This page is available in English only
Statoil accepts that electronic signatures may be used as an alternative to written signatures.
Below is information regarding:
- Electronic Signing of data sent from Statoil
- How to establish a trust with Statoil to enable Electronic Signing of data sent to Statoil
- Limited warranty and disclaimer / Limitation of liability
Electronic Signing of data sent from Statoil
Statoil has implemented various measures to support Electronic Signing of documents sent to partners outside of Statoil. Electronically signed documents sent from Statoil, should automatically appear as valid in the application of the receiver. The most used applications in Statoil that support Electronic Signing is Microsoft Office and Acrobat Adobe.
See below for more information on Statoil PKI and the different measures.
- Statoil issues Qualified certificates (also known as "Electronic ID") to Subjects employed by Statoil or working with Statoil under contract and for Relying Parties who has entered an agreement with Statoil, in accordance with its "Public Key Infrastructure Disclosure Statement" Statoil Qualified Certificate Policy is based on EN 319 411-3  and includes requirements for issuing qualified certificates (as required in Article 5.1 of the Electronic Signature Directive) in accordance with Norwegian “Lov om elektronisk signatur”.
- Statoil is listed on the Trusted List of Norway, managed by the Norwegian Post and Telecommunications Authority (NPT).
- The Statoil Qualified CA has been cross certified with the GlobalSign “Trusted Root CA G2” and the GlobalSign “GlobalSign Primary SHA256 CA for Adobe”.
The Statoil PKI adheres to Adobe Systems Incorporated “CDS Certificate Policy” (OID 1.2.840.1135188.8.131.52)
The cross-certification certificates are shown in Appendix A in "Public Key Infrastructure Disclosure Statement" (click button below to download PDF)
How to establish a trust with Statoil to enable Electronic Signing of data sent to Statoil
Statoil accepts that electronic signatures may be used as an alternative to written signatures, provided that the issuer of certificates for electronic signatures is on the “Trusted List” issued by the Norwegian Post and Telecommunications Authority or any equivalent trusted list issued by any similar authority within the European Economic Area. Statoil will on a case by case basis at its own discretion accept an issuer of electronic certificates not on “Trusted Lists", after having been given access to the issuer’s certificate policy, certificate practice statement and an audit report verifying that the issuer is acting in accordance with such documents. If subsequently there has been a significant change to the issuers system for electronic signatures or if Statoil so reasonably requires, this mechanism shall be reapplied.
Please send the following information to Statoil by this email-address:
- Certificate policy
- Certificate practice statement
- Audit report
- Contact person in your company
- Contact person in Statoil
- Any special conditions, if applicable
Statoil will evaluate the request and implement the trust, so that incoming electronic signatures are successfully validated by our applications.
Limited warranty and disclaimer / Limitation of liability
Please see chapter 7 on PDF. Download by clicking button below.