---
title: "EN 319 411-2 vs EN 319 411-1 Qualified Certs"
canonical_url: "https://www.sorena.io/artifacts/global/etsi-en-319-411-2/en-319-411-2-vs-en-319-411-1"
source_url: "https://www.sorena.io/artifacts/global/etsi-en-319-411-2/en-319-411-2-vs-en-319-411-1"
author: "Sorena AI"
description: "Compare ETSI EN 319 411-2 qualified certificate requirements with EN 319 411-1 general certificate-service requirements, including QCP profiles, QSCD evidence, CP/CPS reuse, and audit boundaries."
published_at: "2026-05-09"
updated_at: "2026-05-09"
keywords:
  - "ETSI EN 319 411-2"
  - "ETSI EN 319 411-1"
  - "qualified certificates"
  - "QCP"
  - "QSCD"
  - "CP/CPS"
  - "ETSI EN 319 411-2 vs ETSI EN 319 411-1"
  - "QCP profiles"
---
**[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform

[Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io)

---

# EN 319 411-2 vs EN 319 411-1 Qualified Certs

Compare ETSI EN 319 411-2 qualified certificate requirements with EN 319 411-1 general certificate-service requirements, including QCP profiles, QSCD evidence, CP/CPS reuse, and audit boundaries.

*Artifact Guide* *GLOBAL* *ETSI EN 319 411-2*

## ETSI EN 319 411-2 ETSI EN 319 411-2 vs ETSI EN 319 411-1

A focused comparison of Part 2 requirements for EU qualified certificates and Part 1 general certificate-service policy requirements.

Use it to separate qualified certificate policy, QSCD, QWAC, and EU trusted-list evidence from reusable CP/CPS and certificate lifecycle controls.

Use this page when a qualified certificate service, conformity assessment file, customer questionnaire, or CP/CPS review mentions both ETSI EN 319 411-2 and ETSI EN 319 411-1. EN 319 411-2 is the qualified-certificate layer for EU qualified certificates and qualified website authentication certificate policy profiles; EN 319 411-1 is the general certificate-service requirements baseline that Part 2 repeatedly builds on.

## ETSI EN 319 411-2 vs ETSI EN 319 411-1

Use this comparison to decide when EN 319 411-2 qualified certificate requirements add separate policy, evidence, and assurance work on top of EN 319 411-1 general certificate-service controls.

- **ETSI EN 319 411-2**: Part 2 covers EU qualified certificate requirements, including qualified profiles and qualified-status evidence.
- **ETSI EN 319 411-1**: Part 1 covers general certificate-service policy and security requirements for TSPs.

| Dimension | ETSI EN 319 411-2 | ETSI EN 319 411-1 | Operational implication | Sources |
| --- | --- | --- | --- | --- |
| Primary scope | Part 2 is scoped to requirements for trust service providers issuing EU qualified certificates, including qualified certificate policies for natural persons, legal persons, QSCD-backed certificates, and qualified website authentication certificates. | Part 1 specifies generally applicable policy and security requirements for TSPs issuing public key certificates, including trusted website certificates and general certificate lifecycle management. | Start with the public claim. A qualified certificate claim needs Part 2 evidence; an ordinary certificate-service claim can stay in the Part 1 evidence boundary. | [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.<br>[ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.<br>[ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers. |
| Covered actors | Part 2 names qualified profiles such as QCP-n, QCP-l, QCP-n-qscd, QCP-l-qscd, QEVCP-w, QNCP-w, and QNCP-w-gen, and requires certificate policy statements to make the qualified and QSCD posture clear. | Part 1 uses general certificate policy concepts such as NCP, LCP, EVCP, DVCP, OVCP, and IVCP, with CP describing what applies and CPS describing how the TSP implements it. | Do not map by acronym alone. Match the policy object identifier, certificate profile, subscriber type, and qualified-status claim before reusing evidence. | [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.<br>[ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.<br>[ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers. |
| Trigger | Part 2 adds qualified-certificate identity routes: natural-person and legal-person identities must be verified by physical presence or methods with equivalent assurance, and QWAC routes must also verify the subscriber link with the domain name. | Part 1 covers initial identity validation, naming, subscribers and subjects, registration service responsibilities, certificate applications, and re-key or revocation request authentication for general certificate services. | Use Part 1 records for common registration controls, but add Part 2 proof where the qualified profile requires natural-person, legal-person, domain-link, or equivalent-assurance evidence. | [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.<br>[ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.<br>[ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers. |
| Core obligations | Part 2 distinguishes QSCD-backed profiles and says the QSCD qcStatement belongs in QCP-n-qscd and QCP-l-qscd certificates, while it must not be included for certificates not issued under those requirements. | Part 1 handles general secure cryptographic device and certificate profile evidence, but it does not turn a certificate into a qualified QSCD-backed certificate by itself. | Keep the QSCD route as a Part 2 decision. A certificate sample, device-status check, and CP/CPS statement should show when the QSCD-backed profile applies. | [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.<br>[ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.<br>[ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers. |
| Evidence and records | Part 2 evidence should include the qualified profile decision, CP/CPS clauses, qualified status context, certificate samples, qcStatements, QSCD route where applicable, trusted-list checks, QWAC domain-link evidence where relevant, and conformity-assessment findings. | Part 1 evidence should include CP and CPS versions, certificate policy identifiers, subscriber agreements, identity validation records, RA delegation evidence, issuance logs, CRL or OCSP records, revocation files, repository publication records, audit logs, and records archival evidence. | Keep a traceable evidence matrix: source, claim, profile, owner, artifact, review date, and whether the artifact supports Part 2, Part 1, or both. | [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.<br>[ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.<br>[ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers. |
| Timing | Part 2 repeatedly incorporates Part 1 lifecycle controls for publication, identity validation, certificate application, issuance, revocation requests, CRL, OCSP, business matters, and policy management, then adds qualified-profile constraints. | Part 1 is the operational backbone for certification services: registration, certificate generation, dissemination, revocation management, revocation status, repositories, and records archival. | Reuse operational evidence where Part 2 points back to Part 1, but keep a Part 2 row showing the qualified profile or qualified-service condition that made the reuse valid. | [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.<br>[ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.<br>[ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers. |
| Enforcement | Part 2 maps EU qualified certificate policies to eIDAS qualified trust-service requirements, but its annex warns that the mapping is not a definitive legal conformance statement and that some Regulation requirements are outside the technical standard. | Part 1 is a technical standard for certificate-service policy and security requirements and points to EN 319 403 for conformity assessment of TSP processes and services. | Do not claim eIDAS qualified status from the ETSI comparison alone. Keep supervisory, trusted-list, conformity-assessment, and legal-context evidence separate from the standard crosswalk. | [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.<br>[ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.<br>[ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers. |
| Overlap and reuse | Part 2 can reuse common PKI evidence only after adding the qualified certificate policy context and any qualified-status, QWAC, trusted-list, or QSCD evidence needed for the qualified claim. | Part 1 evidence can be reused for common PKI operations, such as lifecycle processing, revocation services, repositories, audit logging, and records archival, when the service boundary and policy profile match. | Reuse the operational artifact, not the conclusion. The same log or CP/CPS section may support both sides, but the qualified-certificate conclusion needs its own source-linked row. | [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.<br>[ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.<br>[ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers. |
| Practical decision rule | Use EN 319 411-2 as the controlling side when the service issues EU qualified certificates or uses a Part 2 qualified certificate policy profile. | Use EN 319 411-1 as the controlling side when the claim is that a TSP certificate service meets the general Part 1 certificate policy and security requirements. | Do not collapse the standards into one checklist. Start with the qualified profile and public claim, then show exactly which Part 1 controls are reused by the Part 2 qualified certificate claim. | [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.<br>[ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.<br>[ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers. |

Sources for Primary scope - ETSI EN 319 411-2:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Primary scope - ETSI EN 319 411-1:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Primary scope - operational implication:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Covered actors - ETSI EN 319 411-2:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Covered actors - ETSI EN 319 411-1:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Covered actors - operational implication:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Trigger - ETSI EN 319 411-2:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Trigger - ETSI EN 319 411-1:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Trigger - operational implication:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Core obligations - ETSI EN 319 411-2:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Core obligations - ETSI EN 319 411-1:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Core obligations - operational implication:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Evidence and records - ETSI EN 319 411-2:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Evidence and records - ETSI EN 319 411-1:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Evidence and records - operational implication:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Timing - ETSI EN 319 411-2:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Timing - ETSI EN 319 411-1:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Timing - operational implication:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Enforcement - ETSI EN 319 411-2:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Enforcement - ETSI EN 319 411-1:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Enforcement - operational implication:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Overlap and reuse - ETSI EN 319 411-2:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Overlap and reuse - ETSI EN 319 411-1:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Overlap and reuse - operational implication:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Practical decision rule - ETSI EN 319 411-2:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Practical decision rule - ETSI EN 319 411-1:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

Sources for Practical decision rule - operational implication:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

### How to choose between ETSI EN 319 411-2 and ETSI EN 319 411-1

- Start with the qualified-status claim and certificate policy profile, not with the standard title alone.
- Use EN 319 411-2 when the service claims EU qualified certificate status, a qualified certificate policy profile, QWAC coverage, or QSCD-backed qualified certificate issuance.
- Use EN 319 411-1 for general certificate-service CP/CPS, lifecycle, repository, revocation, and CA/RA operational evidence.

Sources for the practical decision rule:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

## When should teams compare ETSI EN 319 411-2 with ETSI EN 319 411-1?

Compare them before a QTSP, product team, auditor, or procurement reviewer reuses ordinary certificate-service evidence for an EU qualified certificate claim.

The practical question is whether the work is controlled by Part 2 qualified certificate policy requirements, by Part 1 general certificate-service requirements, or by both with different evidence boundaries.

- Start with the qualified certificate policy profile: QCP-n, QCP-l, QCP-n-qscd, QCP-l-qscd, QEVCP-w, QNCP-w, or QNCP-w-gen belong in the Part 2 analysis.
- Separate qualified-service proof, such as QTSP status, trusted-list evidence, QSCD route, and qualified website authentication certificate material, from common PKI operations reused from Part 1.
- Keep crosswalk rows source-linked so audit reviewers can see when Part 2 incorporates or points back to Part 1 requirements.

Sources for this answer:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.

## Decision rules for qualified and general certificate services

Use EN 319 411-2 when the claim is specifically about EU qualified certificates, including the qualified certificate policy profiles named in Part 2. Use EN 319 411-1 when the service is about policy and security requirements for TSPs issuing certificates in the general Part 1 scope.

Do not treat Part 2 as a complete standalone checklist. The Part 2 grounding references EN 319 411-1 and EN 319 401, while adding qualified certificate policy profiles and qualified-certificate-specific requirements.

- If the service claims qualified status, document the Part 2 policy profile, qualified status evidence, trusted-list dependency, and any QSCD-related route before reusing Part 1 evidence.
- If the certificate service is not making an EU qualified certificate claim, keep the work anchored in EN 319 411-1 and avoid importing qualified-certificate obligations by label alone.
- When Part 2 points back to Part 1 clauses, cite both sides in the audit file and explain which requirement is being satisfied.

Sources for this answer:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.

## What to decide before reusing CP/CPS evidence

Decide whether the same CP/CPS text actually covers the qualified certificate policy profile, certificate usage, participants, publication responsibilities, and qualified-service claims on both sides. Part 2 and Part 1 both use CP/CPS concepts, but Part 2 changes what the evidence must prove.

For EN 319 411-2, add the qualified certificate policy profile, qualified status context, qualified website authentication certificate route if relevant, and QSCD-related evidence only where the Part 2 profile calls for it. For EN 319 411-1, keep the general certificate-service evidence for CA and RA responsibilities, subscribers and subjects, naming, initial identity validation, certificate application and issuance, acceptance, revocation, status services, repositories, and records archival.

- Name the qualified certificate service, Part 2 profile, certificate policy, certificate profile, CA, RA or registration service provider, repository, and revocation-status service in scope.
- Record whether the service is qualified for natural persons, qualified for legal persons, QSCD-backed, a qualified website authentication certificate profile, or only a general certificate-service route.
- Separate Part 2-only evidence from Part 1 evidence reused by Part 2 so the audit file does not hide qualified-service assumptions.
- Version evidence by standard version, CP/CPS version, certificate profile, assessment period, and certificate service boundary.

Sources for this answer:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.

*Recommended next step*

*Placement: after practical guidance*

## Operationalize the qualified certificate crosswalk

Use this comparison as the shared source for qualified profile selection, CP/CPS reuse decisions, evidence requests, and audit-review checkpoints.

- [Open Assessment Autopilot for ETSI EN 319 411-2](/solutions/assessment.md): Convert the EN 319 411-2 and EN 319 411-1 crosswalk into accountable tasks, evidence requests, and review milestones.
- [Research qualified certificate source questions](/solutions/research-copilot.md): Use cited source material to resolve QCP profile, QSCD, QWAC, trusted-list, and CP/CPS reuse questions before implementation.
- [Talk through implementation](/contact.md): Review scope, evidence, owners, and the next qualified certificate compliance actions with Sorena.

## Evidence that belongs on each side of the comparison

Build the comparison as an evidence map, not as a merged checklist. The same operational record can sometimes support both standards, but the claim it supports should stay tied to the relevant Part 2 or Part 1 clause set.

For Part 2, keep qualified certificate policy profile evidence, QTSP or qualified-status records, EU trusted-list validation references, qualified website authentication certificate material where used, and QSCD-related evidence only when the profile depends on it. For Part 1, keep CP and CPS versions, certificate policy identifiers, subscriber agreements, identity validation records, RA delegation evidence, issuance logs, CRL or OCSP records, revocation files, repository publication records, key-management records, audit logs, and records archival evidence.

- Mark each evidence item as Part 2-only, Part 1-only, or shared with a clause-level explanation.
- Do not describe ordinary certificate-service evidence as enough for a qualified certificate claim unless the Part 2 source incorporates or aligns with that Part 1 requirement.
- Do not include the QSCD qcStatement route unless the certificate is issued under a QCP-n-qscd or QCP-l-qscd profile.
- Review the crosswalk after CP/CPS changes, qualified profile changes, RA changes, revocation-service changes, key-management changes, trusted-list changes, or conformity-assessment scope changes.

Sources for this answer:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.

## Comparison checklist for qualified certificate teams

Use this checklist when preparing a CP/CPS update, qualified certificate service review, conformity assessment evidence pack, or procurement response that mentions both standards.

- Identify which Part 2 policy profile applies: QCP-n, QCP-l, QCP-n-qscd, QCP-l-qscd, QEVCP-w, QNCP-w, or QNCP-w-gen.
- List the certificate service, certificate policy object identifier, CP/CPS version, certificate profile, CA, RA, repository, and status service covered by EN 319 411-1.
- Create a row for every shared operation, including identity validation, issuance, acceptance, revocation, status services, records archival, and CA or RA termination.
- Attach the evidence artifact to the row: CP/CPS text, subscriber record, validation record, certificate sample, CRL or OCSP record, trusted-list reference, audit log, or conformity-assessment finding.
- Flag unsupported reuse where Part 1 evidence proves ordinary certificate-service operation but does not prove the qualified certificate claim.

Sources for this answer:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.

## Comparison mistakes that create qualified-certificate audit gaps

The main failure pattern is treating Part 2 as just a qualified label on the same audit file. The standards overlap through TSP policy, security, and certificate lifecycle concepts, but Part 2 is narrower and more specific because it addresses EU qualified certificates.

- Do not call a service qualified because it satisfies EN 319 411-1 general requirements; Part 2 qualified certificate policy evidence is still needed.
- Do not hide QCP, QWAC, or QSCD profile differences behind a vague CP/CPS title.
- Do not reuse identity validation, revocation, repository, or audit-log evidence unless the certificate service boundary and policy profile match.
- Do not mix CA/Browser Forum web certificate requirements, qualified website authentication certificate requirements, and ordinary certificate policy requirements without a row-level  source reference .

Sources for this answer:

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.

## Primary sources

- [ETSI EN 319 411-2 V2.6.1 EU qualified certificate requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941102/02.06.01_60/en_31941102v020601p.pdf?ref=sorena.io) - Primary source for qualified certificate policy profiles, QSCD-related routes, qualified website authentication certificates, and QTSP certificate operations.
  - Quote: "EU qualified certificates"
- [ETSI EN 319 411-1 V1.5.1 certificate policy and security requirements](https://www.etsi.org/deliver/etsi_en/319400_319499/31941101/01.05.01_60/en_31941101v010501p.pdf?ref=sorena.io) - Primary source for general certificate-service policy, CPS, subscriber identity, revocation, repository, CA/RA, and certificate lifecycle requirements.
  - Quote: "Policy and security requirements for Trust Service Providers issuing certificates"
- [ETSI EN 319 401 V3.1.1 general policy requirements for TSPs](https://www.etsi.org/deliver/etsi_en/319400_319499/319401/03.01.01_60/en_319401v030101p.pdf?ref=sorena.io) - Primary ETSI source for general policy, risk assessment, management, security, incident, continuity, and audit evidence requirements for trust service providers.
  - Quote: "General Policy Requirements for Trust Service Providers"

## Related Topic Guides

- [eIDAS QTSP supervision workflow for ETSI EN 319 411-2](/artifacts/global/etsi-en-319-411-2/eidas-qtsp-supervision-workflow.md): Operational workflow for qualified trust service providers using ETSI EN 319 411-2 to manage supervisory-body changes, incidents, termination evidence, trusted-list checks, and assessment records.
- [ETSI EN 319 411-2 compliance checklist](/artifacts/global/etsi-en-319-411-2/compliance.md): Compliance checklist for ETSI EN 319 411-2 qualified certificate services, covering policy selection, CP/CPS evidence, identity validation, QSCD status, trusted-list reliance, and certificate status services.
- [ETSI EN 319 411-2 FAQ for EU Qualified Certificates](/artifacts/global/etsi-en-319-411-2/faq.md): Answers to common ETSI EN 319 411-2 questions about EU qualified certificate policies, QSCD use, identity validation, trusted lists, and revocation status services.
- [ETSI EN 319 411-2 Identity Proofing](/artifacts/global/etsi-en-319-411-2/identity-proofing.md): How EN 319 411-2 applies identity validation for EU qualified certificates, including QCP natural-person, legal-person, website, and evidence-record checks.
- [ETSI EN 319 411-2 QSCD Route](/artifacts/global/etsi-en-319-411-2/qscd-route.md): When QCP-n-qscd or QCP-l-qscd is the right EN 319 411-2 route, what QSCD evidence is needed, and which certificate-profile claims must stay aligned.
- [ETSI EN 319 411-2 QTSP supervision evidence workflow](/artifacts/global/etsi-en-319-411-2/qtsp-supervision-evidence-workflow.md): Build an assessment-ready QTSP supervision evidence pack for ETSI EN 319 411-2 qualified certificate services, covering policy identifiers, trusted-list checks, incident records, QSCD evidence, and termination controls.
- [ETSI EN 319 411-2 qualified certificate operations: issuance, suspension, and revocation](/artifacts/global/etsi-en-319-411-2/qualified-certificate-operations.md): Operational guide for ETSI EN 319 411-2 qualified certificate services: policy identifiers, identity validation, issuance, QSCD handling, revocation status, and relying-party notices.
- [ETSI EN 319 411-2 Qualified Certificate Scope](/artifacts/global/etsi-en-319-411-2/qualified-certificate-scope.md): Use ETSI EN 319 411-2 to scope EU qualified certificate services by certificate policy, subject type, QSCD use, website authentication profile, and eIDAS context.
- [ETSI EN 319 411-2 requirements map](/artifacts/global/etsi-en-319-411-2/requirements.md): Map ETSI EN 319 411-2 requirements for EU qualified certificate services across QCP profiles, CP/CPS documentation, QSCD use, certificate profiles, revocation, and eIDAS Annex A references.
- [ETSI EN 319 411-2 trusted-list evidence](/artifacts/global/etsi-en-319-411-2/trusted-list-evidence.md): Build EN 319 411-2 trusted-list evidence for EU qualified certificate reliance: relying-party notice text, QTSP service identifiers, validation records, and change triggers.
- [ETSI EN 319 411-2 trusted-list validation workflow](/artifacts/global/etsi-en-319-411-2/trusted-list-validation-workflow.md): Validate an EN 319 411-2 EU qualified-certificate claim by mapping the certificate service to the QTSP trusted-list entry, policy profile, relying-party notice, and status evidence.
- [ETSI EN 319 411-2 vs eIDAS Qualified Trust Services](/artifacts/global/etsi-en-319-411-2/en-319-411-2-vs-eidas-qualified-trust-services.md): Compare ETSI EN 319 411-2 certificate policy requirements with the eIDAS qualified-status, supervision, audit, and trusted-list framework.
- [ETSI EN 319 411-2: Certificate Revocation FAQ](/artifacts/global/etsi-en-319-411-2/faq/revocation.md): Answer the ETSI EN 319 411-2 revocation question for qualified certificate services: CPS procedures, 24-hour publication, CRL or OCSP status, and evidence to retain.
- [ETSI EN 319 411-2: end-to-end qualified certificate lifecycle management workflow](/artifacts/global/etsi-en-319-411-2/qualified-certificate-lifecycle-workflow.md): Lifecycle workflow for ETSI EN 319 411-2 qualified certificate services, from policy selection and identity validation through issuance, renewal, re-key, modification, revocation, status services, and records.
- [ETSI EN 319 411-2: Legal vs Natural Person Certs](/artifacts/global/etsi-en-319-411-2/faq/legal-and-natural-persons.md): ETSI EN 319 411-2 separates qualified certificate policies for natural persons, legal persons, QSCD use, and website authentication subscribers.
- [ETSI EN 319 411-2: QCP, QNCP, and QEVCP Profile Selection](/artifacts/global/etsi-en-319-411-2/qcp-qncp-and-qevcp-profile-selection.md): Choose the right ETSI EN 319 411-2 qualified certificate policy profile: QCP-n, QCP-l, QCP-n-qscd, QCP-l-qscd, QEVCP-w, QNCP-w, or QNCP-w-gen.
- [ETSI EN 319 411-2: workflow for selecting QCP-n, QCP-l, or QCP-w certificate profile](/artifacts/global/etsi-en-319-411-2/qualified-profile-selector-workflow.md): Select the right ETSI EN 319 411-2 qualified certificate policy profile for signatures, seals, QSCD use, and website authentication.
- [How should QTSPs select an ETSI EN 319 411-2 qualified certificate profile?](/artifacts/global/etsi-en-319-411-2/faq/qualified-profile-selection.md): A focused FAQ on choosing QCP-n, QCP-l, QCP-n-qscd, QCP-l-qscd, QEVCP-w, QNCP-w, or QNCP-w-gen under ETSI EN 319 411-2.
- [How should relying parties use trusted lists under ETSI EN 319 411-2?](/artifacts/global/etsi-en-319-411-2/faq/trusted-lists.md): FAQ on EN 319 411-2 trusted-list reliance for EU qualified certificates: relying-party notices, QTSP service identifiers, validation evidence, and source references.
- [QSCD Requirements in ETSI EN 319 411-2](/artifacts/global/etsi-en-319-411-2/faq/qscd.md): How ETSI EN 319 411-2 treats QSCD-backed qualified certificates, including QCP-n-qscd and QCP-l-qscd policies, key-use controls, QSCD verification, and certificate profile evidence.
- [QTSP Supervision and ETSI EN 319 411-2](/artifacts/global/etsi-en-319-411-2/faq/qtsp-supervision.md): How ETSI EN 319 411-2 supports QTSP supervision evidence for qualified certificate services, trusted-list reliance, liability responsibility, incident records, and audit preparation.
- [Qualified certificates under ETSI EN 319 411-2](/artifacts/global/etsi-en-319-411-2/faq/qualified-certificates.md): FAQ answer for QTSPs on how ETSI EN 319 411-2 treats EU qualified certificates, policy identifiers, QSCD variants, website certificates, and lifecycle evidence.
- [What are the qualified certificate policies in ETSI EN 319 411-2?](/artifacts/global/etsi-en-319-411-2/faq/qualified-certificate-policies.md): FAQ on ETSI EN 319 411-2 qualified certificate policies, including QCP-n, QCP-l, QSCD variants, QEVCP-w, QNCP-w, and policy identifiers.
- [Which QWAC Profile Fits ETSI EN 319 411-2?](/artifacts/global/etsi-en-319-411-2/faq/website-authentication-certificates.md): Choose between QEVCP-w, QNCP-w, and QNCP-w-gen for qualified website authentication certificates under ETSI EN 319 411-2.


---

[Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us)

(c) 2026 Sorena AB (559573-7338). All rights reserved.

Source: https://www.sorena.io/artifacts/global/etsi-en-319-411-2/en-319-411-2-vs-en-319-411-1