The European Commission's update revealed the sheer pace of regulatory implementation. Since December 2024, we've seen multiple batches of implementing acts published, with more arriving imminently. The policy officer from DG Connect's Digital Identity and Trust Unit outlined the timeline: reminding that implementing acts on electronic attestation of attributes and PID providers are already published, while acts on qualified certificates, electronic seals, and signature creation devices will appear in October or November.
What caught my attention was the clarity around application timelines. While most implementing acts apply immediately upon publication, the conformity assessment changes won't apply until April 29, 2026, giving trust service providers time to adapt, but leaving a sense of uncertainty in the room.
Five implementing acts are currently open for public consultation through the Commission's Have Your Say portal:
The Commission explicitly stated they want market feedback on these, particularly where European standards don't yet exist.
ENISA's presentation clarified why a cybersecurity agency handles eIDAS implementation. As their representative explained, trust services form the foundation for all cybersecurity efforts. Without trusted digital identity and secure products, the broader cybersecurity infrastructure cannot function effectively.
ENISA is developing the certification scheme for EUDI wallets with a clear goal: making certification an enabler rather than a blocking point. This pragmatic approach acknowledges that overly burdensome certification could stifle innovation and adoption.
The standards landscape presentation revealed remarkable progress. ETSI has either published or is finalising standards covering the entire EUDI wallet ecosystem:
Most significant was the announcement that these standards incorporate specifications from the OpenID Foundation and align with global frameworks while maintaining European requirements. The first versions are available now, with updates planned over the next two years based on implementation experience.
This convergence aligns well with our technical approach at Vidos. We already support W3C Verifiable Credentials Data Model v2.0, which the forum confirmed as foundational for EUDI wallets. Our support for ISO/IEC 18013-5 (mDL) positions us for the high-assurance credential requirements discussed extensively. The OpenID for Verifiable Credentials protocols mentioned throughout align with our existing implementation.
A Special Task Force call for experts is open until 21 November for ETSI members to shape the next generation of standards for 2026-2027.
The Commission's infrastructure team outlined their roadmap for trust list deployment. The centrepiece will be a major interoperability testing event on 10-12 December 2025 in Brussels, where wallet providers and relying parties can test their solutions. The Commission is now accepting expressions of interest through their EU Survey platform: https://ec.europa.eu/eusurvey/runner/EUWALLETS-SUMMIT25-Expression_of_Interest
The timeline for trust infrastructure deployment:
Notably, five Member States are already piloting the "Keys wallet" for age verification use cases, with results expected by year-end.
The ECASEC chair's presentation reframed supervision from mere compliance checking to enabling cross-border trust. Without harmonised supervision, mutual recognition of qualified trust service providers would be impossible. The framework distinguishes between ex-ante supervision for qualified providers (proving compliance in advance) and ex-post supervision for all providers.
The presentation emphasised that supervision must evolve to meet tomorrow's challenges, from EUDI wallets to post-quantum cryptography. Trust grows when supervision is effective; when supervision fails, trust evaporates.
The Commission revealed expanding international cooperation beyond Europe. Active collaborations with Ukraine, Moldova, Japan, India, and Brazil aim to create interoperable trust frameworks across continents. The vision extends to mutual recognition of electronic signatures with legal validity across jurisdictions.
The Luxembourg administration's adoption of the Commission's open-source preservation tools for maintaining signature validity over 20-30 years demonstrates practical implementation of these cross-border ambitions.
The forum's technical discussions highlighted the importance of supporting multiple credential formats and proof mechanisms. The ecosystem won't converge on a single technical approach but will require verifiers to handle various formats. Our support for JWT signatures, JSON-LD with Data Integrity Proofs, and mDocs positions us to verify credentials regardless of the technical choices made by issuers.
We believe it's important to emphasise DID method diversity. Flexible architecture means support for multiple DID methods through resolver infrastructure is available to any organisation accepting credentials. Our Universal Resolver's support for numerous DID methods, including did:web and did:key, aligns with this multi-method approach.
The forum made clear that theoretical discussions are over. Enterprises must now:
The forum was extremely informative (and we'd like to express our thanks to the organisers). It demonstrated that European digital identity infrastructure is transitioning from concept to reality. With implementing acts published, standards finalised, and infrastructure deploying, organisations must move from planning to implementation.
For Vidos, our standards-agnostic approach supporting W3C VCs, ISO mDL, and multiple DID methods positions us well for this diverse ecosystem. We're implementing the ETSI standards, preparing for trust list integration, and ensuring our verification infrastructure aligns with the emerging requirements.
The December 2025 Brussels interoperability event will be a crucial milestone. Organisations that engage now with standards implementation and regulatory consultation will shape the practical reality of European digital identity.
For more information on preparing your organisation for eIDAS 2.0 and EUDI implementation, get in touch.
