2. An electronic phytosanitary certificate. Is NOT a copy of a printed phytosanitary certificate that is emailed. Is a secured data set using XML for transmission securely and electronically between an exporting and an importing NPPO. Is the equivalent of a paper phytosanitary certificate and may be used if accepted by the NPPO of the importing country.

3. Produces and transmits (sends & receives) ePhyto certificates. Involves 2 National ePhyto Systems and an exchange/transmission mechanism. Every NPPO needs a National System for Export Certification (ISPM 7 & ISPM 12). When this system has the ability to produce electronic certificates (XML), and transmit them, it becomes a National ePhyto System.

4. Speeds up information exchange Reduces cost Minimizes opportunity for fraud Creates opportunity to align with ‘single window’ initiatives. Able to separate the message carrier (envelope) from the actual certificate information payload making it more flexible and modular – not hard coded together. Use of internet standard SSL certificates = lower cost for participating countries. Steering Group are continuing to analyze all issues associated with establishing a hub (single point), or point-to- point transmission of electronic phytosanitary certificate information. There are two components: The National system and the exchange system.

5. A National System basically needs the following functionality: 1.Produce phytosanitary certificates (ePhytos including encryption and/or paper) 2.Enter phytosanitary certificate data 3.Invoke the exchange system in order to achieve the communication. 4.Store phytosanitary certificate data 5.Receive ePhytos via the hub and decrypt 6.Read/view/print/produce pdf ePhytos A simple generic system is proposed that would be available to all NPPOs

6. An exchange method is only a way for transmit information from a NPPO to another NPPO. Two alternatives: Point to point transmission and Single point transmission (HUB) Point-to-point exchange is when the ePhyto exchange is directly between the exporting country and the importing country. Single point (HUB) exchange is the option when the ePhyto exchange between several exporting countries and several importing countries is through a single location

7. Hub Country B Country A Software to Software Country C Country D NPPO to NPPO ePhyto Certificate Information Exchange through the Hub.

8. Country B Country A Software to Software Country C Country D

9. Use of the hub is Voluntary. Some countries will choose to continue to use paper certificates for a long time. Some countries may prefer point to point transmission. Paper certificates will continue to be used – countries will agree bilaterally when to use only electronic exchange. Start using the hub when you are ready – 1 year, 5 years, 10 years... Security and confidentiality is paramount. ePhytos are encrypted for transmission and not opened by hub. Costs of maintaining the hub are carried by the users of the hub. Participating countries will require a National System to exchange ePhyto data with the Hub. The Hub will conduct verification on the transmitted ePhytos (envelopes only). The content verification is only accomplished through the “contract” that the participants of the hub must sign before they can participate on the HUB. This is, the HUB doesn't validate the ePhyto (message content) content.

10. Introduction In a secure electronic transmission the identity of the message sender must be ensured. In order to achieve this goal there are a lot of method to ensure the identity. For example, a login with user and password, a signature, etc.. Nowadays, NPPOs which already has implemented an electronic exchange are achieving the sender identity ensuring in different ways. To maintain the authentication in an abstract manner, an authentication server is proposed. It must provide a way to obtain credentials and a method to validate credentials. The method by the credential has been obtained is not important for the receiver (user/password, signature, etc.).

11. In order to ensure the sender identity, the importer NPPO, the exporter NPPO as well as the HUB must interact with the Authentication server. The following slides tries to explain the interaction between the exporter NPPO, the importer NPPO, the Authentication server and the HUB server.

12. Hub Server Exporter NPPO Importer NPPO Authentication Server 1. LoginWithXXX() 2. Exporter credential 3. receiveMessage (includes exporter credential) 4. Verify exporter credential 5. verifyCredential response 6. LoginWithXXX() 7. HUB credential 8. receiveMessage (includes HUB credential) 9. Verify HUB credential 10. verifyCredential response

13. To assist in the understanding of our Hub goal/objective we use pictures of the post office mail pathway with explanatory text to explain security and authentication steps: The following slides explain the functionality of the HUB service to achieve a completely secure transmission.