PowerPoint-presentatie
Download
Report
Transcript PowerPoint-presentatie
CEN/WS XBRL: Improving transparency in
financial and business reporting
CWA2 Situation & latest evolutions
Present situation
Emile Bartolé
1
CWA2
Objectives of CWA2
Dual objective of CWA2: standardize
The way of submitting instances, a container with standardized
Encryption
Digital signature
Compression
…
The way of transmitting the usual metadata that determine the
context of an xbrl reporting instance
the sender of the document
contact details
date and time of submission
…
Page 2
CWA2
Submission container
Feedback containers
Standards used: Compression & Hash
Zip as defined in
http://www.pkware.com/documents/casestudies/APPNOTE.TXT
SHA256 as defined in
http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf
Standards used: Digital signature
The file structure generated by the signature SHALL be XAdES-BES/EPES
http://uri.etsi.org/01903/v1.4.1/
using RSA with SHA512
http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
implemented in accordance with
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2011:053:0066:0072:EN:PDF
Standards used: Encryption
W3C Encryption
http://www.w3.org/TR/xmlenc-core/
using key transport RSA-OAEP
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
and encrypting data with AES256.
http://www.w3.org/2001/04/xmlenc#aes256-cbc
Requirements input
EBA
Easy to use, minimal model (1 instance per container)
Senders identified in transport system, only encryption
required (no digital signatures)
Known people from NSAs, no need to identify them
explicitely in a header
EIOPA
Minimal structural header
Extensibility of header for content-based fields
Reserved extended suffix
.signed.xml
exclusively reserved for signed files
.encrypted.xml
exclusively reserved for encrypted files
File name change upon signature
File to sign
Name of the signed file
Filename inside the XML signature
file
Lol
Lol.signed.xml
Same as « File to sign »
Lol.pdf
Lol.signed.xml
Same as « File to sign »
Lol.zip
Lol.signed.xml
Same as « File to sign »
Lol.signed.xml
Lol.signed.xml
Same as « File to sign »
Lol.encrypted.xml
Lol.signed.xml
Same as « File to sign »
header.xml
file1.xbrl
file2.xbrl
file3.xbrl
Compress
Container
creation
example
Container.zip
Sign with a first signature and replace extension
Container.signed.xml
Filename in XML: Container.zip
Sign with a second signature and replace extension
Container.signed.xml
Filename in XML: Container.signed.xml
Encrypt and replace extension
Container.encrypted.xml
Filename in XML: Container.signed.xml
Container
reception
example
Container.encrypted.xml
Filename in XML: Container.signed.xml
Decrypt and extract file
Container.signed.xml
Filename in XML: Container.signed.xml
Validate first signature and extract file
Container.signed.xml
Filename in XML: Container.zip
Validate second signature and extract file
Container.zip
Uncompress
header.xml
file1.encrypted.xml
file2.signed.xml
file3.xbrl
header.xml
container.zip
file1.signed.xml
file2.xbrl
file3.xbrl
container.zip
header.xml
file1.xbrl
file2.xbrl
file3.xbrl
container.zip
Exchange files
Header file - characteristics of the data files in the submission (caution:
deprecated, not yet extensible version!)
http://www.eurofiling.info/eu/fr/esrs/header
Container feedback files - confirming (or not) the success of the
reception of a submission container
http://www.eurofiling.info/eu/fr/esrs/ContainerFeedback
Instance feedback files - Result of the (XBRL-)validation of every
submitted data file
http://www.eurofiling.info/eu/fr/esrs/InstanceFeedback
Exchange model
Sender
Receiver
signed
(optional)
Subnission container
encrypted
(optional)
Feedback container
Containerfeedback file
Rest of the Feedback container
encrypted
(optional)
signed
(optional)
2-level support: Forwarding
Submission container 1
header.xml
nationalinstance1.xbrl
nationalinstance2.xbrl
Submission container 2
Submission container 2
Reporting
Entity
Response Container 1
Response Container 2
National
Supervision
Authority
European
Supervision
Authority
2-level support: Repackaging
Reporting
Entity
Reporting entity submission
NSA submission
header.xml
re1.xbrl
re2.xbrl
…
…
…
ren.xbrl
header.xml
re1.xbrl
re2.xbrl
…
…
…
ren.xbrl
Response RE
Response NSA
National
Supervision
Authority
European
Supervision
Authority
2-level support: Regeneration
Reporting entity submission
header.xml
re1.xbrl
re2.xbrl
…
…
…
ren.xbrl
Reporting
Entity
NSA submission
header.xml
nsa1.xbrl
nsa2.xbrl
…
nsan.xbrl
Response RE
Response NSA
National
Supervision
Authority
European
Supervision
Authority
Extensible Header
ExtendedHeader
BasicHeader
RegisteredOrganizationVocabulary
OtherModule(s)
Use-cases provided by CWA2
Use-case
Characteristics
BasicHeaderOnly
This header imports the BasicHeader « as is », makes no extensions of it and does not
import the RegisteredOrganizationVocabulary as it uses none of its fields.
Namespace: http://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnly
XSD URL: http://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnly.xsd
XML sample instance URL: http://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnly.xml
StandardHeader
WithRegOrg
This header structure reflects the survey made within the Eurofiling BestPractices efforts which
had given the results documented in
http://www.wikixbrl.info/index.php?title=Best_Practices_on_Common_European_Reporting_Structures
All fields related to « Transport » issues have been removed as these are out of scope of this CWA.
Namespace: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrg
XSD URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrg.xsd
XML sample instance URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrg.xml
StandardHeader
WithoutRegOrg
This header is (with regards to its function and its content) equivalent to the previous
“StandardHeaderWithRegOrg”, but it does not import RegOrg and creates the missing fields as equivalent
simple XML fields
Namespace: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrg
XSD URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrg.xsd
Sample instance URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrg.xml
NSA / ESA
requiring
something else
Extend it according to your own needs !
Thanks for your attention
[email protected]
Comments or questions?
Page 20
CWA2