Digital

Blog

  • 2024
  • 2023
  • 2022
  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016

European Commission Digital

Versions Compared

Old Version 15

changes.mady.by.user Verena SCZECH

Saved on

compared with

New Version Current

changes.mady.by.user Monika KOKSTAITE

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Updates

Post 2023 consultation updates to eDelivery

AS4

2.0

and SMP

profiles 

Image Added

Update March 2023: added BDXL and ebCore Pary Id 2.0

profiles & new eDelivery BDXL 2.0 profile

Image Removedspecifications.

The eDelivery AS4 2.0 and SMP 2.0 profiles draft specifications have been updated to reflect comments received during the 2023 public consultations on the eDelivery AS4 and SMP 2.0 these specifications. In addition, the eDelivery team decided to offer a draft for the eDelivery BDXL profile version 2.0 and ebCore Party Id 2.0 specifications. Look  Look out for the upcoming consultation on eDelivery AS4 2.0 and SMP all three eDelivery 2.0 profiles and find out about activities and support towards their adoption!

Response to the

previous consultation

2023 consultation

In June 2023, the eDelivery team called for a consultation on the AS4 and SMP 2.0 specifications. The initial draft specifications presented several key updates, including enhancements in security measures and support for newer technologies. Notably, the initial first draft of the AS4 profile 2.0 proposed the introduction of two new Profile Enhancementsprofile enhancements, while the first draft of the initial SMP profile 2.0 included support for the latest OASIS SMP version 2.0, among other features. These updates signaled a backwards-incompatible evolution, where older versions of the profiles would not be interoperable with the newer ones.

The consultation aimed to gather feedback from stakeholders and experts to refine the specifications and ensure they meet the evolving needs of the digital ecosystems. Acknowledging the invaluable input received during the consultation process, the eDelivery team meticulously reviewed and addressed each comment and suggestion provided in response to the consultation. The disposition for public review comments is available online, showcasing the team's commitment to transparency and collaboration. The documents include the feedback from the eDelivery team on each comment individually:

We would like to thank our stakeholders again all participants for their input towards the consultations on the initial AS4 and SMP 2.0 draft specifications.

What changed?

In response to the public review comments on the initial AS4 2.0 profile, several changes were incorporated. Notably, the team decided to remove the optional SBDH profile enhancement and the availability of alternative standards. Additionally, recommendations from cryptography and XML security experts influenced modifications in key transport algorithms, including the adoption of HKDF over ConcatKDF and the support for elliptic curve cryptography with the introduction of additional curves.

The second draft version of the eDelivery AS4 2.0 profile encapsulates these changes, emphasizing the adoption of HKDF for key derivation and recommending the use of the type attribute for PartyId. Furthermore, it clarifies the removal of the SBDH profile enhancement and lists mandatory curves for elliptic curve cryptography.

Proposed changes in the second draft of the new eDelivery profiles

The eDelivery AS4 2.0 second draft received several enhancements. First, it further modernised encryption by adopting a newer key derivation function for the key agreement algorithm, ensuring robust data protection during transmission. The profile also integrated additional curves for ECDSA cryptography. Lastly, the update streamlined the profile by removing the SBDH enhancement, resulting in better clarity.

The SMP 2.0 second draft also underwent updates. In line Similarly, the SMP 2.0 profile underwent significant revisions based on feedback received during the consultation. Adjustments were made to improve clarity and structure, such as rephrasing sentences and adding semantics for empty process collections. Additionally, the service field value for U-NAPTR records was updated to align with the OASIS SMP 2.0 standard, ensuring canonical profiling while allowing operational flexibility during network transitions.

Noteworthy changes in the SMP profile include clarifications in mapping tables, recommendations for using the schemeID attribute in SMP 2.0 documents, and editorial corrections to enhance readability.

In direct response to feedback received during the consultation process, the eDelivery initiative has introduced significant updates to the eDelivery BDXL profile, now designated as BDXL 2.0 draft. These enhancements directly address stakeholder concerns and suggestions, particularly regarding the need for improved standardization and interoperability in data exchange protocols.

it now recommends the use of a schemeID also when working with ebCore Party Identifiers and accommodates both the “::” and “:” separators when querying for SMP documents that follow this recommendation, providing more flexibility.

Importantly, a new eDelivery BDXL 2.0 draft was introduced to propose using the value “Meta:SMP2” for publishing links Notably, the dynamic service field settings, adapting to OASIS SMP 2.0 documents. In addition, a new ebCore Party Id 2.0 draft was introduced to add a reference to SMP 2.0.

By incorporating these suggestions received via the public consultation as well as the internal evolution standards, and the clear guidelines provided for handling ebCore Party Id Type identifiers in section 4.1 directly stem from comments and recommendations gathered during the consultation period. By incorporating these suggestions, the eDelivery team aims to ensure that the BDXL profile eDelivery suite of profiles meets the evolving needs of stakeholders and facilitates seamless data exchange in the digital landscape.

Updated

profiles available

draft specifications

Now, that the eDelivery teamIn our continuous commitment to develop state-of-the-art data exchange in the EU, the eDelivery team is delighted to share significant developments regarding the eDelivery AS4 2.0 and SMP 2.0 profiles. Following the 2023 public consultation, the team has meticulously addressed the feedback received and during the public consultation, we are excited to present the updated eDelivery AS4 2.0 and SMP 2.0 specifications :

Updated eDelivery AS4

as well as the BDXL 2.0

draft specificationUpdated eDelivery SMP

and ebCore Party Id 2.0

draft specification

The profiles have not only been updated based on public feedback, but also based on internal progress. During the process it was necessary to update the BDXL profile too, a draft is available here:

Cloak

Changes to AS4 2.0 profile

The second draft version of a major update of the eDelivery AS4 profile, building on the 2023 working draft and adding further changes to the AS4 profile:

Message Encryption: HKDF Replaces ConcatKDF
In the common profile, there is a shift in the message encryption section. Instead of ConcatKDF, we now use HKDF (HMAC-based Key Derivation Function). From a cryptographic standpoint, HKDF offers superior security. The specification for HKDF usage in XML Security is detailed in the draft update RFC 9231bis. The output of HKDF is employed to wrap a symmetric encryption key, ensuring robust protection for your data.

PartyId Type Attribute Recommendation
Section 3.4.1 introduces a recommendation to use the type attribute on PartyId. This enhancement streamlines identification and improves interoperability across systems. By adopting this practice, the profile will enhance the clarity and consistency of PartyId usage.

Streamlining SBDH and ECC Curves
There are two changes to the profile enhancements section, :

  • SBDH Profile Removal: The optional SBDH (Standard Business Document Header) profile enhancement has been removed. While it served a purpose, limited adoption by eDelivery users led us to streamline the common profile. Users are free to incorporate SBDH or similar schemas in their payloads.

  • Mandatory ECC Curves: We’ve listed specific elliptic curve cryptography (ECC) curves that are now mandatory for compliance. These curves ensure robust security and efficient key exchange. 

Four Corner Topology: Type Attribute for OriginalSender and FinalRecipient

In section 4.1.2, which covers the four corner topology profile, there is a new recommendation for using the type attribute for both originalSender and finalRecipient. This small adjustment enhances clarity and consistency in topology descriptions, making eDelivery implementations more robust.

Changes to AS4 2.0 profile

The second draft version of a major update of the eDelivery AS4 profile, building on the 2023 working draft and adding further changes to the AS4 profile:Message Encryption: HKDF Replaces ConcatKDF
In the common profile, there is a shift in the message encryption section. Instead of ConcatKDF, we now use HKDF (HMAC-based Key Derivation Function). From a cryptographic standpoint, HKDF offers superior security. The specification for HKDF usage in XML Security is detailed in

specifications. Click on the links to view the draft specifications on the eDelivery website, and expand the textbox to read what has changed since the 2023 working drafts for the AS4 2.0 and SMP 2.0versions and view changes compared to BDXL 1.7 and ebCore Pary Id 1.4 (the current version).

Updated eDelivery AS4 2.0 draft specification
Expand
titleExpand for more detail

In the Common Profile, in the message encryption section:

  • HKDF is used as key derivation function instead of ConcatKDF. It is preferred from a cryptographic point of view. The specification for using HKDF in XML Security is part of the draft update RFC 9231bis. The output of HKDF is
employed
  • used to wrap a symmetric encryption key
, ensuring robust protection for your data
  • .
PartyId Type Attribute Recommendation
Section
  •  
  • In section 3.4.1
introduces a recommendation to use
  • ,  the use of the type attribute on PartyId
. This enhancement streamlines identification and improves interoperability across systems. By adopting this practice, the profile will enhance the clarity and consistency of PartyId usage.
  • is recommended

In

Streamlining SBDH and ECC Curves
There are two changes to

the profile enhancements section

,

:

SBDH Profile
  • Removal
: The
  • of the optional SBDH
(Standard Business Document Header)
  • profile enhancement
has been removed. While it served a purpose,
  • . It has seen limited adoption by eDelivery users
led us to streamline
  • , the common profile
. Users are free to incorporate
  • already supports multiple payloads and the SBDH specification has been superseded by other standards. Users can still use SBDH or similar schemas in their payloads.

  • Mandatory ECC Curves: We’ve listed specific elliptic curve cryptography (ECC) curves that are now mandatory for compliance. These curves ensure robust security and efficient key exchange. 

    •  
    • Listed additional mandatory curves to support in the Alternative ECC Option section
    • In

    Four Corner Topology: Type Attribute for OriginalSender and FinalRecipient

    In section
    • 4.1.2,
    which covers
    • the four corner topology profile,
    there is a new recommendation for using
    • recommend the use of the type attribute for
    both
    • originalSender and
    finalRecipient. This small adjustment enhances clarity and consistency in topology descriptions, making eDelivery implementations more robust.
    • finalRecipeint

    Updated eDelivery

    Changes to

    SMP 2.0

    profile

    This is the second draft version of a major update of the eDelivery SMP profile, building on the 2023 working draft and adding further changes to the SMP profile:

    Clarified Mapping Table 
    The Mapping table in Section 3.2 serves as a crucial reference point for understanding the relationships between various elements. With improved clarity, it will be easier to navigate and interpret the metadata mappings.

    eDelivery ebCore Party Identifiers: SchemeID Recommendation
    The section dedicated to eDelivery ebCore Party Identifiers now includes a recommendation to use

    draft specification

    Expand
    titleExpand for more detail
    • Clarified the mapping table in section 3.2.
    • Updated the section on eDelivery ebCore Party Identifiers to recommend the use of the schemeID attribute of the ParticipantID element in
    eDelivery
    • SMP 2.0 documents
    . This practice enhances consistency and ensures seamless interoperability across systems. By adopting this approach, you’ll streamline the identification process and facilitate smoother data exchange
    • .
    • Editorial
    Enhancements
    • .
    The eDelivery team has invested effort in editorial improvements. These subtle tweaks enhance readability, eliminate ambiguities, and make the SMP
    eDelivery BDXL 2.0 draft specification
    more user-friendly. 

    New BDXL 2.0 profile

    Enhanced ebCore Party Identifiers
    As now outlined in section 4.1, when dealing with BDXL, ebCore Party Identifiers now follow a specific format. The
     
    Expand
    titleExpand for more detail
    • The service field is set to either Meta:SMP or Meta:SMP2 depending on the version of the OASIS SMP standard.
    • Updated section 4.1 to mention separate ebCore Party Id Type and identifier value must be concatenated
    with the
    • into an ebCore Party
    Id Type, ensuring seamless integration with BDXL. This streamlined approach simplifies identification and enhances interoperability across systems.
    • Identifier for use with BDXL.
    eDelivery ebCore Party Id 2.0 draft specification
    Expand
    titleExpand for more detail

    • Added a reference to SMP 2.0.

    • Removed support for the party identifier notation defined in section 2.7 of [EBCOREP].

    Streamlined Metadata Handling
    We recognize the importance of efficient metadata management. By aligning ebCore Party Identifiers with BDXL requirements, we’ve paved the way for smoother data exchange.

    •  

    Adoption in 2024

    Image Modified

    To foster inclusivity and address any potential concerns on the draft of the latest profiles, we will invite you to participate in a public consultation on these updates soon - look out for the newsThe final publication of the

    change

    version 2.0 of the eDelivery profiles will conclude the Specification Change Process and is expected soon after the second consultation. 

    We recommend that EC colleagues operating or preparing eDelivery-based ecosystems as well as eDelivery solution providers plan their adoption of the new specifications starting from now. Read about how eDelivery will support the adoption of these updated profiles. Exciting events,

    including

    inclusive meetings and an interoperability event

    ,

    are on the horizon as we take a step into the future with eDelivery in 2024.

    Stay tuned for the latest updates on eDelivery services by checking the Building Block's X and web page. For more information, do not hesitate to register for personalised news or contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu.


    The eDelivery Building Block  

    eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.  

    Excerpt
    hiddentrue

    Read about the updates to the eDelivery AS4 2.0 and SMP 2.0 profiles and why we are updating the eDelivery BDXL profileand ebCore Party Id profiles.