIDAS](/artifacts/eu/electronic-identification-and-trust-services-regulation/eudi-wallet-technical-architecture-guide.md): Technical guide to the EUDI Wallet architecture: ARF roles, wallet units, PID and attestations, relying parties, trust model, certificates, protocols, privacy, and security controls. - [QES vs AdES under EU eIDAS: legal effect, certificates, QTSPs, and validation evidence](/artifacts/eu/electronic-identification-and-trust-services-regulation/faq/qes-vs-ades.md): Compare qualified electronic signatures (QES) and advanced electronic signatures (AdES) under EU eIDAS, including legal effect, qualified certificates, QTSP status, QSCDs, and validation evidence. - [QWACs under eIDAS: website authentication certificates](/artifacts/eu/electronic-identification-and-trust-services-regulation/qwacs.md): A grounded guide to qualified website authentication certificates under eIDAS, covering Annex IV data, trusted lists, browser recognition, validation evidence, and QTSP checks. - [What eIDAS Covers: eID, Trust Services, EUDI Wallet, and QWACs](/artifacts/eu/electronic-identification-and-trust-services-regulation/what-eidas-covers.md): A grounded guide to the systems and services covered by EU eIDAS: notified electronic identification, trust services, signatures, seals, time stamps, registered delivery, website authentication, trusted lists, the EUDI Wallet, and attribute attestations. - [What is a qualified trust service provider under eIDAS?](/artifacts/eu/electronic-identification-and-trust-services-regulation/faq/qualified-trust-service-provider.md): How to verify QTSP status under eIDAS using the qualified service, supervisory body decision, trusted list entry, conformity assessment evidence, and service-specific records. - [What is a QWAC under the EU eIDAS Regulation?](/artifacts/eu/electronic-identification-and-trust-services-regulation/faq/qwac.md): Plain-language FAQ on qualified website authentication certificates under eIDAS, including website identity, QTSP trusted-list checks, browser recognition, and validation evidence. --- [Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us) (c) 2026 Sorena AB (559573-7338). All rights reserved. Source: https://www.sorena.io/artifacts/eu/electronic-identification-and-trust-services-regulation/signature-legal-effect-selector-workflow