Standards bodies

CEN-CENELEC JTC 21

AI Act harmonized standards under Standardisation Request M/593 (and Amendment M/613).

JTC 21 is the European committee delivering harmonized standards for AI Act presumption-of-conformity. Work is organised across five working groups; the most relevant to cryptographic attestation are WG2 (operational aspects, AI risk management systems) and WG3 (trustworthiness).

Posture: observer and prospective contributor via the Estonian national mirror committee at the Estonian Centre for Standardisation and Accreditation (Eesti Standardimis- ja Akrediteerimiskeskus, EVS).

Status: a brief derived from the survey paper and the companion mapping paper is in preparation as a possible input to JTC 21 workstreams on AI System Logging (prEN ISO/IEC 24970) and trustworthiness (WG3). At the time of writing no submission has been made.

ETSI TC ESI

Technical Committee on Electronic Signatures and Trust Infrastructures.

TC ESI maintains the ETSI EN 319 family — the technical backbone for eIDAS trust services — and has announced a trustworthy-AI workstream that sits at the eIDAS / AI Act interface.

Posture: prospective observer via national member channels and through TC ESI's public-comment mechanisms.

Status: expected engagement during the eIDAS 2.0 Implementing Acts comment windows over 2026–2027. No submission yet.

ISO/IEC JTC 1/SC 42

Artificial Intelligence.

SC 42 is the international counterpart to CEN-CENELEC JTC 21 and the upstream source for several harmonized standards being mirrored into the European program.

Posture: prospective observer, expected to follow rather than lead the European tracks. Engagement mediated through the same national body (EVS).

IETF SCITT

Supply Chain Integrity, Transparency, and Trust Working Group.

SCITT is the most relevant cryptographic-transparency forum for the patterns described in the survey paper. Its transparency-service abstractions overlap with the AAL-2 logging requirements specified by OVERT 1.0.

Posture: individual-reader participation — the mailing list and published drafts — the easiest of the four channels to engage honestly, since no national-mirror plumbing is required.

PKI Consortium

Industry consortium on PKI operations, certificate transparency, and post-quantum migration.

The PKI Consortium convenes certificate authorities, vendors, and relying parties around operational PKI questions. Its Post-Quantum Cryptography Working Group and the certificate lifecycle and transparency tracks intersect the root-of-trust assumptions that AAL-2 attestation logging inherits from the Web PKI.

Status: Tyche Institute's organisational membership application entered the PKIC member-feedback period on 1 June 2026. Final Executive Council approval remains pending; this page will switch to member language only after approval and listing.

What this means

None of the above constitutes membership in a standards committee. The channels are named here so a reader can locate them and apply the same critical lens to any material the institute later submits as to a vendor brief. The competing-interest disclosures published with each working paper apply in full to any such submission.

The PKI Consortium application is a pending organisational membership review, not an endorsement of Tyche Institute's publications, tools, or positions.

This page is the status; it will be updated when a submission is made or a posture changes. See the Research page for the underlying papers.