Digital

Blog

  • 2024
  • 2023
  • 2022
  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016

European Commission Digital

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 28 Next »

Updates to eDelivery AS4 2.0 and SMP 2.0 profiles & new eDelivery BDXL 2.0 profile

The eDelivery AS4 2.0 and SMP 2.0 draft specifications have been updated to reflect comments received during the 2023 public consultations on the first draft of the eDelivery AS4 and SMP 2.0 specifications. In addition, the eDelivery team decided to offer a draft for the eDelivery BDXL profile version 2.0. Look out for the upcoming consultation on all three eDelivery 2.0 profiles and find out about activities and support towards their adoption!

Response to the previous consultation

In June 2023, the eDelivery team called for a consultation on the AS4 and SMP 2.0 specifications. The initial draft specifications presented several key updates, including enhancements in security measures and support for newer technologies. Notably, the first draft of the AS4 profile 2.0 proposed the introduction of two new Profile Enhancements, while the first draft of the SMP profile 2.0 included support for the latest OASIS SMP version 2.0, among other features. These updates signaled a backwards-incompatible evolution, where older versions of the profiles would not be interoperable with the newer ones.

The consultation aimed to gather feedback from stakeholders and experts to refine the specifications and ensure they meet the evolving needs of the digital ecosystems. Acknowledging the invaluable input received during the consultation process, the eDelivery team meticulously reviewed and addressed each comment and suggestion provided in response to the consultation. The disposition for public review comments is available online, showcasing the team's commitment to transparency and collaboration. The documents include the feedback from the eDelivery team on each comment individually:

We would like to thank all participants for their input towards the consultations on the initial AS4 and SMP 2.0 draft specifications.

What changed?

In response to the public review comments on the initial AS4 2.0 profile, several changes were incorporated:

  • Notably, the team decided to remove the optional SBDH profile enhancement and the availability of alternative standards. Users are free to choose either SBDH or XHE as a regular payload without any further specifications and the removal of the SBDH profile enhancement will provide clarity on this.
  • Additionally, recommendations from cryptography and XML security experts, as well as internal evolution influenced the evolution of the profile enhancement section towards more support for elliptic curve cryptography. Additional curves, as well as a recommendation to use the type attribute for originalSender and finalRecipeint were introduced.
  • Further changes in the message encryption section of the common profile concern the use of key transport algorithms, including the adoption of key derivation function HKDF over ConcatKDF, as well as the recommendation of the use of the type attribute on PartyId. 

Similarly, the SMP 2.0 profile underwent significant revisions based on feedback received during the consultation. Adjustments were made to improve clarity and structure, such as rephrasing sentences, adjusting tables and adding semantics for empty process collections. Apart from editorial corrections, the new draft has been adapted to allow for both the “::” and “:” separators when dealing with OASIS ebCore PartyId Type, but recommend the use of second usage in line with OASIS 2.0 standard.

In direct response to feedback received during the consultation process, the eDelivery team introduced significant updates to the eDelivery BDXL profile, now designated as BDXL 2.0 draft. These enhancements directly address stakeholder concerns and suggestions to use different service field values for the U-NAPTR records, now proposing the use of the value “Meta:SMP2” for publishing links to OASIS SMP 2.0 documents. 

Considering that multiple DNS records may need to be published during the network transition from SMP 1.0 to SMP 2.0, the network can decide to refrain from adding the duplicate “Meta:SMP2” records and use the “Meta:SMP” record for both SMP 1.0 and SMP 2.0. This approach provides for a more canonical profiling of the standards without preventing practical operational alternatives where needed. 

By incorporating these suggestions received via the public consultation as well as the internal evolution, the eDelivery team aims to ensure that the eDelivery suite of profiles meets the evolving needs of stakeholders and facilitates seamless data exchange in the digital landscape.

Updated profiles available

Now, that the team has meticulously addressed the feedback received during the public consultation, we are excited to present the updated eDelivery AS4 2.0 and SMP 2.0 specifications. Click on the links to view the draft specifications on the eDelivery website, and expand the textbox to read what has changed since the 2023 working drafts for the AS4 2.0 and SMP 2.0 versions.

In the common profile, in the message encryption section:

  • HKDF is used as key derivation function instead of ConcatKDF. It is preferred from a cryptographic point of view. The specification for using HKDF in XML Security is part of the draft update RFC 9231bis. The output of HKDF is used to wrap a symmetric encryption key.  
  • In section 3.4.1,  the use of the type attribute on PartyId is recommended

In the profile enhancements section:

  • Removal of the optional SBDH profile enhancement. It has seen limited adoption by eDelivery users, the common profile already supports multiple payloads and the SBDH specification has been superseded by other standards. Users can still use SBDH or similar schemas in their payloads.  
  • Listed mandatory curves to support in the ECC Option Curve conformance clause.
  • In 4.1.2, the four corner topology profile, recommend the use of the type attribute for originalSender and finalRecipeint
  • Clarified the mapping table in section 3.2.
  • Updated the section on eDelivery ebCore Party Identifiers to recommend the use of the schemeID attribute of the ParticipantID element in SMP 2.0 documents.
  • Editorial.

Similarly the team is excited to share the eDelivery BDXL 2.0 profile. Click on the link to view the draft specification and expand the textbox to view our changes since BDXL 1.7 (the current version).

  • The service field is set to either meta:smp or meta:smp2 depending on the version of the OASIS SMP 2.0 standard.
  • Updated section 4.1 to mention separate ebCore Party Id Type and identifier value must be concatenated into an ebCore Party Identifier for use with BDXL.

Adoption in 2024

To foster inclusivity and address any potential concerns on the draft of the latest profiles, we will invite you to participate in a public consultation on these updates soon - look out for the newsThe final publication of the change will conclude the Specification Change Process and is expected soon after the second consultation. 

We recommend that EC colleagues operating or preparing eDelivery-based ecosystems as well as eDelivery solution providers plan their adoption of the new specifications starting from now. Read about how eDelivery will support the adoption of these updated profiles. Exciting events, inclusive meetings and an interoperability event are on the horizon as we take a step into the future with eDelivery in 2024.

Stay tuned for the latest updates on eDelivery services by checking the Building Block's X and web page. For more information, do not hesitate to register for personalised news or contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu.


The eDelivery Building Block  

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.