The Communiqué Amending the Communiqué on Processes and Technical Criteria Regarding Electronic Signature ("Communiqué") has entered into force on 28 December 2022 upon its publication in the Official Gazette numbered 32057, in order to extend the validity period of the first paragraph of Article 6 of the Communiqué on Processes and Technical Criteria Regarding Electronic Signature.
According to Article 6/1 of the Communiqué on Processes and Technical Criteria Regarding Electronic Signatures, the signature creation and verification data and summarization algorithms must comply with the ETSI TS 119 312 standard and the following algorithms and parameters, the signature creation and verification data of signatories must be at least 2048 bits for RSA or at least 3072 bits for DSA or at least 256 bits for DSA Elliptic Curve, the signature creation and verification data of Electronic Certificate Service Providers must be at least 4096 bits for RSA or at least 3072 bits for DSA or at least 256 bits for DSA Elliptic Curve provided that RSA-PSS is used for signatures, and the summarization algorithm must comply with SHA2-256 or SHA2-384 or SHA2-512 or SHA3-256 or SHA3-384 or SHA3-512 algorithms and parameters.
With the published Communiqué, the validity of the algorithms and parameters specified in Article 6/1 of the Communiqué on Processes and Technical Criteria Regarding Electronic Signature that was published in the Official Gazette dated 6 January 2005 and numbered 25692 has been extended from 31 December 2022 to 31 December 2025.
The provisions of this Communiqué shall be executed by the Chairman of the Information and Communication Technologies Board.
You can access the Communiqué in Turkish through this link.
Information first published in the MA | Gazette, a fortnightly legal update newsletter produced by Moroglu Arseven.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
