[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ocpp] Groups - Request for Change - OCPP Security uploaded
Ah, I forgot to mention one very important thing:Currently, OCPP is missing a datastructure to transmit the information contained in the so-called CertificateInstallationRespons
e message, which the EVSE needs to send to the EV during the installation process of a contrac certificate.There is currently a working group headed by me which is working on a VDE Rules of Application document which defines the certificate handling of ISO 15118 for the "secondary actors“ (as the ISO 15118 calls them), so the CPOs (Charge Point Operators), OEMs and MOs (Mobility Operators) mainly. This will probably be available by the end of this year, at first in German and then (hopefully very fast) translated into English. This will be very helpful insight for the Security task group.Attached you find an XML-representation of an exemplary CertificateInstallationRes (will be part of the above mentioned document) which has the following elements in its body:- SAProvisioningCertificateChain : A certificate chain belonging to the so-called Certificate Provisioning Service which signs the contract certificate and key material (to be checked by the EV)- ContractSignatureCertChain: The contract certificate chain originated by the mobility operator who issues the contract certificate- ContractSignatureEncryptedPriv ateKey: The encrypted private key which belongs to the contract certificate (and with which the EV signs some messages)- DHpublicKey: The Diffie-Hellman public key parameter as part of the encryption/decryption process for the encrypted private key of the contract certificate- eMAID: The EMAID for the contract certificateWe need to make sure that these data elements can be transferred from the Central Server to the Charge Point with OCPP (including the header with its signatures).Am 08.11.2016 um 21:30 schrieb Robert de Leeuw <firstname.lastname@example.org>:Submitter's message
I have received an updated version of the Security RFC.
If you are participating in the Security call on Wednesday and haven't read the Security proposal, please take some to to browse through it.
Robert de Leeuw (IHomer)
-- Mr. Robert de Leeuw
Document Name: Request for Change - OCPP Security
This document describes a security specification for the OCPP protocol. The
OCPP protocol is used to connect Electric Vehicle Charge Points to the
Central System. The security specification was prepared by ENCS on request
of ElaadNL to support the further development and standardization of OCPP.
It is based amongst others on the end-to-end security design prepared for
Elaad by LaQuSo .
Download Latest Revision
Public Download Link
Submitter: Mr. Robert de Leeuw
Group: OASIS OCPP Electric Vehicle Charging Equipment Data Exchange TC
Date submitted: 2016-11-08 04:29:59