Digital

Blog

  • 2024
  • 2023
  • 2022
  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016

European Commission Digital

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 45 Next »

Updates to eDelivery AS4 2.0 and SMP 2.0 profiles & new eDelivery BDXL 2.0 profile

The eDelivery AS4 2.0 and SMP 2.0 draft specifications have been updated to reflect comments received during the 2023 public consultations on these specifications. In addition, the eDelivery team decided to offer a draft for the eDelivery BDXL profile 2.0. Look out for the upcoming consultation on all three eDelivery 2.0 profiles and find out about activities and support towards their adoption!

Response to the 2023 consultation

In June 2023, the eDelivery team called for a consultation on the AS4 and SMP 2.0 specifications. The initial draft specifications presented several key updates, including enhancements in security measures and support for newer technologies. Notably, the first draft of the AS4 profile 2.0 proposed the introduction of two profile enhancements, while the first draft of the SMP profile 2.0 included support for the latest OASIS SMP version 2.0, among other features. These updates signaled a backwards-incompatible evolution, where older versions of the profiles would not be interoperable with the newer ones.

The consultation aimed to gather feedback from stakeholders and experts to refine the specifications and ensure they meet the evolving needs of the digital ecosystems. Acknowledging the invaluable input received during the consultation process, the eDelivery team meticulously reviewed and addressed each comment and suggestion provided in response to the consultation. The disposition for public review comments is available online, showcasing the team's commitment to transparency and collaboration. The documents include the feedback from the eDelivery team on each comment individually:

We would like to thank all participants for their input towards the consultations on the initial AS4 and SMP 2.0 draft specifications.

What changed?

In response to the public review comments on the AS4 2.0 2023 draft profile, several changes were incorporated:

  • Notably, the eDelivery team decided to remove the optional SBDH profile enhancement and the availability of alternative standards. Users are free to choose either SBDH or XHE as a regular payload without any further specifications and the removal of the SBDH profile enhancement will provide clarity on this.
  • Additionally, recommendations from cryptography and XML security experts, as well as internal evolution influenced the evolution of the profile enhancement section towards more support for elliptic curve cryptography. Additional curves, as well as a recommendation to use the type attribute when using the ebCoreParty identifiers were introduced.
  • Further changes in the message encryption section of the common profile concern the use of key transport algorithms, including the adoption of key derivation function HKDF over ConcatKDF.

Similarly, the SMP 2.0 profile underwent significant revisions based on feedback received during the consultation. Apart from adjustments to improve clarity and structure, the new draft has been adapted to allow for both the “::” and “:” separators when dealing with OASIS ebCore PartyId Type, but recommend the use of second usage in line with OASIS 2.0 standard.

In direct response to feedback received during the consultation process, the eDelivery team introduced significant updates to the eDelivery BDXL profile, now designated as BDXL 2.0 draft. These enhancements directly address stakeholder concerns and suggestions to use different service field values for the U-NAPTR records, now proposing the use of the value “Meta:SMP2” for publishing links to OASIS SMP 2.0 documents. 

Considering that multiple DNS records may need to be published during the network transition from SMP 1.0 to SMP 2.0, the network can decide to refrain from adding the duplicate “Meta:SMP2” records and use the “Meta:SMP” record for both SMP 1.0 and SMP 2.0. This approach provides for a more canonical profiling of the standards without preventing practical operational alternatives where needed. 

By incorporating these suggestions received via the public consultation as well as the internal evolution, the eDelivery team aims to ensure that the eDelivery suite of profiles meets the evolving needs of stakeholders and facilitates seamless data exchange in the digital landscape.

Updated profiles available

Now, that the eDelivery team has meticulously addressed the feedback received during the public consultation, we are excited to present the updated eDelivery AS4 2.0 and SMP 2.0 specifications as well as the BDXL 2.0 profile. Click on the links to view the draft specifications on the eDelivery website, and expand the textbox to read what has changed since the 2023 working drafts for the AS4 2.0 and SMP 2.0 versions and view changes compared to BDXL 1.7 (the current version).
Updated eDelivery AS4 2.0 draft specification

In the common profile, in the message encryption section:

  • HKDF is used as key derivation function instead of ConcatKDF. It is preferred from a cryptographic point of view. The specification for using HKDF in XML Security is part of the draft update RFC 9231bis. The output of HKDF is used to wrap a symmetric encryption key.  
  • In section 3.4.1,  the use of the type attribute on PartyId is recommended

In the profile enhancements section:

  • Removal of the optional SBDH profile enhancement. It has seen limited adoption by eDelivery users, the common profile already supports multiple payloads and the SBDH specification has been superseded by other standards. Users can still use SBDH or similar schemas in their payloads.  
  • Listed mandatory curves to support in the ECC Option Curve conformance clause.
  • In 4.1.2, the four corner topology profile, recommend the use of the type attribute for originalSender and finalRecipeint

Updated eDelivery SMP 2.0 draft specification

  • Clarified the mapping table in section 3.2.
  • Updated the section on eDelivery ebCore Party Identifiers to recommend the use of the schemeID attribute of the ParticipantID element in SMP 2.0 documents.
  • Editorial.
eDelivery BDXL 2.0 draft specification 
  • The service field is set to either meta:smp or meta:smp2 depending on the version of the OASIS SMP 2.0 standard.
  • Updated section 4.1 to mention separate ebCore Party Id Type and identifier value must be concatenated into an ebCore Party Identifier for use with BDXL.

Adoption in 2024

To foster inclusivity and address any potential concerns on the draft of the latest profiles, we will invite you to participate in a public consultation on these updates soon - look out for the newsThe final publication of the version 2.0 of the eDelivery profiles will conclude the Specification Change Process and is expected soon after the second consultation. 

We recommend that EC colleagues operating or preparing eDelivery-based ecosystems as well as eDelivery solution providers plan their adoption of the new specifications starting from now. Read about how eDelivery will support the adoption of these updated profiles. Exciting events, inclusive meetings and an interoperability event are on the horizon as we take a step into the future with eDelivery in 2024.

Stay tuned for the latest updates on eDelivery services by checking the Building Block's X and web page. For more information, do not hesitate to register for personalised news or contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu.


The eDelivery Building Block  

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.