Technical Specifications for Electronic Reports Submitted to or Filed via Eesti Pank
 Format of reports - Description of the report message
- XML-schemas
- Securing data transfer
- Securing with OpenPGP
- Securing with DigiDoc
- Key Management (OpenPGP)
- Key Management (DigiDoc)
- Transmission of report messages
- Responses of the report messages processing application
- Transmission of warnings to reporting entities
Format of reports
Reports submitted to Eesti Pank (EP) or to the Financial Supervision Authority (FSA) are formatted as XML-documents the structure and contents are determined by the XML-schemas at
http://www.fi.ee/schemas (see also http://www.w3.org/XML/Schema).
Description of the report message
The report and related descriptive info (so-called header) which has the following structure:
<message>
<message_header>
...
</message_header>
<report>
...
</report>
</message>
Message Header
| Element |
XML element |
Mandatory |
| Message header |
message_header |
Yes |
| Reporting entity's code |
from |
Yes |
| Message creation date |
date |
Yes |
| Sender's name |
sender |
Yes |
| Sender's e-mail |
send_mail |
Yes |
| Sender's telephone |
send_phone |
No |
| Comment |
comment |
No |
| Request to confirm the receipt of message |
require_receipt |
No |
Example:
<message_header>
<from>765</from>
<date>2001-10-10T11:20:23</date>
<sender>Jaan Kask</sender>
<send_mail>jaan.kask@maapank.ee</send_mail>
<send_phone>6666666</send_phone>
<require_receipt>yes</require_receipt>
</message_header>
Report
<report>
<report_header>
...
</report_header>
<row>
...
</row>
...
<row>
...
</row>
</report>
Report header
| Element |
XML element |
Mandatory |
| Report header |
report_header |
Yes |
| Report code |
typeid |
Yes |
| Report date |
timeid |
Yes |
| Report compiler's name |
compiler |
Yes |
| Report compiler's e-mail |
comp_mail |
Yes |
| Report compiler's telephone |
comp_phone |
Yes |
Example:
<report_header>
<typeid>162</typeid>
<timeid>2001-09-30</timeid>
<compiler>Jelizaveta Ivanova</compiler>
<comp_mail>liza@maapank.ee</comp_mail>
<comp_phone>7777777</comp_phone>
</report_header>
Report row
| Element |
XML element |
Mandatory |
| Report row |
row |
Yes |
| Row 1 element |
According to the report schema |
Yes |
| Row 2 element |
According to the report schema |
Yes |
| ... |
... |
... |
Example:
<row>
<pangakaart_liik_1>3</pangakaart_liik_1>
<pangakaart_liik_2>5</pangakaart_liik_2>
<kasutussagedus>1</kasutussagedus>
<pangakaartide_arv>39739</pangakaartide_arv>
</row>
Example of an entire report message
<?xml version="1.0" encoding="ISO-8859-1"?>
<message xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="./x_aruanne162.xsd">
<message_header>
<from>765</from>
<date>2001-10-10T11:20:23</date>
<sender>Jaan Kask</sender>
<send_mail>jaan.kask@maapank.ee</send_mail>
<send_phone>6666666</send_phone>
<require_receipt>yes</require_receipt>
</message_header>
<report>
<report_header>
<typeid>162</typeid>
<timeid>2001-09-30</timeid>
<compiler>Jelizaveta Ivanova</compiler>
<comp_mail>liza@maapank.ee</comp_mail>
<comp_phone>7777777</comp_phone>
</report_header>
<row>
<pangakaart_liik_1>2</pangakaart_liik_1>
<pangakaart_liik_2>1</pangakaart_liik_2>
<kasutussagedus>2</kasutussagedus>
<pangakaartide_arv>1520</pangakaartide_arv>
</row>
<row>
<pangakaart_liik_1>1</pangakaart_liik_1>
<pangakaart_liik_2>1</pangakaart_liik_2>
<kasutussagedus>2</kasutussagedus>
<pangakaartide_arv>1231</pangakaartide_arv>
</row>
<row>
<pangakaart_liik_1>1</pangakaart_liik_1>
<pangakaart_liik_2>3</pangakaart_liik_2>
<kasutussagedus>2</kasutussagedus>
<pangakaartide_arv>567</pangakaartide_arv>
</row>
</report>
</message>
XML-schemas
The general structure of all report messages is described by the XML schema 'x_headers.xsd' and every report is also described by a corresponding XML schema. The
corresponding schema is the formal presentation of the legal instrument that establishes the report. Since schemas may be changed over time (for example, when a report is supplemented, errors
in a schema corrected, or a schema specified, etc.), each schema has a version number.
In order to find the proper report schema, you should use the XML document 'skeemid xml', which contains information about the value date, version and file name of schemas. The info is
presented by schema codes. In order to find a schema file, you should find the version number and file name using the report code and report value date (which has to be within <from> and <to>). The address referring to the schema is
http://www.fi.ee/schemas/[version]/[file], where [ ] shows the value of the respective element. For example, the address referring to the balance sheet schema may be in the form of
http://www.fi.ee/schemas/1.4/x_aruanne21.xsd.
The XML schema is the basis for establishing whether the report message is formally correct. A report will be considered to be formally correct if it complies with a valid XML schema.
Securing data transfer
A report message has to be signed and encrypted. Otherwise it will not be accepted for processing the report included in the message. Report messages are secured with the help of public-key algorithms, which are realized by applications (such as PGP, GnuPG, DigiDoc Client) supporting platforms OpenPGP
(http://www.ietf.org/rfc/rfc4880.txt) or DigiDoc (http://www.sk.ee/digidoc).
Securing with OpenPGP
Type of the encryption and signing key : RSA
Minimum length of the public side of the key pair: 1024 bits
Encryption algorithms: IDEA, 3DES, CAST5
Hash function: MD5*, SHA1*, SHA256
Compression algorithm: -, ZIP
* - not recommended (not the best security, possibility of legal problems)
The public OpenPGP key: "EPSTAT;ARUANDLUS;Peeter Liik;19.09.2011 <peeter.liik(at)eestipank.ee>"
Key ID: 0xC546DBD5
Fingerprint: FE29 556C EAB1 C8EA 2156 A63D 42E2 84E9
The key is located at: www.fi.ee/schemas/epstat2011.asc
The public key was renewed on 19/09/2011!
The public OpenPGP key: "EPSTAT;ARUANDLUS;Peeter Liik;19.09.2013 <peeter.liik(ät)eestipank.ee>"
Key ID: 0xF012FFAF
Fingerprint: 2475 8943 C1F6 C175 4218 4806 9C26 52D1
The key is located at: www.fi.ee/schemas/epstat2013.asc
Securing with DigiDoc
Signing and encryption is determined via the DigiDoc platform. The ID-card certificate identification of the application processing reports is "Finantsinspektsioon: aruandlus".
Key management (OpenPGP)
- 1. Requirements to keys
- The key string must include the code of the reporting entity, the word ARUANDLUS, the name of the employee that uses the key and the final date of validity of the key pair. EP uses EPSTST as the code of institution.
- Key pairs must be changed at least once every two years.
- Used key pairs are preserved in order to ensure handling of the data exchanged.
- Key pairs which have become unusable are removed from further use.
- 2. First exchange of keys
- The responsible employee of the reporting entity electronically sends to the responsible person of the report addressee a digitally signed public key and key exchange statement.
- 3. Further exchange of keys
- The report addressee and the reporting entity exchange new public keys electronically and signed digitally.
Key management (DigiDoc)
- 1. Requirements to keys
- DigiDoc
uses keys (certificates) created by Sertifitseerimiskeskus (Certification
Centre). The keys are distributed on smart cards. Using the LDAP certificate
search in Digidoc Client the public key (certificate) in an electronic form
can be found on the web page of Sertifitseerimiskeskus.
- The key (certificate) must have a unique identification, which has to include the name of the reporting entity in the case of institution's ID-card.
In the case of a personal ID-card (or DigiD), the unique identification is one's identification code.
- 2. First exchange of keys
- The reporting entity's signatory signs a statement, communicating the name and identification code of the report sender or the identification of
institution's ID-card.
- 3. Key revocation
- The signatory of the reporting entity informs in writing the employee's name and identification code or the institution's ID-card identification.
Transmission of report messages
A report message (or messages) are sent as e-mail attachment(s) to the address
xml(at)fi.ee.
The principle here is: 1 attachment = 1 report message = 1 report.
The Subject and Body fields of the e-mail are ignored.
The number of attachments is not limited, but the good practice of sending e-mails must be followed (max 5 megabytes).
Zipping, either before or after encryption and signing, is not allowed. Containers are not allowed.
Responses of the application processing report messages
If the value of the <require_receipt> was 'yes', the reporting entity will receive a message confirming that the report (by its name, date of receipt, etc) is being processed.
If the report message is faulty, the reporting entity will receive only an error message, the message of taking reports in for processing will not be sent.
Errors concerning reports are sent to the address in the header of the report. Other errors are forwarded to the address in the header of the report message.
There are also situations (incorrect report message), where errors can only be sent to the actual sender of the message.
If the value of the element <comment> has not been left empty, the information therein will be sent to the processer of the report at EP/FI.
Transmission of warnings to reporting entities
If a formally correct report has not been received by the specified date, the reporting entity is sent a warning message. The message is sent to the e-mail address communicated by the reporting entity.
For further information:
Peeter Liik
668 0976
peeter.liik(at)eestipank.ee
|
