1、DRAFT FOR DEVELOPMENTDD CEN/TS 15130:2006Postal services DPM infrastructure Messages supporting DPM applicationsICS 03.240g49g50g3g38g50g51g60g44g49g42g3g58g44g55g43g50g56g55g3g37g54g44g3g51g40g53g48g44g54g54g44g50g49g3g40g59g38g40g51g55g3g36g54g3g51g40g53g48g44g55g55g40g39g3g37g60g3g38g50g51g60g53g
2、44g42g43g55g3g47g36g58DD CEN/TS 15130:2006This Draft for Development was published under the authority of the Standards Policy and Strategy Committee on 31 May 2006 BSI 2006ISBN 0 580 48340 1National forewordThis Draft for Development is the official English language version of CEN/TS 15130:2005.Thi
3、s publication is not to be regarded as a British Standard.It is being issued in the Draft for Development series of publications and is of a provisional nature. It should be applied on this provisional basis, so that information and experience of its practical application may be obtained.A review of
4、 this Draft for Development will be carried out not later than 2 years after its publication.Notification of the start of the review period, with a request for the submission of comments from users of this Draft for Development, will be made in an accouncement in the appropriate issue of Update Stan
5、dards. According to the replies received, the responsible BSI Committee will judge whether the Draft for Development can be converted into a British Standard or what other action should be taken.Observations which it is felt should receive attention before the official call for comments will be welc
6、omed. These should be sent to the Secretary of BSI Technical Committee SVS/4, Postal services, at British Standards House, 389 Chiswick High Road, London W4 4AL, giving the document refererence and clause number and proposing, where possible, an appropriate revision of the text.A list of organizatio
7、ns represented on this subcommittee can be obtained on request to its secretary.Cross-referencesThe British Standards which implement international or European publications referred to in this document may be found in the BSI Catalogue under the section entitled “International Standards Corresponden
8、ce Index”, or by using the “Search” facility of the BSI Electronic Catalogue or of British Standards Online.Summary of pagesThis document comprises a front cover, an inside front cover, the CEN/TS title page, pages 2 to 44, an inside back cover and a back cover.The BSI copyright notice displayed in
9、this document indicates when the document was last issued.Amendments issued since publicationAmd. No. Date CommentsTECHNICAL SPECIFICATIONSPCIFICATION TECHNIQUETECHNISCHE SPEZIFIKATIONCEN/TS 15130April 2006ICS 03.240English VersionPostal services - DPM infrastructure - Messages supportingDPM applica
10、tionsPostalische Dienstleistungen - Schnittstelle frElektrotechnische SignaturThis Technical Specification (CEN/TS) was approved by CEN on 7 May 2005 for provisional application.The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requ
11、ested to submit theircomments, particularly on the question whether the CEN/TS can be converted into a European Standard.CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS availablepromptly at national level in an appropriate form. I
12、t is permissible to keep conflicting national standards in force (in parallel to the CEN/TS)until the final decision about the possible conversion of the CEN/TS into an EN is reached.CEN members are the national standards bodies of Austria, Belgium, Cyprus, Czech Republic, Denmark, Estonia, Finland,
13、 France,Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania,Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom.EUROPEAN COMMITTEE FOR STANDARDIZATIONCOMIT EUROPEN DE NORMALISATIONEUROPISCHES KOMITEE FR
14、 NORMUNGManagement Centre: rue de Stassart, 36 B-1050 Brussels 2006 CEN All rights of exploitation in any form and by any means reservedworldwide for CEN national Members.Ref. No. CEN/TS 15130:2006: E2 Contents Page Foreword3 Introduction .4 1 Scope 5 2 Normative references 6 3 Terms and definitions
15、 .6 4 Requirements.10 5 Description of the models (system architecture and interaction diagrams).14 Annex A (normative) Implicit certification process.38 Annex B (normative) Message structure40 Annex C (informative) Development principles.43 Bibliography 44 CEN/TS 15130:20063 Foreword This document
16、(CEN/TS 15130:2006) has been prepared by Technical Committee CEN/TC 331 “Postal Services”, the secretariat of which is held by NEN. According to the CEN/CENELEC Internal Regulations, the national standards organizations of the following countries are bound to announce this CEN Technical Specificatio
17、n: Austria, Belgium, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom. CEN/TS 15130:200
18、64 Introduction The purpose of this document is to define a consistent and complete set of messages between vendors and posts infrastructures in support of DPM applications. It is assumed that the reader of this document is familiar with computer-related technologies normally used to design and impl
19、ement applications requiring an interaction between computer systems. This document makes use of industry-accepted technical standards and concepts like public key cryptography and communication protocols. This document defines the significant content and the format for data exchanges and messages,
20、consistent with current industry practices. Also, consistent with the concepts of extensibility and flexibility, this document allows for extensions supporting specific (local) implementations using additional data elements. CEN/TS 15130:20065 1 Scope This document specifies the information exchange
21、s between various parties infrastructures that take place in support of DPM applications. It complements standards that address the design, security, applications and readability of Digital Postage Marks. The following items will be addressed by this document: identification of parties participating
22、 in exchanges of information described by this document; identification of functions (interactions, use cases); definition of parties responsibilities in the context of above functions; definition of messages between parties: message meaning and definition of communication protocols to support each
23、function; definition of significant content (payload) for each message; security mechanisms providing required security services, such as authentication, privacy, integrity and non-repudiation. This document does not address: design of DPM supporting infrastructure for applications internal to provi
24、ders and carriers; design of DPM devices and applications for applications internal to end-users. NOTE Although there are other communications between various parties involved in postal communications, this document covers only DPM-related aspects of such communications. CEN/TS 15130:20066 2 Normati
25、ve references The following referenced documents are indispensable for the application of this document. For dated references, or references to a version number, only the edition cited applies. For undated references and where there is no reference to a version number, the latest edition of the refe
26、renced document (including any amendments) applies. ISO/IEC 9798-3, Information technology Security techniques Entity authentication Part 3: Mechanisms using digital signature techniques ISO 10126-2, Banking Procedures for message encipherment (wholesale) Part 2: DEA algorithm 3 Terms and definition
27、s For the purposes of this document, the following terms and definitions apply. 3.1 ascending register value numerical value that is equal to the total accumulated value of postage that has been accounted for and printed by the mailing system (usually used in the context of a postage meter or a fran
28、king machine) 3.2 authentication verification of the identity of a person, process or the origin of the data being exchanged 3.3 control sum sum of the descending register value and ascending register value in a mailing system 3.4 cryptographic material information used in conjunction with cryptogra
29、phic methods of protecting information 3.5 cryptographic key information that uniquely determines a bijection (one-to-one transformation) from the space of messages to the space of ciphertexts 3.6 Cryptographic Validation Codes CVC value, cryptographically derived from selected postal data, which ma
30、y be used in verifying the integrity of such data and authenticating its origin 3.7 data integrity property of a communication channel whereby data has not been altered in an unauthorized manner since the time it was created, transmitted, or stored by an authorized source 3.8 descending register val
31、ue numerical value equal to the total value of unused postage remaining in the mailing system (usually used in the context of a postage meter or a franking machine) CEN/TS 15130:20067 3.9 Digital Postage Mark DPM postmark printed or otherwise attached to a mail item and containing information that m
32、ay be captured and used by mail handling organizations and the recipient 3.10 DPM signature verification key public key that is used for the DPM signature verification 3.11 DPM signing Key DPM signature generation key private key that is used for digital signing of DPM information 3.12 DPM verifier
33、verifier postal equipment that is used for DPM verification 3.13 Exchange Validation Codes EVC code, known to or agreed between a mailer and a licensing post, which when applied to a postal item by the mailer may be used by the licensing post to authenticate the origin of the item and, under appropr
34、iate circumstances, to verify the integrity of agreed upon DPM data 3.14 implicit certificate informational element that binds an entitys identity with its public cryptographic key allowing the verification of the digital signature by another entity using only information contained within the certif
35、icate itself NOTE In Digital Postage Mark verification systems based on public key cryptographic schemes, the verification key is public and can either be retrieved from a database (explicit certificate) or it can be computed from the information contained in the Digital Postage Mark (implicit certi
36、ficate). 3.15 key management infrastructure systems, policies and procedures used to create, store, distribute and update cryptographic keys 3.16 license formal permission to account for postal charges and create an agreed upon evidence of payment for such charges given to qualified mailers by posts
37、, carriers or their authorised agents 3.17 license number informational element (typically numeric or alphanumeric code) that represents the fact that a mailer has obtained license from the post or a carrier authorising the mailer to account for postal charges and to print evidence of a paid postage
38、 3.18 licensing post postal organisation responsible for issuing licenses to qualified mailers CEN/TS 15130:20068 3.19 MAC key DPM MAC key Message Authentication Code (MAC) key used for the protection of the Digital Postal Mark (DPM) in DPM systems based on symmetric key cryptographic schemes 3.20 m
39、ailer person or organization using the services of a post 3.21 mailing system system which is used to account and evidence charges for postal services NOTE Variations of a mailing system include: franking machine or postage meter; personal computer with specialized software; on-line software service
40、 3.22 Message Authentication Code MAC value, cryptographically derived from selected data, which allows data integrity and implicit data origin to be verified NOTE Since MACs are based on shared secret schemes they allow for weaker (implicit) data origin verification than digital signatures that are
41、 based on public key cryptographic schemes. 3.23 non-repudiation security service which prevents an entity from denying previous commitments or actions 3.24 parametrisation process of supplying a system or a device with all input information required for proper operation, involving assignment of spe
42、cific numerical values to named variables used in computation of output values such as data elements of DPM 3.25 post postal administration postal authority organization which has been designated by the UPU member country or territory as an operator responsible for fulfilling part or all of the memb
43、ers obligations arising from adherence to the UPU convention and agreements 3.26 postal code numeric or alphanumeric value that is uniquely indicative of a geographic location of an element of postal processing and delivery network, including postal processing facilities, retail offices, delivery un
44、its and individual recipients mailboxes 3.27 privacy confidentiality security service used to keep the (meaningful) content of the information from all but those authorised to have it CEN/TS 15130:20069 3.28 public key cryptography cryptographic system that uses two keys: a public key accessible to
45、all parties and a private or secret key known only to one party (either the sender or the recipient of the message depending on the use of the system) NOTE An important element of the public key system is that the public and private keys are uniquely related to each other and it is computationally i
46、nfeasible to compute private key from the knowledge of public key. 3.29 Public Key Infrastructure PKI system of digital certificates, certificate authorities, and registration authorities or agents that allows for authentication of all parties involved in communication and data exchange processes 3.
47、30 symmetric key cryptography encryption system in which the sender and receiver of a message share a single, common secret information (key) that is used both to encrypt and decrypt messages that are being exchanged 3.31 time stamp value of the current time stored by a system to indicate when a cer
48、tain transaction took place 3.32 Universal Coordinated Time UCT universal time, taking into account the addition or omission of leap seconds by atomic clocks each year to compensate for changes in the rotation of the earth (Greenwich Mean Time updated with leap seconds) 3.33 vendor provider and/or o
49、perator of mailing systems 3.34 World Wide Web Consortium W3C international consortium of companies involved with the development of open standards for internet and the web 3.35 XML Extensible Mark-up Language subset of SGML constituting a particular text mark-up language for interchange of structured data 3.36 XML schema XML schema is an XML language for describing and constraining the content of XML documents CEN/TS 15130:200610 4 Requirements 4.1 Functional structure This clause covers the organization of the logical layer of communicati