200 likes | 227 Views
This CEN/WS.XBRL publication discusses the current situation and latest evolutions of CWA2, which aims to standardize the way of submitting instances in a container with standardized encryption, digital signature, compression, and more. It also covers the way of transmitting the usual metadata that determine the context of an XBRL reporting instance.
E N D
CEN/WS XBRL: Improving transparency in financial and business reporting CWA2 Situation & latest evolutions Present situation Emile Bartolé CWA2
Objectives of CWA2 CWA2 Dual objective of CWA2: standardize • The way of submitting instances, a container with standardized • Encryption • Digital signature • Compression • … • The way of transmitting the usual metadata that determine the context of an xbrl reporting instance • the sender of the document • contact details • date and time of submission • …
Standards used: Compression & Hash Zip as defined in http://www.pkware.com/documents/casestudies/APPNOTE.TXT SHA256 as defined in http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf
Standards used: Digital signature The file structure generated by the signature SHALL be XAdES-BES/EPES http://uri.etsi.org/01903/v1.4.1/ using RSA with SHA512 http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 implemented in accordance with http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2011:053:0066:0072:EN:PDF
Standards used: Encryption W3C Encryption http://www.w3.org/TR/xmlenc-core/ using key transport RSA-OAEP http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p and encrypting data with AES256. http://www.w3.org/2001/04/xmlenc#aes256-cbc
Requirements input EBA Easy to use, minimal model (1 instance per container) Senders identified in transport system, only encryption required (no digital signatures) Known people from NSAs, no need to identify them explicitely in a header EIOPA Minimal structural header Extensibility of header for content-based fields
Reserved extended suffix .signed.xml exclusively reserved for signed files .encrypted.xml exclusively reserved for encrypted files
header.xml file1.xbrl file2.xbrl file3.xbrl Compress Container.zip Sign with a first signature and replace extension Container.signed.xml Filename in XML: Container.zip Sign with a second signature and replace extension Container.signed.xml Filename in XML: Container.signed.xml Encrypt and replace extension Container.encrypted.xml Filename in XML: Container.signed.xml Container creation example
Container reception example Container.encrypted.xml Filename in XML: Container.signed.xml Decrypt and extract file Container.signed.xml Filename in XML: Container.signed.xml Validate first signature and extract file Container.signed.xml Filename in XML: Container.zip Validate second signature and extract file Container.zip Uncompress header.xml file1.encrypted.xml file2.signed.xml file3.xbrl container.zip header.xml file1.signed.xml file2.xbrl file3.xbrl container.zip header.xml file1.xbrl file2.xbrl file3.xbrl container.zip
Exchange files Header file - characteristics of the data files in the submission (caution: deprecated, not yet extensible version!) http://www.eurofiling.info/eu/fr/esrs/header Container feedback files - confirming (or not) the success of the reception of a submission container http://www.eurofiling.info/eu/fr/esrs/ContainerFeedback Instance feedback files - Result of the (XBRL-)validation of every submitted data file http://www.eurofiling.info/eu/fr/esrs/InstanceFeedback
Sender Receiver signed(optional) encrypted (optional) Subnission container Feedback container encrypted (optional) signed(optional) Containerfeedback file Rest of the Feedback container Exchange model
2-level support: Forwarding Submission container 1 header.xml nationalinstance1.xbrl nationalinstance2.xbrl Submission container 2 Submission container 2 Reporting Entity Response Container 1 Response Container 2 European Supervision Authority National Supervision Authority
2-level support: Repackaging Reporting entity submission NSA submission header.xml re1.xbrl re2.xbrl … … … ren.xbrl header.xml re1.xbrl re2.xbrl … … … ren.xbrl Reporting Entity Response RE Response NSA European Supervision Authority National Supervision Authority
2-level support: Regeneration Reporting entity submission header.xml re1.xbrl re2.xbrl … … … ren.xbrl NSA submission header.xml nsa1.xbrl nsa2.xbrl … nsan.xbrl Reporting Entity Response RE Response NSA European Supervision Authority National Supervision Authority
BasicHeader ExtendedHeader RegisteredOrganizationVocabulary OtherModule(s) Extensible Header
Thanks for your attention emile.bartole@cssf.lu Comments or questions? Page 20 CWA2