Republic of Moldova

GOVERNMENT
DECISION No. 405
dated 02.06.2014
on Integrated Governmental Electronic Service
Digital Signature (MSign)
Published: 06.06.2014 in the Official Gazette No. 147-151 art No: 445
In compliance with art.2 of the Law No. 173 dated July 28, 2011 on ratification of the Financing
Agreement signed between the Republic of Moldova and the International Development
Association for implementation of the Governance e-Transformation Project (Official Gazette
of the Republic of Moldova, 2011, No.131-133, art.425), the Government DECIDES:
1. To establish the integrated governmental electronic service of digital signature (MSign), state
property, as a component part of the common technological platform of the Government.
2. To approve the Regulation regarding the integrated governmental electronic service of digital
signature (MSign) (here annexed).
3. To appoint:
1) the Center for Electronic Governance (E-Government) as the possessor of the integrated
governmental electronic service of digital signature (MSign);
2) the State Enterprise Special Telecommunications Center as the technical-technological
operator of the integrated governmental electronic service of digital signature (MSign).
4. Ministries, State Chancellery and other central administrative authorities subordinated to the
Government and the organizational structures under their jurisdiction (administrative authorities
under their subordination, de-concentrated and subordinated public services, public institutions
in which the minister, the State Chancellery or other central administrative authority is the
founder), autonomous public institutions, as well as private legal entities providing public
services, within the limits of their competences provided by the law, and holding information
systems:
1) will integrate, at their own expense, the integrated governmental electronic service of
digital signature (MSign) in the new public electronic services and in the afferent information
system, including in the ones under development;

2) within a period of 9 months since the publication of the present decision, will develop and
approve, after compulsory coordination with the Center for Electronic Governance (EGovernment), the plans for integrating the integrated governmental electronic service of digital
signature (MSign) into the existing public electronic services and afferent information systems;
3) will plan financial means for integrating the integrated governmental electronic service of
digital signature (MSign) into the existing public electronic services, according to the approved
integration plans;
4) for streamlining the public expenditures, will not create services similar to the integrated
governmental electronic service of digital signature (MSign).
5. Other public authorities and institutions than the ones mentioned in point 4 of the present
decision, including the local public administration authorities, as well as the private legal entities
may use, under the conditions of the present decision, the integrated governmental electronic
service of digital signature (MSign).
6. The Center for Electronic Governance (E-Government):
1) will ensure the hosting and administration of the integrated governmental electronic service
of digital signature (MSign) on the common governmental technological platform (MCloud);
2) for the purpose of promoting the electronic services, will provide the integrated
governmental electronic service of digital signature (MSign) free of charge by January 01, 2015;
3) within the period of 6 months, will develop and submit to the Government for approval the
tariffs for the use of the integrated governmental electronic service of digital signature (MSign);
4) will provide methodological support during the integration of the integrated governmental
electronic service of digital signature (MSign);
5) will ensure the continuous development of the integrated governmental electronic service of
digital signature (MSign), including for the purpose of integrating new providers of digital
signature;
6) will ensure the automated reporting of the indicators about the use of the integrated
governmental electronic service of digital signature (MSign);
7) within a period of 6 months, will develop and submit, after coordination with the relevant
interested authorities and institutions, to the State Chancellery for approval:
the standard-agreement and the standard-contract between the Center for Electronic
Governance (E-Government) and, respectively, the providers of public services and the providers
from the private sector regarding the use of the integrated governmental electronic service of
digital signature (MSign);

the standard-agreement and the standard-contract between the Center for Electronic
Governance (E-Government) and suppliers of the digital signature regarding the integration in
the integrated governmental electronic service of digital signature (MSign);
the rules regarding the administration of the integrated governmental electronic service of
digital signature (MSign).
7. The State Chancellery will approve within one month since the submission by the Center for
Electronic Governance the documents mentioned under point 6 sub-point 7) from the present
decision.
8. The financing of the training, continuous development and maintenance of the integrated
governmental electronic service of digital signature (MSign) shall be at the expense and within
the limits of allocations approved in the State Budget Law for the respective year for the State
Chancellery for the implementation of the Governance e-Transformation Project.
9. The State Chancellery shall ensure the control over the execution of the present decision.

PRIME MINISTER

Iurie LEANC

Counter-signed:
Minister of Information Technology and Communications

Pavel Filip

Minister of Finance

Anatol Arapu

No. 405. Chisinau, June 2, 2014.

Approved via the Government Decision No. 405 dated June 02, 2014

REGULATION
regarding the integrated governmental electronic service of digital signature (MSign)

Chapter I. General Provisions

1. The present Regulation sets for the modality of operation and administration of the integrated
governmental electronic service of digital signature (MSign).
2. For the purpose of the present Regulation, the following notions shall mean:
integrated governmental electronic service of digital signature (MSign) (hereinafter referred to
as MSign service) the reusable service provided at the level of the common technological
platform of the Government, aimed to provide an integrating, secured, and flexible mechanism of
the different solutions for applying and verifying the authenticity of the digital signature by the
users (including in the context of information systems and electronic services use), offered by
digital signature providers in line with the legislation;
digital signature indispensable attribute of the electronic document, obtained as a result of
the cryptographic transformation of the respective document using the private key, meant to
confirm the authenticity of the electronic document;
participant of the MSign service possessor of the MSign service, technical-technological
operator of the MSign service, beneficiary of the MSign service, supplier of digital signature,
administrator of the MSign service, user of the MSign service;
possessor of the MSign service Center for Electronic Governance (E-Government);
technical-technological operator of the MSign service the State Enterprise Special
Telecommunications Center, which is technically administrating the technological platform of
the MSign service;
beneficiary of the MSign service provider of public services and private provider of service,
holder of the information systems integrated with the MSign service;
provider of public services, including electronic public services ministries, other central
administrative authorities subordinated to the Government and the organizational structures from
their competence, as well as the private legal entities which provide certain public services to the
users, within the limits of the competences provided in the law, and which have information
systems;

public services, including electronic public services totality of activities and actions of
public interest (including adoption of decisions) performed by ministries, other central
administrative authorities subordinated to the Government and the organizational structures
under their jurisdiction, other public legal entities, for the purpose of exercising their duties
related to individuals and legal entities, for ensuring the mechanism of enforcing the legal
interests, rights and duties of individuals and legal entities;
private providers of electronic services legal entities of private domain providing to users
certain services, including electronic services, and which have information systems;
provider of digital signature center for certification of public keys, which is a legal entity or
subdivision of the legal entity, regardless of the ownership type, and which provides services of
certifying public keys, as well as other services in the area of digital signature;
administrator of MSign service the person appointed by the possessor of the MSign service,
who has unlimited access to all the functionalities within the system for the purpose of the full
management of the MSign service;
user of MSign service (hereinafter referred to as user) the person holding the certificate of
public key, who uses the MSign service for the purpose of applying the digital signature.
Chapter II. Functions of the MSign Service
3. The main functions of the MSign Service are:
1) to ensure the application of the digital signature by the users, including in the context of the
usage of the information systems of the MSign service beneficiaries;
2) to ensure the verification of authenticity of the applied digital signature;
3) to integrate solutions regarding the digital signature provided by the different providers of
digital signature.
4. Different means of the digital signature may be used within the MSign service according to the
legislation.
Chapter III. Participants duties in the MSign service
5. The possessor of the MSign service:
1) ensures the uninterrupted functioning and the administration of the MSign service;
2) provides methodological support in the process of integration with the information systems
of the MSign service beneficiaries;

3) ensures the continuous development of the MSign service, including via identification and
integration of new providers of digital signature;
4) ensures information protection, including protection of personal data, according to the
provisions of the legislation in force;
5) ensures the quality of the MSign service provision in line with the quality indicators agreed
with the beneficiaries of the MSign service according to the exigencies set by the legislation;
6) ensures the necessary assistance to the MSign service beneficiaries for its use;
7) appoints the administrator of the MSign service;
8) concludes agreements with the beneficiaries of the MSign service, according to the model
approved by the State Chancellery;
9) concludes contracts with private service providers, according to the template approved by
the State Chancellery;
10) concludes agreements or contracts, as needed, for integrating digital signature providers in
the MSign service, according to the template approved by the State Chancellery.
6. The technical-technological operator of the MSign service ensures on contractual basis:
1) the availability and technical administration of the technological platform of the MSign
service according to the set quality parameters;
2) operational monitoring of the MSign service;
3) continuity of the operation of the MSign service technological platform in disaster
situations;
4) the security of the MSign service;
5) the technical support of the MSign service.
7. Public services providers:
1) use the MSign service in the process of provision of public electronic services;
2) conclude agreements with the possessor of the MSign service, according to the template
approved by the State Chancellery.
8. Private electronic services providers:
1) conclude contracts with the possessor of the MSign service, according to the template
approved by the State Chancellery;

2) support at their own expense the costs related to the integration and usage of the MSign
service.
9. Provider of digital signature:
1) provides automated mechanisms for applying and verifying the authenticity of the digital
signature;
2) ensures the supply to the MSign service of accurate and up-to-date data;
3) ensures the availability of mechanisms for applying and verifying authenticity of the digital
signature according to the quality parameters set in contractual arrangements, in compliance with
the exigencies set by the legislation;
4) concludes with the possessor of the MSign service agreements and contracts, as needed, on
integration (including application and verification of the digital signature authenticity) in the
MSign service, according to the template approved by the State Chancellery.
10. Administrator of MSign service:
1) has unlimited access to all the functionalities of the system for its full management
according to the procedures for MSign service administration, described in the Rules for MSign
Service Administration, approved by the State Chancellery;
2) administrates the list of information systems which are integrated with the MSign service;
3) administrates the list of providers of digital signature integrated with the MSign service.
11. The user uses the MSign service for selecting the provider of digital signature for the purpose
of applying the digital signature and for verifying the authenticity of the digital signature,
including in the context of using the information systems of the MSign service beneficiaries.
12. The persons with public dignity functions and public officials form specialized central public
administration authorities use within the MSign service the digital signature means, issued by the
Center for certifying public keys of the public administration authorities.
Chapter IV. Information security and personal data protection in the MSign service
13. The MSign service is hosted on the common governmental platform MCloud and complies
with the security requirements set forth by the legislation in force, including in the area of digital
signature usage.
14. The exchange of information between the information systems for the purpose of operating
the MSign service shall be performed via secured channels, using mechanisms for information
cryptographic protection.

15. The processes for applying and verifying the authenticity of the digital signature from the
MSign service shall be carried out in line with the legislation related to digital signature.
16. Personal data are processed within the MSign service during the process of applying and
verifying the authenticity of the digital.
17. For ensuring the security of the personal data processed as a result of MSign service use, the
involved authorities and institutions shall act within the limits of their competences in line with
the legislation on personal data protection.
18. While using the MSign service, the use shall have the possibility to select the provider of
digital signature or to refuse the signing.
19. When choosing the option of applying the digital signature, the use confirms implicitly the
accuracy of the personal data contained in the certificate of the public key and agrees for its
personal data to be processed for the purpose of applying and verifying the authenticity of the
digital signature.
Chapter V. Integration of the MSign service
20. The application and verification of the digital signature authenticity shall be carried out via
the digital signature providers integrated in the MSign service.
21. The responsibility for the authenticity of the digital signature stays with the digital signature
providers integrated in the MSign service.
22. The technical-technological operator of the MSign service and the possessor of the MSign
service shall be responsible for ensuring the integrity of the information obtained as a result of
applying and verifying the authenticity of the digital signature by the digital signature providers
in the context of data exchange with the connected information systems.
23. The new digital signature providers shall be integrated with the MSign service in the way set
forth in the legislation in force, if the meet all the legal exigencies.
24. The integration of the MSign service beneficiaries shall be carried out in line with agreement
of the contract, as needed, concluded between the MSign service beneficiary and the MSign
service possessor, the templates of which are approved by the State Chancellery.