SMP 4.2 released

We are happy to announce that SMP 4.2 was released. SMP is the sample implementation of an eDelivery Service Metadata Publisher maintained by the European Commission.

SMP 4.2 includes a number of new features, improvements, and bug fixes, among which:

• UI single sign-on authentication using an external CAS authentication server.
  Service providers can now seamlessly integrate the eDelivery SMP into their environment in a way that allows end users to access multiple applications while providing their credentials only once. This feature also provides a safer environment for the end users, as it allows SMP to authenticate without gaining access to a user's security credentials, such as a password.

• Separate UI login credentials and Rest Service (API) credentials (access tokens).
  To allow more secure credential management for the end user, access tokens are now used for web service authentication, with the username/password only used for interactions with the user interface.
• Extension framework: support for custom extensions for payload security verification (e.g., malware scanning).
  To ensure safe use of the eDelivery SMP, service providers can now create and deploy a custom-made SMP extension for security scanning of files uploaded by the end users.
• Alert features: ability to send email notifications for alerts (e.g., when credentials are about to expire, failed logins, etc.)
  The eDelivery SMP will be able to send automated email alerts to end users before (and after) their credentials expire.
• Configuration properties that can be now edited in the UI.
  No more manual database or file property updates and server restarts. Now SMP configuration can be altered using the Admin service console.
• Admin UI services made accessible using a separate URL, avoiding the need to expose sensitive service to the Internet (e.g., it can be secured via a firewall).

• Support for multivalued RDN certificates for authentication to SMP.
• Support for SSLClientCert header authentication (base64-encoded X.509 certificate) when authenticating the client for the Rest Service (API) via reverse proxy.
• X.509 certificate policy extension validation: the eDelivery SMP now has the option to restrict the valid certificates, which must have a certificate policy ID from the allowed list of policy IDs.
• Support for participant identifiers without the scheme: they can now be used as service group identifiers.
• Various security enhancements.

SMP 4.2 is backward compatible with 4.1.x.

You can find more information about the release on this page.

For more information, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu

The eDelivery Building Block | SMP

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

SMP is the sample software provided by the European Commission to implement an eDelivery Service Metadata Publisher (SMP) for publishing and retrieving data necessary for an eDelivery party to dynamically configure its system for message exchange with counterparties using eDelivery. It is based on the eDelivery SMP profile, an open technical specification for publishing service metadata within a 4-corner network.

Photo by Shahadat Rahman on Unsplash

Once Only Technical System, the first European data space

Today, an increasing number of Europeans would like to use the Internet, websites and apps, for completing procedures also in another EU Member State. For example, students are applying to universities abroad, citizens are making the necessary arrangements before moving to another Member State, companies and the self-employed offer services and hire employees in countries across the EU.

Carrying out administrative procedures online is becoming the new normal. Therefore, most public authorities in the EU are already offering their services online or will do so very soon. However, despite working well in a national context, the same does not apply when citizens and businesses from other Member States try accessing these online services. This constitutes a barrier to cross-border mobility as it inhibits citizens and businesses to make the most of the Single Market. For example, in most Member States, citizens can already request a change of address or complete the registration of a vehicle online without the need for physical interactions. However, in cross-border situations, citizens and businesses still face significant difficulties in doing this because of lack of interoperability and trust within and between the Member States.

The Single Digital Gateway Regulation (Regulation (EU) 2018/1724) (SDGR) is a multifaceted EU-wide initiative that strives to create the digital infrastructure required to overcome these challenges. It aims to help citizens and businesses make best of the Single Market. Three specific projects make this concrete.

First, since December 2020, the Your Europe portal implements the functionalities requested by the SDGR by providing reliable information about Single Market rights. It offers useful information about online public services available in each Member State and the associated administrative procedures required, e.g., for studying, working or retiring abroad. Furthermore, it provides online access to assistance and problem-solving services on how to carry out certain administrative procedures.

Second, by December 2023, 21 procedures listed in Annex II to this Regulation will have to be made available to users fully online, allowing citizens and businesses to identify themselves by electronic means, fill in the application, provide supporting evidence or request it through the OOTS, sign and submit the application to the competent authorities. The completion of an online procedure will be confirmed with an automatic acknowledgment of receipt. The output of the procedure will also have to be delivered electronically. Physical delivery will still be possible, if required by EU or national law. From the same date, cross-border users should have a non-discriminatory access to administrative procedures, that are available online for national users.

Third, the SDGR also provides the legal framework for the creation of a European data space for public administrations to share information in a trusted way. By December 2023, this government-to-government data space, known as the Once-Only Technical System (OOTS), will be rolled out in every Member State. It will significantly ease and speed up the cross-border administrative procedures covered by the SDGR. Thanks to the OOTS, it will be easier for citizens to study, move, work, retire or do business across the EU. The OOTS will connect public authorities across the EU, so they can exchange official documents and data at the citizen's request.

However, this information can be only retrieved after the user (citizen or business) has made an explicit request for it to be exchanged and has been given a chance to preview it, except where provided otherwise by Union or national law. For example, when a citizen is requested to provide a copy of their birth certificate, academic diploma, or a vehicle registration document, they will be able to request this information to be automatically retrieved from the relevant public authority in another Member State.

The OOTS will therefore greatly facilitate cross-border data exchange without the need for EU-wide standardisation. To this end, the "OOTS mapping service" will ensure that users will find the appropriate document to request from another Member State to complete an online procedure. This service will lower search-costs for everyone, in addition to making it easier and efficient to find the specific administrative requirements across Member States, which can continue to be the same as today. Citizens and businesses will no longer need to visit multiple public authorities’ websites to discern what the equivalent evidence (e.g., a document) is and where to find the right issuer of that evidence in another Member State.

The OOTS is not a monolithic system. Instead, it is a technical framework for data-sharing, governed by the Member States and the European Commission. The OOTS data space is a fully distributed data space for trusted data-sharing between independent systems in each Member State. To achieve this, the OOTS creates an interoperability layer based on common and mature “building blocks” coming from the Digital Europe Programme. For example, it will use the eIDAS cross-border electronic identification building block, known as eIDAS eID. In addition, the eDelivery access points will create a virtual secure network on top of the public Internet. The OOTS will also be fully compatible with the future European Digital Identity Wallet as a new means of authentication to public services offering the ‘once only’ option.

The favourable opinion from Member States on the Implementing Regulation on the OOTS marks a key milestone moving towards a cross-domain, cross-border data space where citizens and businesses will no longer have to supply the same data to public authorities more than once. The OOTS will become a reusable template for other data spaces that require data to flow securely within the EU, implementing privacy preserving functionality such as the user’s explicit request and preview, and supporting the European data strategy.

Other data space initiatives are exploring how to leverage the architecture and know-how of the OOTS. This is not only a great opportunity to accelerate the creation of other data spaces, based on common building blocks, but also a way to reduce costs and improve interoperability. The Once Only initiative can therefore serve as a keystone in the creation of a common European data space.

eDelivery proposed as best reusable solution for secure data exchange in the OOTS

Following a positive vote of the Member States, the European Commission is gearing up to start the implementation of the SDG Once-Only Technical System (OOTS) – a technical system for the cross-border automated exchange of evidence and application of the Once-Only Principle. The creation of the OOTS was mandated by the Single Digital Gateway Regulation, with the aim to make it easier for individuals and companies to act in the EU’s internal market by reducing their burden when dealing with public administration. The OOTS will be launched in December 2023 and will enable trusted and secure cross-border data sharing between competent authorities in the EU Member States.

The OOTS team has proposed the use of eDelivery alongside other Digital Building Blocks for the implementation of the system. eDelivery is believed to be the most suitable reusable solution for secure data exchange for the OOTS as it is technology neutral and accommodates different national solutions underpinning the functioning of the administrations’ databases.

eDelivery will be used in OOTS as the underlying technology for public authorities across the EU to securely exchange evidence required in administrative procedures (such as birth certificates, university diplomas and alike) with one another. To enable the evidence exchange, each Member State will deploy at least one eDelivery Access Point, with some deploying several. With over 30 products to choose from, Member States will be able to freely select the provider(s) of their eDelivery software that better suit their needs.

In OOTS, a business-specific discovery model will be employed. This model will be a mixture of static and dynamic discovery and will rely on a Data Service Directory that maps the type of evidence required to the national authorities and the eDelivery Access Point(s) that can be used to reach these authorities.

For more information regarding eDelivery, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu.

The Once-Only Technical System

The Once-Only Technical System will enable public entities to share citizen data with each other, so that people using any public services only have to enter their information once. With its rollout in every Member State by the end of 2023, the Once-Only Technical System – composed of EU-wide building blocks such as eID and eDelivery – aims to provide a template for other data spaces in different sectors.

The eDelivery Building Block

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

Photo by Conny Schneider on Unsplash

Join us in one of the upcoming eDelivery events

With the transition to the Digital Europe Programme now completed, the eDelivery team is happy to share its planned communication and stakeholder engagement activities for the year to come. After the webinar on how to send an AS4 message with eDelivery AS4 sample software Domibus on 13 July 2022, the team is planning the relaunch of Informal Cooperation Network for eDelivery on 9 September 2022. The network serves as a forum for knowledge sharing, collaborative work and discussing the common challenges and best practices for cross-border eDelivery implementation. It brings together on a regular basis experts nominated by Member States who are involved in the use of eDelivery at the national and European level. We also invite all interested eDelivery stakeholders to write to us in case they would like to be invited to one of the upcoming network meetings to present their work, raise their concerns, questions or issues.

Right afterwards, on 15 September 2022 we’ve already booked our calendars for another live hands-on experience with Domibus for those who missed it in July due to summer holidays. In the following months the eDelivery team will also invite users to learn more about the new features and improvements in the Domibus 5.0 release. The business users are going to have a dedicated webinar as well about eDelivery value proposition, the various possibilities of its implementation, success stories and support activities they could expect from eDelivery team.

The SDG Once Only Technical System community will also be invited to a dedicated event on Once Only Technical System and eDelivery implementation. Further webinars are planned for interested service providers to learn about market opportunities regarding developing AS4 services to offer their customers who would like to use eDelivery Access Points as a service, while the eDelivery team is also planning the relaunch of the eDelivery Interoperability Forum for creators of AS4 conformant software. Current and prospective users of Domibus will be invited next year to several webinars on the options available for their existing IT systems to interact with Domibus as an eDelivery Access Point (web service-, file system- and JMS-based integration). Finally, webinars on dynamic discovery using SMP and SML will follow in 2023.

In case you would like to be informed about our future events and stakeholder engagement activities personally, please do not hesitate to contact us by email EC-DIGITAL-BUILDING-BLOCKS@ec.europa.eu or register here.

The eDelivery Building Block

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

Domibus is the sample software provided by the European Commission to implement an eDelivery AS4 Access Point for the interoperable, secure and reliable exchange of data. It is based on the eDelivery AS4 profile, an open technical specification for the secure, web-based, payload-agnostic exchange of data or documents.

SMP is the sample software provided by the European Commission to implement an eDelivery Service Metadata Publisher (SMP) for publishing and retrieving data necessary for an eDelivery party to dynamically configure its system for message exchange with counterparties using eDelivery. It is based on the eDelivery SMP profile, an open technical specification for publishing service metadata within a 4-corner network.

SML is the sample software provided by the European Commission to implement an eDelivery Service Metadata Locator (SML) for an eDelivery party to discover the URLs of other counterparties using eDelivery Access Points and their corresponding metadata. It is based on the eDelivery BDXL profile, an open technical specification for locating Access Points within a network.

Photo by Headway de Pere on Unsplash

eDelivery – a success story of European reuse

According to available monitoring data, by the end of Q1 2021 eDelivery was being used by 39 multi-country projects, with another 25 being in the process of implementing it. These projects led to the implementation of hundreds of Access Points and to exchange of millions of messages everyday thanks to eDelivery technology. Furthermore, an expansion of the use of the building block across several eGovernment sectors was observed. Many believe that eDelivery was one of the most successful reuse initiatives to have ever been carried out in European public administration, and the monitoring of the adoption of the building block confirms this assumption.

eDelivery has been used in a wide range of sectors across many domains. For example, the Import Control System 2 (ICS 2), a critical EU-system supporting implementation of customs safety and security regulatory regime, uses eDelivery to provide economic operators with a single harmonised trader interface with the customs authorities. ISC 2 uses TAPAS, an eDelivery  Access Point for AS4, through which all the data about the goods entering the EU is received.

In the area of company law, the Business Registers Interconnection System (BRIS) and the Beneficial Ownership Registers Interconnection System (BORIS) connect the EU Member States’ national registers to each other and with the European Commission Central Platform using eDelivery Access Points.

In the area of eProcurement, OpenPeppol relies on eDelivery to enable European businesses to easily deal electronically with any European public sector buyers in their procurement processes, thereby increasing opportunities for greater competition for government contracts and providing better value for taxpayers’ money.

In the justice domain, a number of projects rely on e-CODEX – a European digital infrastructure for secure cross-border communication in the field of justice, which uses eDelivery for secure information exchange. For example, eEvidence Digital Exchange System (eEDES) relies on e-CODEX for the standardised encoding, transmission and follow-up of the European Investigation Order forms. e-CODEX and eDelivery are also at the core of implementing the Commission’s policy of “Digitalisation of cross-border judicial cooperation”. eDelivery is mentioned as a key component in the cross-border electronic exchange of data in the area of judicial cooperation in civil and criminal matters in the recent Regulation (EU) 2022/850.

eDelivery plays a key role in the eGovernance of the Inland Waterways Transport (IWT) sector, contributing to the implementation of a Single Digital Gateway and Once-Only Principle in everything that regards data on IWT crew (the European Crew Database Project). In the project on the European Maritime Single Window environment (EMSWe), the European Commission selected eDelivery (and Domibus) as one of the protocols to be used by the harmonised reporting interface module (RIM), which means all maritime Member States will support eDelivery once they start operating the RIM.

Starting in September 2022, eDelivery will also be piloted as the interoperable messaging protocol in enabling the European Health Data Space (EHDS). Finally, in the area of taxation management eDelivery has been selected as a tool to facilitate data transfer from Member States to the Central Electronic System of Payment information (CESOP). The objective of the CESOP is to give tax authorities of the Member States the right instruments to detect possible e-commerce VAT fraud carried out by sellers established in another Member State or in a non-EU country. The transmission of data must start in January 2024.

While most of the above projects use eDelivery Access Points in a static configuration approach where all participants are preconfigured, an increased interest in the eDelivery SML service is also observed in implementations where dynamic discovery of participants is at play. In 2021, four domains joined the eDelivery SML service, while two more requested additional subdomains in 2022 to further diversify their projects.

For more information regarding eDelivery  and the eDelivery SML service, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu.

The eDelivery Building Block

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

The eDelivery SML Service operates an instance of the SML software to enable dynamic discovery of participants in message exchange networks. It is open to domains interested to use SML as a service.

Photo by Jonathan Kemper on Unsplash

eDelivery Roadmap for 2022 and beyond

Secure digital data exchange is becoming ever easier thanks to the constant upgrade of the eDelivery service package. The building block’s roadmap for the second half of 2022 - beginning of 2023 includes several major updates that offer a wide range of new features in response to user needs and the latest evolutions of the underlying technologies. In particular, an upgraded version the Service Metadata Locator (SML) is scheduled for release still this year, while new versions of Domibus and the Service Metadata Publisher (SMP) should be released in the first and second quarter of 2023, respectively.

In October 2022, a new version of the European Commission’s sample implementation of an eDelivery Service Metadata Locator, SML 4.2, will be released. SML is an eDelivery software component central to a messaging infrastructure that enables dynamic discovery through DNS lookups. Access Points can perform such lookups to discover the location where they can find the service metadata (e.g., the URL, certificate and capabilities) of the destination Access Point for a particular message. The DNS entries required for this model to work are created by the SML component according to a defined technical specification.

SML 4.2 will be largely a technical release building upon the currently used version 4.1.1 that will upgrade libraries to the latest versions to mitigate security threats, support the latest versions Tomcat and MySql and facilitate integration into the Docker ecosystem by adding support for SpringBoot.

A new version of the Service Metadata Publisher (SMP) is also being prepared for release in mid-2023. Along with the SML, the SMP enables the process of dynamic discovery of service metadata information by storing, exchanging and performing lookups of the service metadata (e.g., the URL, certificate and capabilities) of participants in an eDelivery messaging infrastructure.

The new version of the software, SMP 5.0, will introduce support for publishing multiple metadata documents (in particular, OASIS ebXML Collaboration Protocol Profile 3.0 and OASIS SMP 2.0 ones), cater for Access Points that want to publish different configurations for the security algorithms they understand, update to the latest versions of Java, Tomcat, WebLogic and MySQL and facilitate integration into the Docker ecosystem by adding support for SpringBoot.

Last but not least, an upgraded sample implementation of an eDelivery Access Point, Domibus 5.1, is planned for release in Q1 2023. Domibus is an open-source sample implementation of the eDelivery AS4 Profile, maintained and supported by the European Commission.

Domibus 5.1 will include, e.g., support for different security algorithm configurations, separate and multiple types of private keys to be used by the different security configurations, retry strategy with increasing delay between attempts, separately configurable retention policy for metadata and further new features and improvements

Stay tuned for the latest updates on the eDelivery services by checking the building block's web page. For more information, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu.

The eDelivery Building Block

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

Domibus is the sample software provided by the European Commission to implement an eDelivery AS4 Access Point for the interoperable, secure and reliable exchange of data. It is based on the eDelivery AS4 profile, an open technical specification for the secure, web-based, payload-agnostic exchange of data or documents.

SMP is the sample software provided by the European Commission to implement an eDelivery Service Metadata Publisher (SMP) for publishing and retrieving data necessary for an eDelivery party to dynamically configure its system for message exchange with counterparties using eDelivery. It is based on the eDelivery SMP profile, an open technical specification for publishing service metadata within a 4-corner network.

BDMSL is the sample software provided by the European Commission to implement an eDelivery Service Metadata Locator (SML) for an eDelivery party to discover the URLs of other counterparties using eDelivery Access Points and their corresponding metadata. It is based on the eDelivery BDXL profile, an open technical specification for locating Access Points within a network.

Photo by Anders Jildén on Unsplash

Choice of eDelivery conformant solutions ever larger

The number of solutions joining the eDelivery AS4 and SMP conformance lists has been constantly growing in the recent years. For instance, in 2021 one solution has passed the Conformance Testing for the eDelivery AS4 profile and one has done so for the eDelivery SMP profile. In 2022, three solutions have joined the list of eDelivery AS4 conformant solutions, and two more were added to the list of eDelivery SMP conformant ones.

The eDelivery Building Block is keen to extend the list of conformant solutions to include more ‘eDelivery as a service’ entries in addition to ‘eDelivery as a product’ ones. This would help better meet the diverse needs of the users by offering them more versatile and tailored services. Additionally, a more significant presence of service providers would better cater for the SME market, for which software as a service is often a less costly and time-consuming approach compared to self-hosting.

The eDelivery AS4 profile is an open specification for the secure and payload-agnostic exchange of data using web services. It is based on ebMS 3.0 and AS4 standards of OASIS/ISO. In order to be recognized conformant, the Access Points are currently tested against the eDelivery AS4 - 1.15 specification, which was published in November 2020, replacing the previously used AS4 - 1.14 version. As of today, a total of 30 solutions have passed or are in the process of passing the conformance testing according to the eDelivery AS4 profile.

The eDelivery SMP profile is an open specification for publishing service metadata within a 4-corner network. It is based on the OASIS Service Metadata Publishing (SMP) Version 1.0 standard. The SMP is currently being tested against the eDelivery SMP - 1.10 specification, which was published in May 2018, replacing the obsolete e-SENS SMP - 1.9.0. A total of ten solutions have by now passed or are in the process of passing the conformance testing according to the eDelivery SMP profile.

The latest releases and the test reports of all listed solutions along with the vendors’ contact details can be found in the eDelivery Services webpage (check here for eDelivery AS4 conformant solutions and here for eDelivery SMP conformant ones). More details about the two eDelivery profiles are available in the corresponding pages of the European Commission’s DIGITAL website (eDelivery AS4 Profile and eDelivery SMP Profile).

For more information, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu.

The eDelivery Building Block | Conformance testing service

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

The eDelivery Conformance Testing service allows software vendors and service providers to verify that an implementation of the eDelivery Access Point and/or SMP specifications is conformant to the relevant eDelivery specifications.

New service provider for the eDelivery PKI

The eDelivery Public Key Infrastructure (PKI) service is currently being migrated from its incumbent certification authority to CommisSign-2, the certification authority of the European Commission.

As part of the migration, the PKI domain owners are requested to sign the updated General Terms and Conditions (GTC) document to ensure an uninterrupted provision of eDelivery PKI service to their users. The signature of the updated GTC document is a pre-condition for a domain to be able to request certificates from the new provider. Once the GTC document is signed for a certain PKI domain, the users will be asked to follow a new process to request and renew their digital certificates. Details about the forthcoming changes in the process are communicated to the domain owners alongside the GTC document.

All domains will have to migrate before the end of September 2022 and subsequently invite their users to request new CommisSign-2 certificates., no later than the end of January 2023. In early 2023, all still valid certificates issued by the previous certification authority will be revoked.

For more information regarding the eDelivery PKI service, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu.

The eDelivery Building Block | PKI service

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

The eDelivery PKI service enables issuance and management of the digital certificates used on the deployed eDelivery components, e.g., between eDelivery Access Points (AP) and Service Metadata Publishers (SMP), to ensure confidentiality, integrity and non-repudiation of the data moving across systems.

In its capacity of Solution Provider of the eDelivery Building Block, the European Commission makes available a PKI service to organisations participating in eDelivery-based projects operated by the EU and EEA public administrations. Such public administrations first have to establish themselves as PKI domain owners in relationship to the service. The organisations who are authorised by the PKI domain owner to be part of their domain can then use the eDelivery PKI service to obtain digital certificates. The use of the eDelivery PKI is optional, policy domains may choose to use any other PKI service or mutual trust mechanism.

Photo by Zack Walker on Unsplash

Domibus 4.2.10 released

We are happy to announce the release of Domibus 4.2.10. Domibus is the sample implementation of an eDelivery Access Point maintained by the European Commission.

Domibus 4.2.10 includes a number of improvements and bug fixes, among which:

• Bug fix: domain names are no longer case sensitive in PModes
• Bug fix: Domibus no longer accepts messages signed with key corresponding to a different party if the sending party's certificate is not configured in the trust store
• Supported Wildfly version updated to 26.1.0
• Several libraries updated to their latest versions

Domibus 4.2.10 is backward compatible with 4.2.x versions. The upgrade is strongly encouraged.

You can find more information about the release on this page.

For more information, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu

The eDelivery Building Block | Domibus

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

Domibus is the sample software provided by the European Commission to implement an eDelivery AS4 Access Point for the interoperable, secure and reliable exchange of data. It is based on the eDelivery AS4 profile, an open technical specification for the secure, web-based, payload-agnostic exchange of data or documents.

The image used in this article is © Adobe Stock

Domibus 5.0 released

We are happy to announce that Domibus 5.0 was released. Domibus is the sample implementation of an eDelivery Access Point maintained by the European Commission.

In addition to new features, Domibus 5.0 also comes with a new database schema design that supports unprecedented performance improvements. This new version can reliably handle a throughput of more than 1,000 messages/s^* and, with added support for table partitioning, ensures this high level of performance even as the size of the database increases. The introduction of an API for archiving messages facilitates moving data from the database to an external long-term archival system.

Domibus 5.0 contains several changes that will impact the compatibility of the plugins developed for earlier versions of Domibus. Such plugins will have to be adapted to be compatible with version 5.0 and onwards. This will affect projects relying on custom plugins and/or the standard Domibus Web Service (WS) plugin. Please click here for further details concerning the backwards compatibility of plugins in Domibus 5.0.

Domibus 5.0 includes a number of new features, improvements, and bug fixes, among which:

• Possibility to visualize the non-repudiation receipts in the Admin console
• Improved overall performance including refactoring of the database to allow partitioning
• Optimized pull locking for Oracle 
• Possibility to use an external agent to archive Domibus messages
• Default WS Plugin: Possibility to operate the plugin in PUSH mode
• Possibility to filter messages retrieved by the listPendingMessages method of the WS Plugin
• Possibility to offload the TLS traffic to an external component
• Improve the decoupling of the Domibus core from the plugin implementations 
• Possibility to validate incoming UserMessages using a Validation Extension
• Possibility to reference JMS Plugin payloads via HTTP endpoints
• New client authentication trust store admin console page
• New WS Plugin which uses the edelivery namespace
• UI Replication has been removed

Domibus 5.0 is backward compatible with 4.2.x. The upgrade is not mandatory, but it is highly recommended.

You can find more information about the release on this page.

For more information, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu

^*Results measured during a 2-hour period with Domibus working in single-tenancy mode, deployed in a 4-node cluster, using Oracle WebLogic Server and Oracle Database, with a message size of 5 kB, configured to receive 500 messages/s and send 1,000 messages/s.

The eDelivery Building Block | Domibus

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

Domibus is the sample software provided by the European Commission to implement an eDelivery AS4 Access Point for the interoperable, secure and reliable exchange of data. It is based on the eDelivery AS4 profile, an open technical specification for the secure, web-based, payload-agnostic exchange of data or documents.

The image used in this article is © Adobe Stock

SMP 4.2 RC1 released

We are happy to announce that the first release candidate of SMP 4.2 is available. SMP is the sample implementation of an eDelivery Service Metadata Publisher maintained by the European Commission.

We invite all users to install SMP 4.2 RC1 in their test environments as early as possible and report any issues they encounter during the upgrade process or during operations to EC-EDELIVERY-SUPPORT@ec.europa.eu. As the final release of SMP 4.2 is scheduled for 30/06/2022, any major issues to be addressed should be reported by 16/06/2022 at the latest.

SMP 4.2 RC1 includes a number of new features, improvements, and bug fixes, among which:

• UI user authentication using an external CAS authentication server
• Separate UI login credentials and Rest Service (API) credentials (access tokens)
• Extension framework: support for custom extensions for payload security verification (e.g., malware scanning)
• Alert features: ability to send email notifications for alerts (e.g., when credentials are about to expire, failed logins, etc.)
• Configuration properties can be now edited in the UI
• Admin UI now accessible using a separate URL, avoiding the need to have it exposed to the Internet (e.g., it can be secured via a firewall)
• Support for multivalued RDN certificates for authentication to SMP
• Support for SSLClientCert header authentication (base64-encoded X.509 certificate) when authenticating the client for the Rest Service (API) via reverse proxy
• X.509 certificate policy extension validation
• Support for participant identifiers without the scheme
• Logging framework: Log4J replaced by SLF4J
• Various security enhancements

SMP 4.2 RC1 is backward compatible with 4.1.x.

You can find more information about the release on this page.

For more information, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu

The eDelivery Building Block | SMP

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

SMP is the sample software provided by the European Commission to implement an eDelivery Service Metadata Publisher (SMP) for publishing and retrieving data necessary for an eDelivery party to dynamically configure its system for message exchange with counterparties using eDelivery. It is based on the eDelivery SMP profile, an open technical specification for publishing service metadata within a 4-corner network.

The image used in this article is © Adobe Stock