on 02-20-2007 4:16 PM
Hi there,
this it not (yet) about the actual implementation. It's more of a logical problem that I'm facing.
There are two partners A and B. A is sending an EDIFACT document which is digitally signed to B.
B has a XI instance that is converting all incoming messages into IDocs, in this particular case INVOIC. This IDoc is received by the R/3 system.
All invoices must be archived due to an eventual tax inspection.
In order to fulfill the security requirements all archived data must be digitally signed.
So far so good.
I guess I'm not allowed to sign my invoices with my own private key due to the fact that i could alter the containing data and sign it again.
It's obvious that I cant apply the digital signature from the EDIFACT message to my IDoc because the data has changed and therefore the signature is invalid.
The only solution to this problem, that I can imagine, is to archive EDIFACT alongside IDoc.
Have you experienced a similar problem or do you have any other idea in order to solve this issue?
I hope my problem is well defined.
Any comment is appreciated.
Thanks in advance
Bastian Stratmann
Hi Bastian,
it is not possible to separate the signature from the document signed.
The system A generates and EDIFACT message -> A has the responsibility on this message and so A sign it.
XI manipulate the message received from A, that means XI generates a new message. -> XI has the responsibility on it, so if you want a signature this should be generated by XI.
As the IDoc was generated by XI it cannot be signed by A (neither technically nor logically) because A has no responsibility on it.
XI <b>is</b> altering the message so XI is responsible for it.
In this case you have to store both the EDIFACT message and the IDOC and maybe sign this new document (EDIFACT+IDOC) with XI signature .
Kind Regards,
Sergio
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Sergio,
thanks for your reply.
It pretty much solved my problem.
Regards
Bastian
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.