EANCOM® 2002 S4 - AUTACK, Examples

EANCOM^® 2002 S4	Part II
AUTACK	Secure authentication and acknowledgement message

6. Examples

The following examples will show how the message type AUTACK can be used in order to transport the digital signature and the information necessary for signature verification by the recipient. There are various scenarios and possibilities how to use the AUTACK in relation to the data to which security services were applied. The appropriate scenario depends on the technical and legal requirements.

Example 1

Two interchanges are transmitted. The first interchange contains the data secured, the second interchange contains the AUTACK message.

This example is recommended if

the data secured and the AUTACK do not use the same EDIFACT syntax version;
for technical or organisational reasons the data secured and the AUTACK are generated separately;
for legal reasons the data secured and the AUTACK must be generated and sent separately.

Structure:

UNB
	UNH
		message data
	UNT
UNZ

Interchange containing the data secured

UNB
	UNH
		AUTACK
	UNT
UNZ

Interchange containing the AUTACK message

EANCOM^® realisation:

message data:

UNA:+.? '	Service string advice, syntax 3
UNB+UNOA:3+5412345678908:14+8798765432106:14+20020102:1000+INT12345'	Interchange header of the syntax 3 interchange INT12345.
UNH+ME0001+INVOIC:D:96A:UN:EAN008'	Message header of an INVOIC message, the message number is ME0001
....
UNT+7+ME0001'	Message trailer
UNZ+1+12345'	Interchange trailer

security data:

UNA:+.?*'	Service string advice, syntax 4
UNB+UNOA:4+5412345678908:14+8798765432106:14+20020102:1015+INT12346’	Interchange header of the syntax 4 interchange INT12346.
UNH+AUT0001+AUTACK:4:1:UN:EAN001'	Message header of the service message AUTACK
USH+7+1+3+1+2+1++++1:20020102:100522:0100'	Security header, security service "non-repudiation of origin to a referenced EDIFACT structure" is applied, the security function applies to the whole referenced message or interchange, for filtering the signature a hexadecimal filter is used, the original character set encoding of the EDIFACT structure was ASCII 7 bit security time stamp is 2^nd January 2002, 10:05:22
USA+1:16:1:6:1:7:1'	The hash algorithm applied to the EDIFACT structure by the sender is SHA 1, the padding mechanism is specified in ISO 9796 # 2.
USC+AXZ4711+4::5412345000006:2+3’	The reference of the certificate issued by the trust centre identified with the GLN 5412345000006 is AXZ4711. The syntax of the certificate is X.509.
USA+6:16:1:10:1:7:1'	The algorithm used for generating the signature is RSA, the padding mechanism is specified in ISO 9796 # 2.
USB+1++5412345678908:14+8798765432106:14	The sender and recipient of the interchange in which the AUTACK is present are identified with the GLNs 5412345678908 and 8798765432106.
USX+INT12345+5412345678908:14+8798765432106:14++++ ME0001'	The referenced message ME 0001 to which security functions were applied is within interchange INT12345. The sender and recipient of the interchange in which the referenced message is present are identified with the GLNs 5412345678908 and 8798765432106.
USY+1+1:139B7CB.......7C72B03CE5F'	The digital signature is 139B7CB.......7C72B03CE5F.
UST+1+5'	The number of security segments in the segment groups 1, 2 and 4 equals 5.
UNT+10+ AUT0001'	Message trailer, the total number of segments equals 10.
UNZ+1+INT12346’	Interchange trailer

Example 2

Two interchanges are transmitted. The first interchange contains three messages to be secured, the second interchange contains the AUTACK message.

This example is recommended if

the data secured and the AUTACK do not use the same EDIFACT syntax version;
for technical or organisational reasons the data secured and the AUTACK are generated separately;
for legal reasons the data secured and the AUTACK must be generated and sent separately;
several messages in one interchange should be signed at once.

Structure:

UNB
	UNH
		message data
	UNT
	UNH
		message data
	UNT
	UNH
		message data
	UNT
UNZ

Interchange containing the data secured

UNB
	UNH
		AUTACK
	UNT
UNZ

Interchange containing the AUTACK message

EANCOM^® realisation:

message data:

UNA:+.? '	Service string advice, syntax 3
UNB+UNOA:3+5412345678908:14+8798765432106:14+20020102:1000+12345'	Interchange header of the syntax 3 interchange INT12345.
UNH+ME0001+INVOIC:D:96A:UN:EAN008'	Message header of the first INVOIC message, the message number is ME0001.
....
UNT+7+ME0001'	Message trailer of the first message
UNH+ME0002+INVOIC:D:96A:UN:EAN008'	Message header of the second INVOIC message, the message number is ME0002.
....
UNT+7+ME0002'	Message trailer of the second message
UNH+ME0003+INVOIC:D:96A:UN:EAN008'	Message header of the third INVOIC message, the message number is ME0003.
....
UNT+7+ME0003'	Message trailer of the third message
UNZ+3+12345'	Interchange trailer

security data:

UNA:+.?*'	Service string advice, syntax 4
UNB+UNOA:4+5412345678908:14+8798765432106:14+20020102:1002+12346’	Interchange header of the syntax 4 interchange INT12346.
UNH+AUT0001+AUTACK:4:1:UN:EAN001'	Message header of the service message AUTACK
USH+7+1+3+1+2+1++++1:20020102:100522:0100'	Security header, security service "non-repudiation of origin to a referenced EDIFACT structure" is applied, the security function applies to the whole referenced message or interchange, for filtering the signature a hexadecimal filter is used, the original character set encoding of the EDIFACT structure was ASCII 7 bit security time stamp is 2^nd January 2002, 10:05:22
USA+1:16:1:6:1:7:1'	The hash algorithm applied to the EDIFACT structure by the sender is SHA 1, the padding mechanism is specified in ISO 9796 # 2.
USC+AXZ4711+4::541234500006:2+3'	The reference to the certificate issued by the trust centre identified with the GLN 5412345000006 is AXZ4711. The syntax of the certificate is X.509.
USA+6:16:1:10:1:7:1'	The algorithm used for generating the signature is RSA, the padding mechanism is specified in ISO 9796 # 2.
USB+1++5412345678908:14+8798765432106:14'	The sender and recipient of the interchange in which the AUTACK is present are identified with the GLNs 5412345678908 and 8798765432106.
USX+INT12435+5412345678908:14+8798765432106:14'	The referenced messages to which security functions were applied are within interchange INT12345. The sender and recipient of the referenced interchange are identified with the GLNs 5412345678908 and 8798765432106.
USY+1+1:139B7CB..........7C72B03CE5F'	The digital signature is 139B7CB.......7C72B03CE5F.
UST+1+5'	The number of security segments in the segment groups 1, 2 and 4 equals 5.
UNT+10+AUT0001'	Message trailer, the total number of segments equals 10.
UNZ+1+12346'	Interchange trailer

Example 3

Two interchanges are transmitted. The first interchange contains three messages to be secured, the second interchange contains the AUTACK message. In order to transmit the digital signature for every single message, segment group 3 of the AUTACK message is repeated three times.

This example is recommended if

the data secured and the AUTACK do not use the same EDIFACT syntax version;
for technical or organisational reasons the data secured and the AUTACK are generated separately;
for legal reasons the data secured and the AUTACK must be generated and sent separately;
every single message in one interchange should be signed separately (e.g., for legal reasons).

Structure:

UNB
	UNH
		message data
	UNT
	UNH
		message data
	UNT
	UNH
		message data
	UNT
UNZ

Interchange containing the data secured

UNB
	UNH
		AUTACK SG 3
		AUTACK SG 3
		AUTACK SG 3
	UNT
UNZ

Interchange containing the AUTACK message

EANCOM^® realisation:

message data:

UNA:+.? '	Service string advice, syntax 3
UNB+UNOA:3+5412345678908:14+8798765432106:14+20020102:1000+12345'	Interchange header of the syntax 3 interchange INT12345.
UNH+ME0001+INVOIC:D:96A:UN:EAN008'	Message header of the first INVOIC message, the message number is ME0001.
....
UNT+7+ME0001'	Message trailer of the first message
UNH+ME0002+INVOIC:D:96A:UN EAN008'	Message header of the second INVOIC message, the message number is ME0002.
....
UNT+7+ME0002'	Message trailer of the second message
UNH+ME0003+INVOIC:D:96A:UN EAN008'	Message header of the third INVOIC message, the message number is ME0003.
....
UNT+7+ME0003'	Message trailer of the third message
UNZ+3+12345'	Interchange trailer

security data:

UNA:+.?*'	Service string advice, syntax 4
UNB+UNOC:4+5412345678908:14+8798765432106:14+20020102:1002+12346’	Interchange header of the syntax 4 interchange INT12346.
UNH+AUT0001+AUTACK:4:1:UN:EAN001'	Message header of the service message AUTACK
USH+7+1+3+1+2+1++++1:20020102:100522:0100'	Security header, security service "non-repudiation of origin to a referenced EDIFACT structure" is applied, the security function applies to the whole referenced message or interchange, for filtering the signature a hexadecimal filter is used, the original character set encoding of the EDIFACT structure was ASCII 7 bit security time stamp is 2^nd January 2002, 10:05:22
USA+1:16:1:6:1:7:1'	The hash algorithm applied to the EDIFACT structure by the sender is SHA 1, the padding mechanism is specified in ISO 9796 # 2.
USC+AXZ4711+4::541234500006:2+3'	The reference to the certificate issued by the trust centre identified with the GLN 5412345000006 is AXZ4711. The syntax of the certificate is X.509.
USA+6:16:1:10:1:7:1'	The algorithm used for generating the signature is RSA, the padding mechanism is specified in ISO 9796 # 2.
USB+1++5412345678908:14+8798765432106:14'	The sender and recipient of the interchange in which the AUTACK is present are identified with the GLNs 5412345678908 and 8798765432106.
USX+INT12435+5412345678908:14+8798765432106:14++++ME0001'	The first referenced message ME0001 to which security functions were applied is within interchange INT12345. The sender and recipient of the interchange in which the referenced message is present are identified with the GLNs 5412345678908 and 8798765432106.
USY+1+1:139B7CB7........C72B03CE5F'	The digital signature of the first message is 139B7CB.......7C72B03CE5F.
USX+INT12435+5412345678908:14+8798765432106:14++++ME0002'	The second referenced message ME0002 to which security functions were applied is within interchange INT12345. The sender and recipient of the interchange in which the referenced message is present are identified with the GLNs 5412345678908 and 8798765432106.
USY+1+1:145D8BB........2B69B38DC6A'	The digital signature of the second message is 145D8BB........2B69B38DC6A.
USX+INT12435+5412345678908:14+8798765432106:14++++ME0003'	The third referenced message ME0003 to which security functions were applied is within interchange INT12345. The sender and recipient of the interchange in which the referenced message is present are identified with the GLNs 5412345678908 and 8798765432106.
USY+1+1:186A3DC........4C54B59CE4E'	The digital signature of the third message is 186A3DC........4C54B59CE4E.
UST+1+5'	The number of security segments in the segment groups 1, 2 and 4 equals 5.
UNT+14+AUT0001'	Message trailer, the total number of segments equals 14.
UNZ+1+123456'	Interchange trailer

Example 4

Message data and AUTACK are transmitted in one interchange. The interchange contains one AUTACK message and one message to be secured.

This example is recommended if

the data secured and the AUTACK both use EDIFACT syntax version 4;
for technical or organisational reasons the data secured and the AUTACK must be sent together;
for legal reasons the data secured and the AUTACK must be generated and sent in one interchange.

The advantage of this scenario is that the signature can be verified directly, because the message and the signature information do not need to be matched by the recipient.

Structure:

UNB
	UNH
		message data
	UNT
	UNH
		AUTACK
	UNT
UNZ

EANCOM^® realisation:

UNA:+.?*'	Service string advice, syntax 4
UNB+UNOC:4+5412345678908:14+8798765432106:14+20020102:1015+12346’	Interchange header of the syntax 4 interchange INT12346.
UNH+ME0001+INVOIC:D:01B:UN:EAN010'	Message header of the an INVOIC message, the message number is ME0001.
....
UNT+7+ME0001'	Message trailer of the INVOIC message
UNH+AUT0001+AUTACK:4:1:UN.EAN001'	Message header of the service message AUTACK
USH+7+1+3+1+2+1++++1:20020102:100522:0100'	Security header, security service "non-repudiation of origin to a referenced EDIFACT structure" is applied, the security function applies to the whole referenced message or interchange, for filtering the signature a hexadecimal filter is used, the original character set encoding of the EDIFACT structure was ASCII 7 bit security time stamp is 2^nd January 2002, 10:05:22
USA+1:16:1:6:1:7:1'	The hash algorithm applied to the EDIFACT structure by the sender is SHA 1, the padding mechanism is specified in ISO 9796 # 2.
USC+AXZ4711+4::541234500006:2+3'	The reference to the certificate issued by the trust centre identified with the GLN 5412345000006 is AXZ4711. The syntax of the certificate is X.509.
USA+6:16:1:10:1:7:1'	The algorithm used for generating the signature is RSA, the padding mechanism is specified in ISO 9796 # 2.
USB+1++5412345678908:14+8798765432106:14'	The sender and recipient of the interchange in which the AUTACK is present are identified with the GLNs 5412345678908 and 8798765432106.
USX+INT12436+5412345678908:14+8798765432106:14++++ME0001'	The referenced message ME0001 to which security functions were applied is within interchange INT12345. The sender and recipient of the interchange in which the referenced message is present are identified with the GLNs 5412345678908 and 8798765432106.
USY+1+1:139B7CB.....7C72B03CE5F'	The digital signature is 139B7CB.......7C72B03CE5F.
UST+1+5'	The number of security segments in the segment groups 1, 2 and 4 equals 5.
UNT+10+AUT0001'	Message trailer, the total number of segments equals 10.
UNZ+2+12346'	Interchange trailer

Example 5

Message data and AUTACK are transmitted in one interchange. The interchange contains two groups of messages. The first group contains the data to be secured, the second group contains the AUTACK message. The security function applies to the group of messages.

This example is recommended if

the data secured and the AUTACK both use EDIFACT syntax version 4;
for technical or organisational reasons the data secured and the AUTACK must be sent together;
for legal reasons the data secured and the AUTACK must be generated and sent in one interchange;
several messages in one interchange should be signed at once.

The advantage of this scenario is, that the signature can be verified directly, because the message and the signature information do not need to be matched by the recipient.

Structure:

UNB
	UNG
		UNH
			message data
		UNT
		UNH
			message data
		UNT
		UNH
			message data
		UNT
	UNE
	UNG
		UNH
			AUTACK
		UNT
	UNE
UNZ

EANCOM^® realisation:

UNA:+.?*'	Service string advice, syntax 4
UNB+UNOC:4+5412345678908:14+8798765432106:14+20020102:1015+12346’	Interchange header of the syntax 4 interchange INT12346.
UNG+INVOIC+5412345678908:14+8798765432106:14+20020102:1015+GRP0001+ UN+D:01B:EAN010'	Message group header of the message group GRP0001, containing INVOIC messages
UNH+ME0001+INVOIC:D:01B:UN:EAN010'	Message header of the first INVOIC message, the message number is ME0001.
....
UNT+7+ME0001'	Message trailer of the first message
UNH+ME0002+INVOIC:D:01B:UN:EAN010'	Message header of the second INVOIC message, the message number is ME0002.
....
UNT+7+ME0002'	Message trailer of the second message
UNH+ME0003+INVOIC:D:01B:UN:EAN010'	Message header of the third INVOIC message, the message number is ME0003.
....
UNT+7+ME0003'	Message trailer of the third message
UNE+3+GRP0001'	Message group trailer of the first group
UNG+AUTACK+5412345678908:14+8798765432106:14+20020102:1015+GRP0002+ UN+4:1:EAN001'	Message group header of the message group GRP0002, containing the AUTACK message
UNH+AUT0001+AUTACK:4:1:UN:EAN001'	Message header of the service message AUTACK
USH+7+1+3+1+2+1++++1:20020102:100522:0100'	Security header, security service "non-repudiation of origin to a referenced EDIFACT structure" is applied, the security function applies to the whole referenced message or interchange, for filtering the signature a hexadecimal filter is used, the original character set encoding of the EDIFACT structure was ASCII 7 bit security time stamp is 2^nd January 2002, 10:05:22
USA+1:16:1:6:1:7:1'	The hash algorithm applied to the EDIFACT structure by the sender is SHA 1, the padding mechanism is specified in ISO 9796 # 2.
USC+AXZ4711+4::541234500006:2+3'	The reference to the certificate issued by the trust centre identified with the GLN 5412345000006 is AXZ4711. The syntax of the certificate is X.509.
USA+6:16:1:10:1:7:1'	The algorithm used for generating the signature is RSA, the padding mechanism is specified in ISO 9796 # 2.
USB+1++5412345678908:14+8798765432106:14'	The sender and recipient of the interchange in which the AUTACK is present are identified with the GLNs 5412345678908 and 8798765432106.
USX+INT12436+5412345678908:14+8798765432106:14+GRP0001'	The referenced group of messages GRP0001 to which security functions were applied is within interchange INT12346. The sender and recipient of the interchange in which the referenced group is present are identified with the GLNs 5412345678908 and 8798765432106.
USY+1+1:139B7CB7.......C72B03CE5F'	The digital signature of the group of messages is 139B7CB.......7C72B03CE5F.
UST+1+5'	The number of security segments in the segment groups 1, 2 and 4 equals 5.
UNT+10+AUT0001'	Message trailer, the total number of segments equals 10.
UNE+1+GRP0002'	Message group trailer of the second group
UNZ+4+12346'	Interchange trailer

Example 6

Message data and AUTACK are transmitted in one interchange. The interchange contains one AUTACK message and three messages to be secured. Within the AUTACK (repetition of SG 3) the signature information on every single message is transmitted.

This example is recommended if

the data secured and the AUTACK both use EDIFACT syntax version 4;
for technical or organisational reasons the data secured and the AUTACK must be sent together;
for legal reasons the data secured and the AUTACK must be generated and sent in one interchange;
every single message in one interchange should to be signed separately (e.g. for legal reasons).

The advantage of this scenario is that the signature can be verified directly and the message and the signature information do not need to be matched by the recipient.

Structure:

UNB
	UNH
		message data
	UNT
	UNH
		message data
	UNT
	UNH
		message data
	UNT
	UNH
		AUTACK SG 3
		AUTACK SG 3
		AUTACK SG 3
	UNT
UNZ

EANCOM^® realisation:

UNA:+.?*'	Service string advice, syntax 4
UNB+UNOC:4+5412345678908:14+8798765432106:14+20020102:1015+12346’	Interchange header of the syntax 4 interchange INT12346.
UNH+ME0001+INVOIC:D:01B:UN:EAN010'	Message header of the first INVOIC message, the message number is ME0001.
....
UNT+7+ME0001'	Message trailer of the first message
UNH+ME0002+INVOIC:D:01B:UN:EAN010'	Message header of the second INVOIC message, the message number is ME0002.
....
UNT+7+ME0002'	Message trailer of the second message
UNH+ME0003+INVOIC:D:01B:UN:EAN010'	Message header of the third INVOIC message, the message number is ME0003.
....
UNT+7+ME0003'	Message trailer of the third message
UNH+AUT0001+AUTACK:4:1:UN:EAN001'	Message header of the service message AUTACK
USH+7+1+3+1+2+1++++1:20020102:100522:0100'	Security header, security service "non-repudiation of origin to a referenced EDIFACT structure" is applied, the security function applies to the whole referenced message or interchange, for filtering the signature a hexadecimal filter is used, the original character set encoding of the EDIFACT structure was ASCII 7 bit security time stamp is 2^nd January 2002, 10:05:22
USA+1:16:1:6:1:7:1'	The hash algorithm applied to the EDIFACT structure by the sender is SHA 1, the padding mechanism is specified in ISO 9796 # 2.
USC+AXZ4711+4::541234500006:2+3'	The reference to the certificate issued by the trust centre identified with the GLN 5412345000006 is AXZ4711. The syntax of the certificate is X.509.
USA+6:16:1:10:1:7:1'	The algorithm used for generating the signature is RSA, the padding mechanism is specified in ISO 9796 # 2.
USB+1++5412345678908:14+8798765432106:14'	The sender and recipient of the interchange in which the AUTACK is present are identified with the GLNs 5412345678908 and 8798765432106.
USX+INT12436+5412345678908:14+8798765432106:14++++ME0001'	The first referenced message ME0001 to which security functions were applied is within interchange INT12346. The sender and recipient of the interchange in which the referenced message is present are identified with the GLNs 5412345678908 and 8798765432106.
USY+1+1:139B7CB7........C72B03CE5F'	The digital signature of the first message is 139B7CB.......7C72B03CE5F.
USX+INT12436+5412345678908:14+8798765432106:14++++ME0002'	The second referenced message ME0002 to which security functions were applied is within interchange INT12346. The sender and recipient of the interchange in which the referenced message is present are identified with the GLNs 5412345678908 and 8798765432106.
USY+1+1:145D8BB........2B69B38DC6A'	The digital signature of the second message is 145D8BB........2B69B38DC6A.
USX+INT12436+5412345678908:14+8798765432106:14++++ME0003'	The third referenced message ME0003 to which security functions were applied is within interchange INT12346. The sender and recipient of the interchange in which the referenced message is present are identified with the GLNs 5412345678908 and 8798765432106.
USY+1+1:186A3DC........4C54B59CE4E'	The digital signature of the third message is 186A3DC........4C54B59CE4E.
UST+1+5'	The number of security segments in the segment groups 1, 2 and 4 equals 5.
UNT+14+AUT0001'	Message trailer, the total number of segments equals 14.
UNZ+4+12346'	Interchange trailer

Note:
The EDI interchange will include the UNB..UNZ segments and, if applicable, the UNG..UNE segments. (See part 1 section 5.7).

Edition 2016