1、raising standards worldwideNO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBSI Standards PublicationDD CEN/TS 15121-2:2011Postal Services Hybrid MailPart 2: Secured electronic postal services(SePS) interface specification ECPMServiceDD CEN/TS 15121-2:2011 DRAFT FOR DEVELOPMENTN
2、ational forewordThis Draft for Development is the UK implementation of CEN/TS15121-2:2011.This publication is not to be regarded as a British Standard.It is being issued in the Draft for Development series of publicationsand is of a provisional nature. It should be applied on thisprovisional basis,
3、so that information and experience of its practicalapplication can be obtained.Comments arising from the use of this Draft for Developmentare requested so that UK experience can be reported to theinternational organization responsible for its conversion toan international standard. A review of this
4、publication willbe initiated not later than 3 years after its publication by theinternational organization so that a decision can be taken on itsstatus. Notification of the start of the review period will be made inan announcement in the appropriate issue of Update Standards.According to the replies
5、 received by the end of the review period,the responsible BSI Committee will decide whether to support theconversion into an international Standard, to extend the life of theTechnical Specification or to withdraw it. Comments should be sentto the Secretary of the responsible BSI Technical Committee
6、at BritishStandards House, 389 Chiswick High Road, London W4 4AL.The UK participation in its preparation was entrusted to TechnicalCommittee SVS/4, Postal services.A list of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport to in
7、clude all the necessaryprovisions of a contract. Users are responsible for its correctapplication. BSI 2011ISBN 978 0 580 70586 1ICS 03.240Compliance with a British Standard cannot confer immunity fromlegal obligations.This Draft for Development was published under the authority ofthe Standards Poli
8、cy and Strategy Committee on 31 January 2011.Amendments issued since publicationDate Text affectedDD CEN/TS 15121-2:2011TECHNICAL SPECIFICATION SPCIFICATION TECHNIQUE TECHNISCHE SPEZIFIKATION CEN/TS 15121-2 January 2011 ICS 03.240 English Version Postal Services - Hybrid Mail - Part 2: Secured elect
9、ronic postal services (SePS) interface specification - ECPM Service Postalische Dienstleistungen - Hybride Sendungen - Part 2: Schnittstellen-Spezifikation fr Gesicherte elektronische postalische Dienste (SePS) - ECPM Service This Technical Specification (CEN/TS) was approved by CEN on 9 August 2010
10、 for provisional application. The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard. CEN members are required
11、to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS) until the final decision about the possible conversi
12、on of the CEN/TS into an EN is reached. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Polan
13、d, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG Management Centre: Avenue Marnix 17, B-1000 Brussels 2011 CEN All rights of exploitation in any form and by an
14、y means reserved worldwide for CEN national Members. Ref. No. CEN/TS 15121-2:2011: EDD CEN/TS 15121-2:2011CEN/TS 15121-2:2011 (E) 2 Contents Page Foreword 3Introduction .41 Scope 62 Normative references 63 Terms and definitions .64 Symbols and abbreviations 65 EPCM service definition 65.1 Service de
15、scription 65.1.1 Outline .65.1.2 Digital signature verification 75.1.3 Time stamping 75.1.4 Protection of confidentiality .75.1.5 Non-repudiation .75.1.6 Event logging .85.2 Compliance with the SePS specification 85.3 Backwards compatibility .85.4 Cross-border provision of the EPCM service .8Annex A
16、 (informative) Relevant intellectual property rights (IPR) 10A.1 Introduction . 10A.2 USPS Trademarks . 10A.3 Patents . 12DD CEN/TS 15121-2:2011CEN/TS 15121-2:2011 (E) 3 Foreword This document (CEN/TS 15121-2:2011) has been prepared by Technical Committee CEN/TC 331 “Postal Services”, the secretaria
17、t of which is held by NEN. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights. This document forms Part 2 of a multi-part CEN standard, CE
18、N/TS 15121, Postal Services - Hybrid Mail. CEN/TS 15121 was originally published as a UPU standard S43 and was adopted by CEN under the current Memorandum of Understanding between UPU and CEN. UPU S43 was a single part standard covering only secured electronic postal services, but has been split int
19、o parts to allow the standard to be extended to cover other services based on the same concepts and service primitives. These concepts and service primitives are now documented in Part 1 of the standard, CEN/TS 15121-1, and UPU S43a. This part provides the specification of the Electronic Postal Cert
20、ification Mark (EPCM) service which conforms with the definition in Article 257bis of the UPU Letter Post Regulations. CEN/TC 331 WG2 decided to adopt the UPU S43-b, as it was an integrative part of UPU S43 during the time of the decision to adopt the UPU S43 under the current Memorandum of Understa
21、nding between UPU and CEN in 2005. According to the Memorandum of Understanding (MoU) between the UPU and CEN, signed Oct. 22nd, 2001; 3.3 CEN notifies the following deviation from the source text: The term “postal administration“ meaning a postal service designated by one member country of the UPU
22、was changed according with the wording of the Postal Directive to “postal service“. According to the CEN/CENELEC Internal Regulations, the national standards organizations of the following countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czec
23、h Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and the United Kingdom. DD CEN/TS 15121-2:2011CEN/TS 15121-2:2011 (E)
24、 4 Introduction This document provides the specification of the Electronic Postal Certification Mark (EPCM) service which conforms with the definition in Article RL 257bis of the UPU Letter Post Regulations. It is based on a subset of the verbs or operations defined in CEN/TS 15121-1, Postal Service
25、s Hybrid Mail Part 1: Secured electronic postal services (SePS) interface specification Concepts, schemas and operations, to which the reader is referred. An EPCM is essentially a digital signature verification and timestamping authority which verifies, and logs as evidence, the content integrity of
26、 electronic information. The collection of technical services in an EPCM service can cryptographically verify and store electronic evidence in support of the resolution of potential disputes which challenge the authenticity of events within a cycle of one or more automated transactions involving a p
27、ostal customer. An EPCM service constructed to this specification can support the capture and reproduction of evidence data attesting to the fact that a target business transaction was conducted and completed in an environment of integrity and trustworthiness with respect to one or more of the follo
28、wing attributes: the transaction originator; the party, if any, who closed or terminated the transaction; other parties who participated in the transaction; were the terms, conditions, and commitments understood by all parties; when was the document agreed to by the stakeholders, and sent to each pa
29、rticipating party; when was it received by each participating party; was the content intact throughout transmission; have all parties been notified of all agreed events of significance. An EPCM service which complies with this specification can support the following capabilities: non-repudiation of
30、origin; non-repudiation of submission; non-repudiation of delivery; non-repudiation of receipt. An EPCMs non-repudiation service involves the use of selected combinations of SePS operations in order to ensure end-to-end transaction integrity and evidence collection in a confidential and auditable en
31、vironment. This specification has one main heading: Clause No Description of content 5 EPCM service definition: this defines the EPCM service by reference to the schemas and operations defined in CEN/TS 15121-1:2011. DD CEN/TS 15121-2:2011CEN/TS 15121-2:2011 (E) 5 The implementation of part or all o
32、f this specification might involve the use of intellectual property that is the subject of patent and/or trademark rights. It is the responsibility of users of the standard to conduct any necessary searches and to ensure that any pertinent rights are in the public domain; are licensed1) or are avoid
33、ed. Neither CEN nor the UPU can accept any responsibility in case of infringement, on the part of users of this document, of any third party intellectual property rights. Nevertheless, document users and owners of such rights are encouraged to advise the Secretariat of the UPU Standards Board and/or
34、 of CEN/TC 331 of any explicit claim that any technique or solution described herein is protected by such rights in any CEN or UPU member country. Any such claims will, without prejudice, be documented in the next update of this standard, or otherwise at the discretion of the Standards Board, respec
35、tively CEN/TC 331. Annex A of this document lists the intellectual property rights brought to the attention of CEN/TC 331 and the UPU Standards Board prior to approval of the publication of this version of the standard. NOTE The mention of intellectual property rights, in Annex A, is on a without pr
36、ejudice basis. That is, such mention indicates only that some party has expressed the view that use of the standard might, in some circumstances, infringe the mentioned intellectual property rights. It should not be taken as in any way confirming the validity of such view and users should conduct th
37、eir own searches to determine whether the mentioned IPR is in fact applicable to their specific case. 1) Mail service contractors are advised to ensure that reliance on intellectual property that is not in the public domain does not inadvertently lead to the creation of an effective monopoly. This c
38、ould occur, even if usage of the intellectual property concerned is licensed by the mail service contractor, unless the terms of the licensing agreement commit the IPR holder to making licences available, on appropriate terms, to the mail service contractors customers and suppliers, including compet
39、itors of the IPR holder. DD CEN/TS 15121-2:2011CEN/TS 15121-2:2011 (E) 6 1 Scope This document specifies a secured electronic postal service, referred to as the Electronic Postal Certification Mark (EPCM) service, which provides a chain of evidence, stored by an administration as a trusted third par
40、ty, to prove the existence of an electronic event, for a certain content, at a certain date and time, and involving one or more identified parties. The service is defined by reference to the concepts, schemas and operations defined in CEN/TS 15121-1, Postal Services Hybrid Mail Part 1: Secured elect
41、ronic postal services (SePS) interface specification Concepts, schemas and operations. It requires support for five core SePS operations and permits optional support seven others. This version of the specification does not cover: a description of the issues surrounding inter-operability between mult
42、iple postal SePS implementations when a business transaction Lifecycle requires the participation of more than one SePS implementation in a cross-border scenario involving two or more postal services; issues surrounding SePS usage in a multiple Certificate Authority scenario where inter-operating po
43、sts are participating in a cross-border transaction as described above; examination of “Certificate Authority deployment model” alternatives necessitated by the cross-border scenarios described above. 2 Normative references The following referenced documents are indispensable for the application of
44、this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. CEN/TS 15121-1:2011, Postal Services Hybrid Mail Part 1: Secured electronic postal services (SePS) interface specification Co
45、ncepts, schemas and operations NOTE See Part 1 of the standard (CEN/TS 15121-1). 3 Terms and definitions For the purposes of this document, the terms and definitions given in CEN/TS 15121-1:2011 apply. 4 Symbols and abbreviations For the purposes of this document, the symbols and abbreviations given
46、 in CEN/TS 15121-1:2011 apply. 5 EPCM service definition 5.1 Service description 5.1.1 Outline The EPCM service provides a mechanism whereby a party to an electronic transaction, which might involve multiple electronic exchanges of data between participating parties, can register an electronic docum
47、ent as DD CEN/TS 15121-2:2011CEN/TS 15121-2:2011 (E) 7 forming part of the transaction lifecycle, with all participating parties and/or authorised third parties subsequently being able to verify this registration and its timing. As a corollary, it also provides a mechanism to prevent repudiation of
48、registered documents and to support repudiation of changes made to documents subsequent to their registration. The service is based on five components: digital signature verification; time stamping; protection of confidentiality; non-repudiation and event logging. These components are described belo
49、w. 5.1.2 Digital signature verification Digital signatures are used both to verify the identity of the party submitting or registering an electronic document and to ensure the integrity of the document content. All input is maintained as evidence and can be re-verified at any point in the future should authenticity be challenged. Digital signature integrity and certificate status are verified using PKI-based digital fingerprinting and signature ve