| Access Point | SMP | PEPPOL Directory | SML | OpenPEPPOL |
|---|
| Sending | Receiving | Server | Client |
|
|
|
|---|
| No later than T1 | - Must be able to validate MDNs signed with PKI v3.
| - MUST accept an incoming transaction signed with either PKI v2 or PKI v3.
|
| - Must accept responses signed with PKI v2 and v3
| - MUST accept SMP client certificates for both PKI v2 and v3.
| - MUST accept SMP client certificates for both PKI v2 and v3.
| Only After T1 only v3 certificates will be issued. |
|---|
| After C1 |
|
|
|
|
|
| All service providers should have a v3 certificate.
No certificates issued for PKI v2.
??Question PH: doesn't that also mean: every participant received a new v3 certificate? |
|---|
| No later than T2 | - MUST be able to sign transactions with PKI v3.
| - Must use PKI v3 to sign MDNs
| - MUST update AP configuration in SMP if PKI v3 is used.
- Provide PKI v3 SMP certificate to SML operator so they can update their entry.
- Update all SMP entries to use a PKI v3 AP certficate
| | | |
|
|---|
| After T2 | | - Disable support for receiving transactions signed with PKI v2.
| | | | - Disable support for SMP client PKI v2 certs.
|
|
|---|