Digital

Blog

European Commission Digital

Versions Compared

Old Version 12

changes.mady.by.user Virginie MANGELINCK

Saved on

compared with

New Version Current

changes.mady.by.user Olha KOSHCHIYENKO

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The eDelivery Building Block | PKI service | SML service 

eDelivery is eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange. 

The eDelivery PKI service enables issuance and management of the digital certificates used on the deployed eDelivery components, e.g., between eDelivery Access Points (AP) and Service Metadata Publishers (SMP), to ensure confidentiality, integrity and non-repudiation of the data moving across systems. 

In its capacity of Solution Provider of the eDelivery Building Block, the European Commission makes available a PKI service to organisations participating in eDelivery-based projects operated by the EU and EEA public administrations. Such public administrations first have to establish themselves as PKI domain owners in relationship to the service. The organisations who are authorised by the PKI domain owner to be part of their domain can then use the eDelivery PKI service to obtain digital certificates. The use of the eDelivery PKI is optional, policy domains may choose to use any other PKI service or mutual trust mechanism. 

The eDelivery SML service uses DNS (Domain Name System) lookups to find information concerning a given participant in a message exchange network. This approach does not need a single, central server to run the discovery interface (with its associated single point of failure). Instead, the use of the DNS makes it highly resilient. At runtime, the SML uses decentralised DNS for load balancing of requests, thus supporting a full European-wide upscaling of performance. Since eDelivery interfaces with the global DNS system, the SML can virtually operate 24/7/365. In case of failure, participants would still be able to discover each other based on the information stored on the DNS. 

The current eDelivery SML Service is based on the sample implementation of the SML software maintained by the European Commission. 

  

Photo by Markus Spiske on Unsplash  

Excerpt
hiddentrue

Migration of the eDelivery Public Key Infrastructure (PKI) from its incumbent certification authority to CommisSign-2, the certification authority of the European Commission, is ongoing.