Presentation on theme: "AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards."— Presentation transcript:
AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards
UBL-based eCOO data model eCOO data model, based on UBL (ebXML)/OASIS, was once developed in Business Collaboration Framework WG (BCFWG) several years ago chaired by Kamarudin Bin Tambi of Crimsonligic, Singapore. I was one of the BCFWG members. Many PAA members adopted the data model to test for interoperability. At that time officials from Chinese Taipei and some AFACT members also participated in the online concall discussion of data element and did some necessary data harmonization. Therefore, Chinese Taipei and Korea, through collaboration of TradeVAN and KTNet, tested interoperability technically and then established officially mutual understanding for exchanging eCOO message through the two VANs.
PAA Achievements Has established robust legal framework which covers the liability of each parties, service level, dispute resolution process etc. for the exchange of digitally signed electronic documents Has developed PKI mutual recognition framework to support secure cross border transaction Has created message standards for both commercial and government related documents Has completed interconnectivity test among members using ebMSv2.0 messaging service handler Has created business model and charging scheme
Current PAA Accredited CAs
UN/CEFACT Recommendation #37 Recommendation No. 37 Signed Digital Evidence Interoperability Recommendation Review before further iteration of Open Development Process Step 5 – Public Review
SDEIR Scope A digital document, unlike a paper document, has little evidence value until it is reinforced by a mechanism, such as electronic signature, which guarantees the integrity and the authenticity of the document. However, because of the multiplicity of electronic signature standards, verification of digital evidence by a recipient may be impossible. This has a direct impact on the ability of businesses and administrations to securely exchange digital documents between themselves and with their administrative and financial counterparts.
SDEIR Goal Aims to increasing the level of interoperability of electronically signed digital evidence in order to facilitate the development of paperless international trade. Defining a set of functional rules which signed digital evidence should follow
Interoperability Problems Signature format interoperability: the verifying software is often not able to deal with the digital signature format received or not able to understand to which file the signature corresponds, or where the signature is. Semantic value of the signature: the verifying software or the format of the signature may not allow understanding the signatory’s intention (for instance if it is for integrity purposes or as an approval of the signed content, or otherwise). Certificate validity: the verifying software may not able to determine if the certificate is trustworthy or if it was revoked at the date of signature.
SDEIR Verification for digital Evidence The signatures’ parameters (date, place, type of commitment, …) The integrity of the signed content The integrity and validity of the signatories’ certificates The trustworthiness of the certification service providers
SDEIR objectives Improve efficiency and reliability of the verification of digital evidence received from another party; Increase interoperability of digital evidence which in turn will increase trust and confidence; Provide a wide yet coordinated path to increase the rate of adoption of paperless technologies.
Benefits of SDEIR Facilitate trust by offering generic functionality to create, verify and easily manage signed digital evidence; Ensure interoperability of signed digital evidence by means of a common functional and independence to the technical format used; Simplify the integration of digital signatures in business and archiving applications
Roadmap for AFACT eCOO cross-border initiative
Subjects for Discussion and Guidelines Solution A: Data Model based on already exp. Implementing UNCEFACT Rec. 37 (SDEIR) and recognitions A Framework for Country policies and agreements Solution B: Expanding PAA Framework A Framework for Country policies and agreements
Next eCOO WG Meeting Parallel with AFACT Midterm Meeting May 2011 Kaohsiung Chinese Taipei