Presentation is loading. Please wait.

Presentation is loading. Please wait.

Emile Bartolé CEN/WS XBRL: Improving transparency in financial and business reporting CWA2 final deliveries 1CWA2.

Published byLetitia Stone Modified over 8 years ago

Similar presentations

Presentation on theme: "Emile Bartolé CEN/WS XBRL: Improving transparency in financial and business reporting CWA2 final deliveries 1CWA2."— Presentation transcript:

1 Emile Bartolé CEN/WS XBRL: Improving transparency in financial and business reporting CWA2 final deliveries 1CWA2

2 Objectives of CWA2 Dual objective of CWA2: standardize The way of submitting instances, a container with standardized Encryption Digital signature Compression … The way of transmitting the usual metadata that determine the context of an xbrl reporting instance the sender of the document contact details date and time of submission … Page 2CWA2

3 Exchange model Subnission container Receiver encrypted (optional) signed (optional) Response container Sender Containerfeedback file Rest of the Feedback container encrypted (optional) signed (optional)

4 Submission container examples

5 Standards used: Compression & Hash Zip as defined in http://www.pkware.com/documents/casestudies/APPNOTE.TXT SHA256 as defined in http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf

6 Standards used: Digital signature The file structure generated by the signature SHALL be XAdES-BES/EPES http://uri.etsi.org/01903/v1.4.1/ using RSA with SHA512 http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 implemented in accordance with COMMISSION DECISION of 25 February 2011, establishing minimum requirements for the cross-border processing of documents signed electronically by competent authorities under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market

7 Standards used: Encryption W3C Encryption http://www.w3.org/TR/xmlenc-core/ using key transport RSA-OAEP http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p and encrypting data with AES256. http://www.w3.org/2009/xmlenc11#aes256-gcm

8 Reserved names & suffixes NAME: header.xml exclusively reserved for headers in accordance with the present CWA SUFFIX:.signed.xml exclusively reserved for signed files SUFFIX:.encrypted.xml exclusively reserved for encrypted files SUFFIX:.containerfeedback.xml exclusively reserved for files complying with the ContainerFeedback schema SUFFIX:.instancefeedback.xml exclusively reserved for files complying with the InstanceFeedback schema.

9 File name change upon signature (equivalent for encryption) File to signName of the signed fileFilename inside the XML signature file LolLol.signed.xml Same as « File to sign » Lol.pdfLol.signed.xml Same as « File to sign » Lol.zipLol.signed.xml Same as « File to sign » Lol.signed.xml Same as « File to sign » Lol.encrypted.xmlLol.signed.xml Same as « File to sign »

10 Container.signed.xml Container.zip Sign with a first signature and replace extension header.xml file1.xbrl file2.xbrl file3.xbrl Compress Container.encrypted.xml Encrypt and replace extension Container.signed.xml Sign with a second signature and replace extension Filename in XML: Container.zip Filename in XML: Container.signed.xml Container creation example

11 Container.encrypted.xml Container.signed.xml Decrypt and extract file Container.signed.xml Validate first signature and extract file Container.zip Validate second signature and extract file header.xml file1.encrypted.xml file2.signed.xml file3.xbrl container.zip Uncompress Filename in XML: Container.zip Filename in XML: Container.signed.xml header.xml file1.xbrl file2.xbrl file3.xbrl container.zip header.xml file1.signed.xml file2.xbrl file3.xbrl container.zip Container reception example

12 Extensible Header BasicHeader RegisteredOrganizationVocabulary ExtendedHeader OtherModule(s) See also Core Business Vocabulary as an XBRL taxonomy at http://wikixbrl.info/index.php?title=European_Metadata_Header#Core_Business_Vocabulary_XBRL_taxonomy

13 BasicHeader

14 Standard vs customized Headers Use-caseCharacteristics StandardHeader BasicHeaderOnly This header imports the BasicHeader « as is », makes no extensions of it and does not import the RegisteredOrganizationVocabulary as it uses none of its fields. Namespace: http://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnlyhttp://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnly XSD URL: http://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnly.xsdhttp://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnly.xsd XML sample instance URL: http://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnly.xmlhttp://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnly.xml StandardHeader WithRegOrg This header structure reflects the survey made within the Eurofiling BestPractices efforts which had given the results documented in http://www.wikixbrl.info/index.php?title=Best_Practices_on_Common_European_Reporting_Structures All fields related to « Transport » issues have been removed as these are out of scope of this CWA. Namespace: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrghttp://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrg XSD URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrg.xsdhttp://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrg.xsd XML sample instance URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrg.xmlhttp://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrg.xml StandardHeader WithoutRegOrg This header is (with regards to its function and its content) equivalent to the previous “ StandardHeaderWithRegOrg ”, but it does not import RegOrg and creates the missing fields as equivalent simple XML fields Namespace: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrghttp://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrg XSD URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrg.xsdhttp://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrg.xsd Sample instance URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrg.xmlhttp://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrg.xml Fully customizedExtend it according to your own needs !

15 Response containers Response container Response.containerfeedback.xml Report1_Feedback instance_1.instancefeedback.xml instance_2.instancefeedback.xml … instance_n.instancefeedback.xml Report1_Feedback_Visual instance_1.xls instance_2.xls … instance_n.xls Report2_Feedback instance_1.instancefeedback.xml instance_2.instancefeedback.xml … instance_m.instancefeedback.xml Submission container header.xml Report1_XBRL instance_1.xbrl instance_2.xbrl … instance_n.xbrl Report2_XML instance_1.xml instance_2.xml … instance_m.xml

16 Feedback files Container feedback files - confirming (or not) the success of the reception of a submission container http://www.eurofiling.info/eu/fr/esrs/ContainerFeedback Instance feedback files - Result of the (XBRL-) validation of every submitted data file http://www.eurofiling.info/eu/fr/esrs/InstanceFeedback

17 Selected comments from consultation Why not to use XBRL for header / containerfeedback / instancefeedback -integrating RegOrg is technically not possible -container supports multiple formats (e.g. XML, CSV etc.), not only XBRL instances -XML more appropriate to carry that type of information Why not to restrict the CWA to only « stable, system-relevant » parts (envelope) and leave out unstable, business-related parts (header) -The CWA’s definition required « metadata » to be covered -The chosen aproach (extensible header) should give enough flexibility to deal with unstable business-related parts CWA2 specification unnecessarily restricts the algorithms used (to AES-256 in this case). Commonly available implementations support a much wider range of algorithms, and in principle, it should be up to the receiver to specify an acceptable set of algorithms. As the specification currently stands, it will need to be modified whenever AES-256 is no longer considered secure. The proposition to allow a choice of different algorithms was submitted to the coordination of this project as well as to the NEN. Both confirmed that in order to prevent confusion on how the standard is used, there shall be an exact requirement on how the standard is used; the algorithms shall be determined in a clear, unique way. The algorithms were chosen to respect the state of the art security considerations. Should security issues occur, a follow-up CWA may be required. The Registered Organization Vocabulary is very large, with no clear alignment with the metadata that receivers wish to collect. While its use is optional, it is doubtful that it's ever an appropriate choice. If this level of detail were required along with the main submission, XBRL would be a much more robust solution. With the mechanism of extensible headers, no one is forced to use registered organisation vocabulary. As it is an official standard supported by the European Union, we produced a header version enabling its use.

18 Thanks for your attention Page 18 Comments or questions? emile.bartole@cssf.lu CWA2

Download ppt "Emile Bartolé CEN/WS XBRL: Improving transparency in financial and business reporting CWA2 final deliveries 1CWA2."

Similar presentations

Orphan works and the cultural sector. A governmental organisation perspective Rossella Caffo Ministero per i Beni e le Attività Culturali – Italy Coordinator.

Orphan works and the cultural sector. A governmental organisation perspective Rossella Caffo Ministero per i Beni e le Attività Culturali – Italy Coordinator.
Present situation - DRAFT Emile Bartolé CEN/WS XBRL: Improving transparency in financial and business reporting CWA2 Situation & latest evolutions 1CWA2.

Present situation - DRAFT Emile Bartolé CEN/WS XBRL: Improving transparency in financial and business reporting CWA2 Situation & latest evolutions 1CWA2.
Present situation Emile Bartolé CEN/WS XBRL: Improving transparency in financial and business reporting CWA2 Situation & latest evolutions 1CWA2.

Present situation Emile Bartolé CEN/WS XBRL: Improving transparency in financial and business reporting CWA2 Situation & latest evolutions 1CWA2.
26 September 2012 Emile Bartolé CEN/WS XBRL Kick-off meeting CWA2 deliverable - DRAFT 1CWA2.

26 September 2012 Emile Bartolé CEN/WS XBRL Kick-off meeting CWA2 deliverable - DRAFT 1CWA2.
Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
12 December 2012 Emile Bartolé, CSSF LU CEN/WS XBRL CWA2Page 1 CWA2: Metadata container to wrap a submitted XBRL instance document and compliance test.

12 December 2012 Emile Bartolé, CSSF LU CEN/WS XBRL CWA2Page 1 CWA2: Metadata container to wrap a submitted XBRL instance document and compliance test.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
UDDI v3.0 (Universal Description, Discovery and Integration)

UDDI v3.0 (Universal Description, Discovery and Integration)
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Filing rules and extensions of EBA/EIOPA taxonomies

Filing rules and extensions of EBA/EIOPA taxonomies
Luxembourg, 25.11.2010 Ville Kajala Senior Officer on Transparency Directive Issues Pan-European Access to Financial Information Disclosed by Listed Entities.

Luxembourg, Ville Kajala Senior Officer on Transparency Directive Issues Pan-European Access to Financial Information Disclosed by Listed Entities.
DecisionSoft Validation for large scale consumers of XBRL Paul Warren DecisionSoft Limited 12 May 2004.

DecisionSoft Validation for large scale consumers of XBRL Paul Warren DecisionSoft Limited 12 May 2004.
1 Use and content of the RFP  Request for Proposals (RFP) is similar to bidding documents and include all information of the assignment, selection of.

1 Use and content of the RFP  Request for Proposals (RFP) is similar to bidding documents and include all information of the assignment, selection of.
PAPERLESS BUSINESS in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE - Advisor to the Governor.

PAPERLESS BUSINESS in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE - Advisor to the Governor.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Health and Consumers Health and Consumers Identification and traceability of dogs and cats: the current EU legal framework and possible future developments.

Health and Consumers Health and Consumers Identification and traceability of dogs and cats: the current EU legal framework and possible future developments.
1. 2 ECRF survey - Electronic signature Mr Yves Gonner Luxembourg, June 12, 2009.

1. 2 ECRF survey - Electronic signature Mr Yves Gonner Luxembourg, June 12, 2009.
Ministry of Transport, Information Technology and Communications Technological base: Interoperability Tsvetanka Kirilova Ministry of TITC Bulgaria.

Ministry of Transport, Information Technology and Communications Technological base: Interoperability Tsvetanka Kirilova Ministry of TITC Bulgaria.
XBRL regulatory reporting to the Securities Commission of Spain José M. Alonso Comisión Nacional del Mercado de Valores (CNMV)

XBRL regulatory reporting to the Securities Commission of Spain José M. Alonso Comisión Nacional del Mercado de Valores (CNMV)

Similar presentations

Ads by Google