Iso20022

CertificateManagementResponseV02

catm.008.001.02

The CertificateManagementResponse is sent by a terminal manager in response to a CertificateManagementRequest to provide the outcome of the requested service.

Message Construction

Every ISO20022 message has at the highest level what we call ‘building blocks’. Because the message is constructed as immutable records, the association is by composition. Below you can see the relationship between the message and its constituent building blocks: For comparison, see the ISO20022 official specification

classDiagram
     direction LR
%% CertificateManagementResponseV02 recursion level 0 with max 0
CertificateManagementResponseV02 *-- "1..1" Header29 : Header
CertificateManagementResponseV02 *-- "1..1" CertificateManagementResponse1 : CertificateManagementResponse
CertificateManagementResponseV02 *-- "0..1" ContentInformationType18 : SecurityTrailer

Now, we will zero-in one-by-one on each of these building blocks.

Header building block

Information related to the protocol management. Set of characteristics related to the reject of a transaction. For comparison, see the ISO20022 official specification

classDiagram
   direction tb
%% Header29 recursion level 0 with max 1
class Header29{
    ProtocolVersion IsoMax6Text
    ExchangeIdentification IsoNumber
    CreationDateTime IsoISODateTime
}
Header29 *-- "1..1" GenericIdentification72 : InitiatingParty
Header29 *-- "0..1" GenericIdentification93 : RecipientParty
%% GenericIdentification72 recursion level 1 with max 1
class GenericIdentification72{
    Identification IsoMax35Text
    Issuer PartyType6Code
    Country IsoMin2Max3AlphaText
    ShortName IsoMax35Text
}
%% GenericIdentification93 recursion level 1 with max 1
class GenericIdentification93{
    Identification IsoMax35Text
    Issuer PartyType6Code
    Country IsoMin2Max3AlphaText
    ShortName IsoMax35Text
}
GenericIdentification93 *-- "0..1" NetworkParameters5 : RemoteAccess

Header29 members

Member name Description Data Type / Multiplicity
ProtocolVersion Version of the terminal management protocol specifications. IsoMax6Text - Required 1..1
ExchangeIdentification Unique identification of an exchange occurrence. IsoNumber - Optional 0..1
CreationDateTime Date and time at which the file or message was created. IsoISODateTime - Required 1..1
InitiatingParty Unique identification of the partner that has initiated the exchange. GenericIdentification72 - Required 1..1
RecipientParty Unique identification of the partner that is the recipient of the exchange. GenericIdentification93 - Optional 0..1

CertificateManagementResponse building block

Information related to the result of the certificate management request. Information related to the result of the certificate management request. For comparison, see the ISO20022 official specification

classDiagram
   direction tb
%% CertificateManagementResponse1 recursion level 0 with max 1
class CertificateManagementResponse1{
    CertificateService CardPaymentServiceType10Code
    SecurityProfile IsoMax35Text
    ClientCertificate IsoMax3000Binary
    ClientCertificatePath IsoMax10KBinary
    ServerCertificatePath IsoMax10KBinary
}
CertificateManagementResponse1 *-- "1..1" GenericIdentification72 : POIIdentification
CertificateManagementResponse1 *-- "0..1" GenericIdentification72 : TMIdentification
CertificateManagementResponse1 *-- "1..1" ResponseType6 : Result
%% GenericIdentification72 recursion level 1 with max 1
class GenericIdentification72{
    Identification IsoMax35Text
    Issuer PartyType6Code
    Country IsoMin2Max3AlphaText
    ShortName IsoMax35Text
}
%% GenericIdentification72 recursion level 1 with max 1
class GenericIdentification72{
    Identification IsoMax35Text
    Issuer PartyType6Code
    Country IsoMin2Max3AlphaText
    ShortName IsoMax35Text
}
%% ResponseType6 recursion level 1 with max 1
class ResponseType6{
    Response Response2Code
    ResponseDetail ResultDetail3Code
    AdditionalResponse IsoMax140Text
}

CertificateManagementResponse1 members

Member name Description Data Type / Multiplicity
POIIdentification Identification of the terminal or system using the certificate management service. GenericIdentification72 - Required 1..1
TMIdentification Identification of the TM or the MTM providing the Certificate Authority service. GenericIdentification72 - Optional 0..1
CertificateService Requested certificate management service. CardPaymentServiceType10Code - Required 1..1
Result Outcome of the certificate service processing. ResponseType6 - Required 1..1
SecurityProfile Identification of the security profile, for creation, renewal or revocation of certificate. IsoMax35Text - Optional 0..1
ClientCertificate Created or renewed certificate. The certificate is ASN.1/DER encoded. IsoMax3000Binary - Optional 0..1
ClientCertificatePath Certificate of the client certificate path, from the CA (Certificate Authority) certificate, to the root certificate, for renewal or revocation of certificate. IsoMax10KBinary - Unknown 0..0
ServerCertificatePath Certificate of the server certificate path, from the CA (Certificate Authority) certificate, to the root certificate, for renewal or revocation of certificate. IsoMax10KBinary - Unknown 0..0

SecurityTrailer building block

Trailer of the message containing a MAC or a digital signature. General cryptographic message syntax (CMS) containing data. protected by a MAC or a digital signature. For comparison, see the ISO20022 official specification

classDiagram
   direction tb
%% ContentInformationType18 recursion level 0 with max 1
class ContentInformationType18{
    ContentType ContentType2Code
}
ContentInformationType18 *-- "0..1" AuthenticatedData5 : AuthenticatedData
ContentInformationType18 *-- "0..1" SignedData5 : SignedData
%% AuthenticatedData5 recursion level 1 with max 1
class AuthenticatedData5{
    Version IsoNumber
    MAC IsoMax140Binary
}
AuthenticatedData5 *-- "1..0" IRecipient6Choice : Recipient
AuthenticatedData5 *-- "1..1" AlgorithmIdentification22 : MACAlgorithm
AuthenticatedData5 *-- "1..1" EncapsulatedContent3 : EncapsulatedContent
%% SignedData5 recursion level 1 with max 1
class SignedData5{
    Version IsoNumber
    Certificate IsoMax5000Binary
}
SignedData5 *-- "0..0" AlgorithmIdentification21 : DigestAlgorithm
SignedData5 *-- "0..1" EncapsulatedContent3 : EncapsulatedContent
SignedData5 *-- "0..0" Signer4 : Signer

ContentInformationType18 members

Member name Description Data Type / Multiplicity
ContentType Type of data protection. ContentType2Code - Required 1..1
AuthenticatedData Data protection by a message authentication code (MAC). AuthenticatedData5 - Optional 0..1
SignedData Data protected by a digital signatures. SignedData5 - Optional 0..1

Extensibility and generalization considerations

To facilitate generalized design patterns in the system, the CertificateManagementResponseV02 implementation follows a specific implementaiton pattern. First of all, CertificateManagementResponseV02 impleemnts IOuterRecord indicating it is the outermost logical part of the message definition. Like all message wrappers, CertificateManagementResponseV02Document implements IOuterDocument. Because CertificateManagementResponseV02 implements IOuterDocument, it is a suitable template parameter for IOuterDocument, and causes the internal ‘Message’ to be of type CertificateManagementResponseV02.

classDiagram
    class IOuterRecord
    CertificateManagementResponseV02 --|> IOuterRecord : Implements
    CertificateManagementResponseV02Document --|> IOuterDocument~CertificateManagementResponseV02~ : Implements
    class IOuterDocument~CertificateManagementResponseV02~ {
        CertificateManagementResponseV02 Message
     }

Document wrapper for serialization

The only real purpose CertificateManagementResponseV02Document serves is to cause the document to be serialized into the ‘urn:iso:std:iso:20022:tech:xsd:catm.008.001.02’ namespace. Therefore, it will probably be the usual practice to build the message and construct this wrapper at the last minute using CertificateManagementResponseV02.ToDocument() method. The returned CertificateManagementResponseV02Document value will serialize correctly according to ISO 20022 standards.

classDiagram
    CertificateManagementResponseV02Document *-- CertificateManagementResponseV02 : Document

Sample of message format

This is an abbreviated version of what the message should look like.

<Document xmlns="urn:iso:std:iso:20022:tech:xsd:catm.008.001.02">
    <CertMgmtRspn>
        <Hdr>
            <!-- Header inner content -->
        </Hdr>
        <CertMgmtRspn>
            <!-- CertificateManagementResponse inner content -->
        </CertMgmtRspn>
        <SctyTrlr>
            <!-- SecurityTrailer inner content -->
        </SctyTrlr>
    </CertMgmtRspn>
</Document>

Data from ISO specification

This is the technical data from the specification document.

<messageDefinition
  xmi:id="_MtCPodtdEee9e6xduATmQg"
  nextVersions="_JWMugQ0WEeqUVL7sB4m7NA"
  previousVersion="_3Sq4UI4VEeW6h7rGyYlyTg"
  name="CertificateManagementResponseV02"
  definition="The CertificateManagementResponse is sent by a terminal manager in response to a CertificateManagementRequest to provide the outcome of the requested service."
  registrationStatus="Registered"
  messageSet="_urpIICeJEeOCeO5e7islRQ"
  xmlTag="CertMgmtRspn"
  rootElement="Document"
  xmlns:xmi="http://www.omg.org/XMI">
  <messageBuildingBlock
    xmi:id="_MtCPo9tdEee9e6xduATmQg"
    nextVersions="_JWNVkQ0WEeqUVL7sB4m7NA"
    previousVersion="_ArNVAI4WEeW6h7rGyYlyTg"
    name="Header"
    definition="Information related to the protocol management."
    registrationStatus="Provisionally Registered"
    maxOccurs="1"
    minOccurs="1"
    xmlTag="Hdr"
    complexType="_RtBnUY4CEeWrZqsymMFdfg" />
  <messageBuildingBlock
    xmi:id="_MtCPpdtdEee9e6xduATmQg"
    nextVersions="_JWNVkw0WEeqUVL7sB4m7NA"
    previousVersion="_dXALEI4WEeW6h7rGyYlyTg"
    name="CertificateManagementResponse"
    definition="Information related to the result of the certificate management request."
    registrationStatus="Provisionally Registered"
    maxOccurs="1"
    minOccurs="1"
    xmlTag="CertMgmtRspn"
    complexType="_PATyUI4WEeW6h7rGyYlyTg" />
  <messageBuildingBlock
    xmi:id="_MtCPp9tdEee9e6xduATmQg"
    nextVersions="_JWNVlQ0WEeqUVL7sB4m7NA"
    previousVersion="_mhfksI4WEeW6h7rGyYlyTg"
    name="SecurityTrailer"
    definition="Trailer of the message containing a MAC or a digital signature."
    registrationStatus="Provisionally Registered"
    maxOccurs="1"
    minOccurs="0"
    xmlTag="SctyTrlr"
    complexType="__DJZ4dtZEee9e6xduATmQg" />
  <messageDefinitionIdentifier
    businessArea="catm"
    messageFunctionality="008"
    flavour="001"
    version="02" />
</messageDefinition>

ISO Building Blocks

The following items are used as building blocks to construct this message.