KEYMAN Security key and certificate management

Syntax Development Group (SDG)

KEYMAN is a message providing for security key and certificate management. A key may be a secret key used with symmetric algorithms, or a public or private key used with asymmetric algorithms.

Header

1. 0010 · UNH · Message header · Max 1 · Mandatory

   To head, identify and specify a message.

2. Segment group 1 Repeat 999

   1. 0030 · USE · Security message relation · Max 1 · Mandatory

      To specify the relation to earlier security messages, such as response to a particular request, or request for a particular answer.

   2. 0040 · USX · Security references · Max 1 · Conditional

      To refer to the secured EDIFACT structure and its associated date and time.

   3. Segment group 2 Repeat 9

      1. 0060 · USF · Key management function · Max 1 · Mandatory

         To specify the type of key management function and the status of a corresponding key or certificate.

      2. 0070 · USA · Security algorithm · Max 1 · Conditional

         To identify a security algorithm, the technical usage made of it, and to contain the technical parameters required.

      3. Segment group 3 Repeat 1

         1. 0090 · USC · Certificate · Max 1 · Mandatory

            To convey the public key and the credentials of its owner.

         2. 0100 · USA · Security algorithm · Max 3 · Conditional

            To identify a security algorithm, the technical usage made of it, and to contain the technical parameters required.

         3. 0110 · USR · Security result · Max 1 · Conditional

            To contain the result of the security mechanisms.

3. Segment group 4 Repeat 99

   1. 0130 · USL · Security list status · Max 1 · Mandatory

      To specify the status of security objects, such as keys or certificates to be delivered in a list, and the corresponding list parameters.

   2. Segment group 5 Repeat 9999

      1. 0150 · USC · Certificate · Max 1 · Mandatory

         To convey the public key and the credentials of its owner.

      2. 0160 · USA · Security algorithm · Max 3 · Conditional

         To identify a security algorithm, the technical usage made of it, and to contain the technical parameters required.

      3. 0170 · USR · Security result · Max 1 · Conditional

         To contain the result of the security mechanisms.

4. 0180 · UNT · Message trailer · Max 1 · Mandatory

   To end and check the completeness of a message.