350 likes | 487 Views
DEDICA Project : Project TE 2005 (TE). Directory Based EDI Certificate Access and Management Manuel Medina, Juan Carlos Cruellas, Montse Rubia (DAC/UPC) URL: http://.www.ac.upc.es/recerca/DISTR/DEDICA/default.htm. AIM OF DEDICA.
E N D
DEDICA Project : Project TE 2005 (TE) Directory Based EDI Certificate Access and Management Manuel Medina, Juan Carlos Cruellas, Montse Rubia (DAC/UPC) URL: http://.www.ac.upc.es/recerca/DISTR/DEDICA/default.htm
AIM OF DEDICA The aim of the project is the rapid and cost effective provision of EDI Certificate management infra-structure to EDI users. Addressed to those interested in the use of open standard UN/EDIFACT security services and interworking with electronic mail and other standard services.
OVERVIEW OF DEDICA PROJECT OBJECTIVES • To supply a gateway tool between the X.509 certification infrastructure, and the existing EDI applications that are following the UN/EDIFACT standards for certification and electronic signature mechanisms. • To specify translation rules to convert X.509 certificates into EDIFACT certificates and viceversa. • To set up demonstrators of its applications in four experimental sites • Disseminate and exploit the results in an operational and industrial way
X.500 DIRECTORY DUA DUA X.500 X.500 Access Access DEDICA X.509 EDIFACT messages and certificates users Certificates EDIFACT CertMap Certificates e-mail and X.509 certificates users KEYMAN MangMap DEDICA SCENARIO (I)
X.509 PKI EDIFACT PKI Gateway certified by X.509 and EDIFACT CAs. EDIFACT CA X.509 CA DEDICA CertMap MangMap X.500 Directory User X User E DEDICA SCENARIO (II):
DEDICA SCENARIO (II) • User A in an infrastructure IA gives his certificate (generated by a CA of IA -initial certificate-) and requests to DEDICA a certificate in the other infrastructure IB (derived certificate). • User A sends a message to user B in infrastructure IB (with the certificate generated by DEDICA) • User B requests DEDICA to validate the derived certificate of A. • DEDICA verifies if the initial certificate of A is still valid. He sends to B the answer to his request.
Given a valid certificate generated by a CA (initial certificate) in one format, to generate a certificate in the other format (derived certificate) Mapping information from the initial to the derived in the new format. Usage of external tools: ASN.1 and crypto tools. Manage connections with users. Collect requests for generating derived certificates. Verify the initial certificates arrived (access to X.500) Collect requests of validation of derived certificates. Build response messages BLOCK DIAGRAM OF THE DEDICA GATEWAY (II) CERTMAP MANGMAP
DEVELOPMENT OF CERTMAP • 1: Technical analysis of X.509 and UN/EDIFACT certificates • 2: Definition and specification of the strategy for the mapping of the names • 3: Formal specification of the mapping of the certificates.
MAPPING FROM X.509 TO UN/EDIFACT 0. X.509 certificate arrives. 1. CM_KE passes DER to ASN.1 tool. 2. ASN.1 tool returns X.509 certificate information in an intern format. 3 to 6 Modules map data elements. 7. CM_CE returns ToBeSigned part of EDIFACT certificate. 8. CM_KE passes it to Cryptographic module. 9. Cryptographic module returns signature. 10. CM_FF filters signature. 11. CM_CE generates EDIFACT derived certificate.
MAPPING FROM EDIFACT TO X.509 0. EDIFACT certificate arrives. 1. CM_CE returns certificate information in an intern format. 2 to 5 Modules perform mapping tasks of X.509 derived certificate. 6. CM_KE passes info to ASN.1 tool 7. ASN.1 tool returns ToBeSigned. 8. CM_KE passes ToBeSigned to Cryptographic tool. 9. Crypto tool returns signature. 10. CM_KE passes signature to ASN.1 tool. 11. ASN.1 tool returns X.509 certificate.
MANG-MAP STRUCTURE (II) • MK: MangMap Kernel. Handles the requests arrived to the gateway, passes them to the corresponding module, requests the mapping of a given certificate and coordinates the processing inside the gateway • KH: KEYMAN and EDIFACT Interchange Handling. Handles the requesting interchanges and builds the answer interchanges. • XH: X.509 PKI messages Handling. Handles the incoming messages from X.509 PKI and builds the corresponding answer messages..
DEDICA KEYMAN UNO X.509 UNP CertMap MangMap KEYMAN (EDIFACT Cert). SEQUENCE OF OPERATIONS UN/EDIFACT derived certificate request (I) • User X, with X.509 certificate requests to the gateway the production of a derived EDIFACT certificate. • User X sends KEYMAN + X.509 DER encoded within an EDIFACT package (UNO-UNP segments). • DEDICA gateway answers with an EDIFACT certificate within a KEYMAN message User E User X
SEQUENCE OF OPERATIONS UN/EDIFACT derived certificate request (II)
DEDICA CertMap MangMap Secured Interchange & EDIFACT Cert SEQUENCE OF OPERATIONS • User X sends to user E a secured EDIFACT interchange including the derived EDIFACT certificate. User E User X
DEDICA CertMap MangMap SEQUENCE OF OPERATIONS UN/EDIFACT derived certificate validation request (I) • User E receives secured interchange with the derived EDIFACT certificate. • User E requests validation of the certificate to the gateway. • The gateway answers the request. • User E proceeds with the interchange. KEYMAN(& EDIFACT Cert ) KEYMAN (Valid. result) User E User X
SEQUENCE OF OPERATIONS UN/EDIFACT derived certificate validation request (II)
SEQUENCE OF OPERATIONS • MangMap access to X.500 Directory by using LDAP in order to validate the X.509 initial certificate. • MangMap validates: • Signature in X.509 certificate. • Revocation List in X.509 initial certificate issuer’s site. • Certification Path for the X.509 initial certificate.
DEDICA CertMap MangMap DEDICA AND X.500 ACCESS X.500 DIRECTORY KH XH MK DUA LDAP SERVER
OTHER POSSIBLE USAGES DEDICA TOOLS could also be used in other environments: • CAs with DEDICA modules could issue both kind of certificates without needing to duplicate infrastructure (revocation lists, etc.) • Currently existing X.509 CAs could become an EDIFACT CA by incorporating DEDICA tools.
CURRENT STATUS • Conversion rules for X.509 and EDIFACT certificates specified. • CertMap developed and working in the sense X.509 -> EDIFACT. • MangMap finished. • Pilots starting. Certification services for EDIFACT users.
COOPERATION ACTIVITIES WITH OTHER PROJECTS AND PROGRAM SECTORS • SEMPER Project • ICE-TEL Project • E2S
PLANS FOR DEMONSTRATION, EXPLOITATION, IMPLEMENTATION AND EXPECTED ACHIEVEMENTS • ETS, European Trusted third parties Services • Demonstration phase with the involvement of European wide users’ communities • Development and/or enhancement of services.
COMMITMENT AND ABILITY OF THE PARTICIPANTS TO OPERATE IN THE MARKET AREAS INVOLVED • INTRASOFT/ INTERBANK • HEDIVAN project • FINSIEL • Italian Custom Administration
TRANSITION TO A SUCCESSFUL EXPLOITATION PHASE • A second users’ meeting will be organised to demonstrate the capabilities of the DEDICA gateway to different users’ comunities, and to developers of EDI applications.
SEQUENCE (331) { toBeSigned SEQUENCE (310) { version [0] INTEGER (1) 0x00 (0) DEFAULT serialNumber INTEGER (2) 0x04D2 (1234) signature SEQUENCE (13) { algorithm OBJECT IDENTIFIER (9) pkcs1-md5WithRSAEncryption parameters TYPE (2) with { NULL (0) } } issuer SEQUENCE OF (49) RDN { O=CARoot, O=CASP, O=CA_UPC } validity SEQUENCE (30) { notBefore UTCTime (13) "961218111200Z" notAfter UTCTime (13) "971218111200Z" } subject SEQUENCE OF (44) RDN { C=es, O=upc, CN=medina } subjectPublicKeyInfo SEQUENCE (159) { algorithm SEQUENCE (13) { algorithm OBJECT IDENTIFIER (9) pkcs1-rsaEncryption parameters TYPE (2) with { NULL (0) } } subjectPublicKey BIT STRING (141) Encapsulates { TYPE (140) with { rSAPublicKey SEQUENCE (137) { modulus INTEGER (129) 0x00BF2B9E56769AAEB79564F63D9CE6759FC8CD851761F13CD63EC6DABF08A5FE6C2219E888D48DB753E141BE0169D3F404F993D7F389DAF1D27370F5D6E173A75BFB9D75E13D11DAFDA2D197084355BA0159EE60AE34B1F1C50426D323F1E748CF34C1E0B0FA7EC94CF0FFCD41A3D66C5B6AF7B64008D6CDD14806D43A0D461D6F exponent INTEGER (3) 0x010001 (65537) } } } } issuerUId [1] IMPLICIT BIT STRING OPTIONAL NOT PRESENT subjectUId [2] IMPLICIT BIT STRING OPTIONAL NOT PRESENT extensions [3] SEQUENCE OF OPTIONAL NOT PRESENT } signatureAlgorithm SEQUENCE (13) { algorithm OBJECT IDENTIFIER (9) pkcs1-md5WithRSAEncryption parameters TYPE (2) with { NULL (0) } } signature BIT STRING (0) } X.509 INITIAL CERTIFICATE (I): SHORT DN
USC (v3) : CERTIFICATE SEGMENT 0536....CERTIFICATE REFERENCE 1 S500: SECURITY IDENTIFICATION DETAILS 0577....Security party qualifier 3 0538....Key name Manel Medina Key 1 0586....Security party name EDI Manuel Medina S500: SECURITY IDENTIFICATION DETAILS 0577....Security party qualifier 4 0586....Security party name DEDICAName 0544....FORMAT CERTIFICATE VERSION XXY 0505....FILTER FUNCTION, CODED 5 0507....CHARACTER SET ENCODING, CODED 2 0543....CHARACTER REPERTOIRE, CODED 2 S501_V3: SECURITY DATE AND TIME 0517....Date and time qualifier, coded 3 0502....Date 19961218 0504....Time 111211 S501_V3: SECURITY DATE AND TIME 0517....Date and time qualifier, coded 4 0502....Date 19971218 0504....Time 111211 USA (v3) : SECURITY ALGORITHM S502: SECURITY ALGORITHM 0523....Use of algorithm, coded 3 0527....Algorithm, coded 10 USA (v3) : SECURITY ALGORITHM S502: SECURITY ALGORITHM 0523....Use of algorithm, coded 4 0527....Algorithm, coded 6 USA (v3) : SECURITY ALGORITHM S502: SECURITY ALGORITHM 0523....Use of algorithm, coded 6 0527....Algorithm, coded 10 S503_V3: ALGORITHM PARAMETER 0532....Algorithm parameter value 04J61TB/WLH,PH/D=38MYV-1M5BSJO3A8XH8TSLRM)QJDM=AE/X3 PAI.QJQUBQG94H08HTE)0TQKK7XU,UDKT5-FRLTWCG0NCVQLYIV7 /2KCZ50T0Y168B)G081X07O55ORGRB.5G64/=W0.STPQ(AOLRHNZ AS2ZH-93XTTOCSAYCW8)9TVZS//0.S81Q9UI2P 0531....Algorithm parameter qualifier, coded 12 S503_V3: ALGORITHM PARAMETER 0532....Algorithm parameter value 05/01 0531....Algorithm parameter qualifier, coded 13 S503_V3: ALGORITHM PARAMETER 0532....Algorithm parameter value 1024 0531....Algorithm parameter qualifier, coded 14 USC+1+3:::::1234RegSchemeID560C=es, O=upc, CN=m:edina+4:::::DEDICAName+XXY+5+2+2++++++3:19961218:111200+4:19971218:111200' USA+3:::10+++++'USA+4:::6+++++'USA+7:::10+04J61TB/WLH,PH/D=38MYV-1M5BSJO3A8XH8TSLRM)QJDM=AE/X3PAI.QJQUBQG94H0 8HTE)0TQKK7XU,UDKT5-FRLTWCG0NCVQLYIV7/2KCZ50T0Y168B)G081X07O55ORGRB.5G64/=W0.STPQ(AOLRHNZAS2ZH-93XTTOC SAYCW8)9TVZS//0.S81Q9UI2P:12+05/01:13+1024:14++'USR+P()68CY9D5ZW8EN3ILEOIVE=DYOJHGL2)2.OISSEIOHT32C95BVMMJCNIN, EW6-225K.CE/2Y5(X61WAK5ZC9RAVWM55B1)DHRUGQ/8JBOESQI5UK,NQ2SXW4-C3,=Y.3J2KTASVEE2I84MMKDJUUWOX9UQXD,JY OBFUELHBVE7G95S/7X-IUX6Y/DAK4S25' EDIFACT CERTIFICATE CONTENTS AND CODIFICATION (I)
SEQUENCE (439) { toBeSigned SEQUENCE (418) { version [0] INTEGER (1) 0x00 (0) DEFAULT serialNumber INTEGER (2) 0x04D2 (1234) signature SEQUENCE (13) { algorithm OBJECT IDENTIFIER (9) pkcs1-md5WithRSAEncryption parameters TYPE (2) with { NULL (0) } } issuer SEQUENCE OF (49) RDN { O=CARoot, O=CASP, O=CA_UPC } validity SEQUENCE (30) { notBefore UTCTime (13) "961218111200Z" notAfter UTCTime (13) "971218111200Z" } subject SEQUENCE OF (151) RDN { C=es, O=This is an example of very long organisation name, OU=organisational unit name, CN=long DN for the subject (Part 1) } subjectPublicKeyInfo SEQUENCE (159) { algorithm SEQUENCE (13) { algorithm OBJECT IDENTIFIER (9) pkcs1-rsaEncryption parameters TYPE (2) with { NULL (0) } } subjectPublicKey BIT STRING (141) Encapsulates { TYPE (140) with { rSAPublicKey SEQUENCE (137) { modulus INTEGER (129) 0x00BF2B9E56769AAEB79564F63D9CE6759FC8CD851761F13CD63EC6DABF08A5FE6C2219E888D48DB753E141BE0169D3F404F993D7F389DAF1D27370F5D6E173A75BFB9D75E13D11DAFDA2D197084355BA0159EE60AE34B1F1C50426D323F1E748CF34C1E0B0FA7EC94CF0FFCD41A3D66C5B6AF7B64008D6CDD14806D43A0D461D6F exponent INTEGER (3) 0x010001 (65537) } } } } issuerUId [1] IMPLICIT BIT STRING OPTIONAL NOT PRESENT subjectUId [2] IMPLICIT BIT STRING OPTIONAL NOT PRESENT extensions [3] SEQUENCE OF OPTIONAL NOT PRESENT } signatureAlgorithm SEQUENCE (13) { algorithm OBJECT IDENTIFIER (9) pkcs1-md5WithRSAEncryption parameters TYPE (2) with { NULL (0) } } signature BIT STRING (0) } X.509 INITIAL CERTIFICATE (II):LONG DN
USC (v3) : CERTIFICATE SEGMENT 0536....CERTIFICATE REFERENCE 1 S500: SECURITY IDENTIFICATION DETAILS 0577....Security party qualifier 3 0586....Security party name 1234RegSchemeID561 OU=organisationa 0586....Security party name l unit name, CN=long DN for the sub 0586....Security party name ject (Part 1) 0000000001 S500: SECURITY IDENTIFICATION DETAILS 0577....Security party qualifier 4 0586....Security party name DEDICAName 0544....FORMAT CERTIFICATE VERSION XXY 0505....FILTER FUNCTION, CODED 5 0507....CHARACTER SET ENCODING, CODED 2 0543....CHARACTER REPERTOIRE, CODED 2 S501_V3: SECURITY DATE AND TIME 0517....Date and time qualifier, coded 3 0502....Date 19961218 0504....Time 111200 S501_V3: SECURITY DATE AND TIME 0517....Date and time qualifier, coded 4 0502....Date 19971218 0504. me...Ti 111200 USA (v3) : SECURITY ALGORITHM S502: SECURITY ALGORITHM 0523....Use of algorithm, coded 3 0527....Algorithm, coded 10 USA (v3) : SECURITY ALGORITHM S502: SECURITY ALGORITHM 0523....Use of algorithm, coded 4 0527....Algorithm, coded 6 USA (v3) : SECURITY ALGORITHM S502: SECURITY ALGORITHM 0523....Use of algorithm, coded 7 0527....Algorithm, coded 10 S503_V3: ALGORITHM PARAMETER 0532....Algorithm parameter value 04J61TB/WLH,PH/D=38MYV-1M5BSJO3A8XH8TSLRM)QJDM=AE/X3 PAI.QJQUBQG94H08HTE)0TQKK7XU,UDKT5-FRLTWCG0NCVQLYIV7 /2KCZ50T0Y168B)G081X07O55ORGRB.5G64/=W0.STPQ(AOLRHNZ AS2ZH-93XTTOCSAYCW8)9TVZS//0.S81Q9UI2P 0531....Algorithm parameter qualifier, coded 12 S503_V3: ALGORITHM PARAMETER 0532....Algorithm parameter value 05/01 0531....Algorithm parameter qualifier, coded 13 S503_V3: ALGORITHM PARAMETER 0532....Algorithm parameter value 1024 0531....Algorithm parameter qualifier, coded 14 USC+1+3:::::1234RegSchemeID561 OU=organisationa:l unit name, CN=long DN for the sub:ject (Part 1) 0000000001+4:::::DEDICAName+XXY+5+2+2++++++3:19961218:111200 +4:19971218:111200'USA+3:::10+++++'USA+4:::6+++++'USA+7:::10+04J61TB/WLH,PH/D=38MYV-1M5BSJO3A8XH8TSLRM)QJDM=AE/X3PAI.QJQUBQG94H08HTE)0TQKK7XU ,UDKT5-FRLTWCG0NCVQLYIV7/2KCZ50T0Y168B)G081X07O55ORGRB.5G64/=W0.STPQ(AOLRHNZAS2ZH-93XTTOCSAYCW8)9TVZS//0.S81Q9UI2P:12+05/01:13+1024:14++'U SR+BCHQ8UV)LPE,Y14VJO2D6E)TS,WYU74QZF(WUAUS7JNLN0A8D2FOMCJDNMZIESDNDI2O/4QNB,H61,M3,WO74)SI,CM4QKU.GHUIBU2JIG6LPLOOK3PEUWB H2V6O=27M361QM/9XRIJNP5YSNDIR73UBRQX9QT,N),NUWY8FUA8Q=XXLRFVSBA-G2HHOFVW(' EDIFACT CERTIFICATE CONTENTS AND CODIFICATION (II)
SEQUENCE (424) { toBeSigned SEQUENCE (403) { version [0] INTEGER (1) 0x02 (2) serialNumber INTEGER (2) 0x04D2 (1234) signature SEQUENCE (13) { algorithm OBJECT IDENTIFIER (9) pkcs1-md5WithRSAEncryption parameters TYPE (2) with { NULL (0) } } issuer SEQUENCE OF (49) RDN { O=CARoot, O=CASP, O=CA_UPC } validity SEQUENCE (30) { notBefore UTCTime (13) "961218111200Z" notAfter UTCTime (13) "971218111200Z" } subject SEQUENCE OF (44) RDN { C=es, O=upc, CN=medina } subjectPublicKeyInfo SEQUENCE (159) { algorithm SEQUENCE (13) { algorithm OBJECT IDENTIFIER (9) pkcs1-rsaEncryption parameters TYPE (2) with { NULL (0) } } subjectPublicKey BIT STRING (141) Encapsulates { TYPE (140) with { rSAPublicKey SEQUENCE (137) { modulus INTEGER (129) 0x00BF2B9E56769AAEB79564F63D9CE6759FC8CD851761F13CD63EC6DABF08A5FE6C2219E888D48DB753E141BE0169D3F404F993D7F389DAF1D27370F5D6E173A75BFB9D75E13D11DAFDA2D197084355BA0159EE60AE34B1F1C50426D323F1E748CF34C1E0B0FA7EC94CF0FFCD41A3D66C5B6AF7B64008D6CDD14806D43A0D461D6F exponent INTEGER (3) 0x010001 (65537) } } } } issuerUId [1] IMPLICIT BIT STRING OPTIONAL NOT PRESENT subjectUId [2] IMPLICIT BIT STRING OPTIONAL NOT PRESENT extensions [3] SEQUENCE OF (84) { extension SEQUENCE (14) { extnId OBJECT IDENTIFIER (3) id-ce-keyUsage critical BOOLEAN (1) TRUE extnValue OCTET STRING (4) Encapsulates { TYPE (4) with { BIT STRING (2) 07 80 } } } extension SEQUENCE (30) { extnId OBJECT IDENTIFIER (3) id-ce-subjectKeyIdentifier critical BOOLEAN (1) TRUE extnValue OCTET STRING (20) Encapsulates { TYPE (20) with { OCTET STRING (18) "Manel Medina Key 1" } } } extension SEQUENCE (34) { extnId OBJECT IDENTIFIER (3) id-ce-subjectAltName critical BOOLEAN (1) TRUE extnValue OCTET STRING (24) Encapsulates { TYPE (24) with { SEQUENCE OF (22) { generalName CHOICE (22) { ediPartyName [5] IMPLICIT SEQUENCE (20) { nameAssigner [0] CHOICE OPTIONAL NOT PRESENT partyName [1] CHOICE (18) { PrintableString (16) "EDI Manel Medina" } } } } } } } } } signatureAlgorithm SEQUENCE (13) { algorithm OBJECT IDENTIFIER (9) pkcs1-md5WithRSAEncryption parameters TYPE (2) with { NULL (0) } } signature BIT STRING (0) } X.509 INITIAL CERTIFICATE (III): EXTENSIONS
USC (v3) : CERTIFICATE SEGMENT 0536....CERTIFICATE REFERENCE 1 S500: SECURITY IDENTIFICATION DETAILS 0577....Security party qualifier 3 0538....Key name Manel Medina Key 1 0586....Security party name EDI Manel Medina S500: SECURITY IDENTIFICATION DETAILS 0577....Security party qualifier 4 0586....Security party name DEDICAName 0544....FORMAT CERTIFICATE VERSION XXY 0505....FILTER FUNCTION, CODED 5 0507....CHARACTER SET ENCODING, CODED 2 0543....CHARACTER REPERTOIRE, CODED 2 S501_V3: SECURITY DATE AND TIME 0517....Date and time qualifier, coded 3 0502....Date 19961218 0504....Time 111200 S501_V3: SECURITY DATE AND TIME 0517....Date and time qualifier, coded 4 0502....Date 19971218 0504....Time 111200 USA (v3) : SECURITY ALGORITHM S502: SECURITY ALGORITHM 0523....Use of algorithm, coded 3 0527....Algorithm, coded 10 USA (v3) : SECURITY ALGORITHM S502: SECURITY ALGORITHM 0523....Use of algorithm, coded 4 0527....Algorithm, coded 6 USA (v3) : SECURITY ALGORITHM S502: SECURITY ALGORITHM 0523....Use of algorithm, coded 6 0527....Algorithm, coded 10 S503_V3: ALGORITHM PARAMETER 0532....Algorithm parameter value 04J61TB/WLH,PH/D=38MYV-1M5BSJO3A8XH8TSLRM)QJDM=AE/X3 PAI.QJQUBQG94H08HTE)0TQKK7XU,UDKT5-FRLTWCG0NCVQLYIV7 /2KCZ50T0Y168B)G081X07O55ORGRB.5G64/=W0.STPQ(AOLRHNZ AS2ZH-93XTTOCSAYCW8)9TVZS//0.S81Q9UI2P 0531....Algorithm parameter qualifier, coded 12 S503_V3: ALGORITHM PARAMETER 0532....Algorithm parameter value 05/01 0531....Algorithm parameter qualifier, coded 13 S503_V3: ALGORITHM PARAMETER 0532....Algorithm parameter value 1024 0531....Algorithm parameter qualifier, coded 14 EDIFACT CERTIFICATE CONTENTS AND CODIFICATION (III) USC+1+3:Manel Medina Key 1::::EDI Manel Medina+4:::::DEDICAName+XXY+5+2+2++++++3:19961218:111200+4:19971218:111200'USA+3:::10+++++' USA+4:::6+++++'USA+6:::10+04J61TB/WLH,PH/D=38MYV-1M5BSJO3A8XH8TSLRM)QJDM=AE/X3PAI.QJQUBQG94H08HTE)0TQKK7XU,UDKT5- FRLTWCG0NCVQLYIV7/2KCZ50T0Y168B)G081X07O55ORGRB.5G64/=W0.STPQ(AOLRHNZAS2ZH-93XTTOCSAYCW8)9TVZS//0.S81Q9UI2P:12+ 05/01:13+1024:14++'USR+F93IFAG3.94T8GIFH13O.INHVT/BPC8KIO3XN77LHHL4L214LOVYO=83ZU.86010Z6WL96O8G.1I004NSVWJR29U(L6JIUL /3J8H=WYD7HIW0C0RP1E4S52ZFDOHJO3J66/92.BT8,PIR1D5Z425T48E,51EP37I.M3FP2P1PB3CA4M(VU(,6OV8FHAG/YLY'
DELIVERABLES LIST ID Title D03.1 Technical description of X509 and UN/EDIFACT certificates. Specific user requirements on certificate data elements mapping. D03.2 Naming conversion rules specification functional requirements. D03.3 Final specification of CertMap conversion rules. D05.1 EDI security functions API’s specification D05.2 Secure EDI communications API specification D06.1 Specification of the CertMap data types and architecture. D07.1 Functional specification of MangMap. D07.2 Final specificatio of MangMap Conversion Rules.