KEYMAN Security key and certificate management

Syntax Development Group (SDG)

KEYMAN is a message providing for security key and certificate management. A key may be a secret key used with symmetric algorithms, or a public or private key used with asymmetric algorithms.

Header

Position
Segment
Name
Max use
  1. To head, identify and specify a message.

    1. Data element S009/0057 is retained for upward compatibility. The use of
    S016 and/or S017 is encouraged in preference.
    2. The combination of the values carried in data elements 0062 and S009 shall
    be used to identify uniquely the message within its group (if used) or if
    not used, within its interchange, for the purpose of acknowledgement.
  2. Segment group 1
    Repeat 999
    1. To specify the relation to earlier security messages, such as response to a particular request, or request for a particular answer.

    2. To refer to the secured EDIFACT structure and its associated date and time.

      1. D5(050, 040) If first, then all
      2. D1(070, 090) One and only one
      3. D5(060, 040) If first, then all
      4. D5(080, 070) If first, then all
    3. Segment group 2
      Repeat 9
      1. To specify the type of key management function and the status of a corresponding key or certificate.

      2. To identify a security algorithm, the technical usage made of it, and to contain the technical parameters required.

      3. Segment group 3
        Repeat 1
        1. To convey the public key and the credentials of its owner.

        2. To identify a security algorithm, the technical usage made of it, and to contain the technical parameters required.

        3. To contain the result of the security mechanisms.

          1. S508, two occurrences shall be used in the case of signature algorithms
          requiring two parameters to express the result.
          In the case of an RSA signature, only one occurrence of S508 shall be
          used.
          In the case of a DSA signature two occurrences of S508 shall be used.
  3. Segment group 4
    Repeat 99
    1. To specify the status of security objects, such as keys or certificates to be delivered in a list, and the corresponding list parameters.

    2. Segment group 5
      Repeat 9999
      1. To convey the public key and the credentials of its owner.

      2. To identify a security algorithm, the technical usage made of it, and to contain the technical parameters required.

      3. To contain the result of the security mechanisms.

        1. S508, two occurrences shall be used in the case of signature algorithms
        requiring two parameters to express the result.
        In the case of an RSA signature, only one occurrence of S508 shall be
        used.
        In the case of a DSA signature two occurrences of S508 shall be used.
  4. To end and check the completeness of a message.

Stedi is a registered trademark of Stedi, Inc. Stedi's EDI Reference is provided for marketing purposes and is free of charge. All names, logos, and brands of third parties listed on our site are trademarks of their respective owners (including “X12”, which is a trademark of X12 Incorporated). Stedi, Inc. and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.