COUNCIL DECISION (EU) 2018/1926
of 19 November 2018
on the position to be taken, on behalf of the European Union, in the Group of Experts on the European Agreement concerning the work of crews of vehicles engaged in international road transport of the United Nations Economic Commission for Europe
Article 1
Article 2
Article 3
ATTACHMENT
NEW APPENDIX TO THE AETR
Appendix 4
TACHOnet specifications
1.
Scope and purpose
2.
Definitions
3.
General responsibilities
4.
Tests for connection to TACHOnet
5.
Trust architecture
6.
Data protection and confidentiality
7.
Costs
8.
Subcontracting
Sub-appendix 4.1
General aspects of TACHOnet
1.
General description
2.
Architecture
3.
Management
Sub-appendix 4.2
Functionalities of TACHOnet
Card Status |
Definition |
Application |
The CIA has received an application to issue a driver card. This information has been registered and stored in the database with the generated search keys. |
Approved |
The CIA has approved the application for the tachograph card. |
Rejected |
The CIA did not approve the application. |
Personalised |
The tachograph card has been personalised. |
Dispatched |
The National Authority has dispatched the driver card to the relevant driver or delivering agency. |
Handed Over |
The National Authority has handed over the driver card to the relevant driver. |
Confiscated |
The driver card has been taken from the driver by the competent authority. |
Suspended |
The driver card has been taken temporarily from the driver. |
Withdrawn |
The CIA has decided to withdraw the driver card. The card has been permanently invalidated. |
Surrendered |
The tachograph card has been returned to the CIA, and declared no longer needed. |
Lost |
The tachograph card has been declared lost to the CIA. |
Stolen |
The tachograph card has been reported stolen to the CIA. A stolen card is considered lost. |
Malfunctioning |
The tachograph card has been reported as malfunctioning to the CIA. |
Expired |
The period of validity of the tachograph card has expired. |
Replaced |
The tachograph card, which has been reported lost, stolen or malfunctioning, has been replaced by a new card. The data on the new card is the same, with the exception of the card number replacement index, which has been increased by one. |
Renewed |
The tachograph card has been renewed because of a change of administrative data or the validity period coming to an end. The card number of the new card is the same, with the exception of the card number renewal index, which has been increased by one. |
In Exchange |
The CIA that issued a driver card has received a notification that the procedure to exchange that card for a driver card issued by the CIA of another Party has started. |
Exchanged |
The CIA that issued a driver card has received a notification that the procedure to exchange that card for a driver card issued by the CIA of another Party has completed. |
Sub-appendix 4.3
Message provisions of TACHOnet
1.
General technical requirements
2.
XML messages structure and Schema definition (XSD)
Common Header |
Mandatory |
|
Version |
The official version of the XML specifications will be specified through the namespace defined in the message XSD and in the version attribute of the Header element of any XML message. The version number (‘n.m’) will be defined as fixed value in every release of the XML Schema Definition file (xsd). |
Yes |
Test Identifier |
Optional id for testing. The originator of the test will populate the id and all participants in the workflow will forward/return the same id. In production it should be ignored and will not be used if it is supplied. |
No |
Technical Identifier |
A UUID uniquely identifying each individual message. The sender generates a UUID and populates this attribute. This data is not used in any business capacity. |
Yes |
Workflow Identifier |
The workflow id is a UUID and should be generated by the requesting party. This id is then used in all messages to correlate the workflow. |
Yes |
Sent At |
The date and time (UTC) that the message was sent. |
Yes |
Timeout |
This is an optional date and time (in UTC format) attribute. This value will be set only by the central hub for forwarded requests. This will inform the responding party of the time when the request will be timed out. This value is not required in MS2TCN_ |
No |
From |
The ISO 3166-1 Alpha 2 code of the party sending the message or ‘EU’. |
Yes |
To |
The ISO 3166-1 Alpha 2 code of the party to which the message is being sent or ‘EU’. |
Yes |
Sub-appendix 4.4
Transliteration and NYSIIS (New York State Identification and Intelligence System) services
Sub-appendix 4.5
Security requirements
Sub-appendix 4.6
Service levels
An availability of |
means an unavailability of |
||
Daily |
Monthly |
Yearly |
|
98 % |
0,5 hours |
15 hours |
7,5 days |
3. Maintenance
Sub-appendix 4.7
Logging and statistics of the data collected at the central hub
Sub-appendix 4.8
General provisions regarding digital keys and certificates for TACHOnet
5. Liabilities
Sub-appendix 4.9
Description of the PKI service for TACHOnet
1.
Introduction
2.
Certificate Request Process
2.1. Roles and responsibilities
2.1.1. ‘Organisation’ or ‘national authority’ requesting the certificate
2.1.2. Trusted Courier
2.1.3. Domain Owner
2.1.4. Registration Authority
2.1.5. Certification Authority
2.2. Certificate issuance
2.2.2. Step 1: Trusted Courier identification
2.2.3. Step 2: Certificate request creation
Requested Fields |
Description |
Country |
C = Country Code, location of certificate owner, verified using a public directory; Constraints: 2 characters, in accordance to ISO 3166-1, alpha-2, Case Sensitive; Examples: DE, BE, NL, Specific cases: UK (for Great-Britain), EL (for Greece) |
Organisation/Company (O) |
O = Organisation name of the certificate owner |
Master domain (OU1) |
OU = CEF_eDelivery.europa.eu |
Area of responsibility (OU2) |
OU = CEF_TACHOnet |
Department (OU3) |
Mandatory value per ‘AREA OF RESPONSIBILITY’ The content must be checked using a positive list (white list) when the certificate is requested. If the information does not correspond to the list, the request is prevented. Format:
OU= Where ‘ And where e.g.: AP_PROD-GTC_OID-1.3.130.0.2018.xxxxxx |
First name (CN) |
Must be Empty |
Last name (CN) |
Must start with ‘GRP:’, followed by a common name. Format:
CN = GRP:_ e.g.: GRP:CEF_TACHOnet_AP_PROD_BE_001 |
|
E = CEF-EDELIVERY-SUPPORT@ec.europa.eu |
Email 1 (SAN) |
Must be Empty |
Email 2 (SAN) |
Must be Empty |
Email 3 (SAN) |
Must be Empty |
Address |
Must be Empty |
Street |
Must be the official address of the Organisation of the Certificate Owner. (Used for the Power of Attorney.) |
Street no. |
Must be the official address of the Organisation of the Certificate Owner. (Used for the Power of Attorney.) |
Zip Code |
Must be the official address of the Organisation of the Certificate Owner. (Used for the Power of Attorney.) Attention : if the ZIP code is NOT a 5-digit ZIP code, leave the ZIP code field empty and put the ZIP code in the City field. |
City |
Must be the official address of the Organisation of the Certificate Owner. (Used for the Power of Attorney.) Attention : if the ZIP code is NOT a 5-digit ZIP code, leave the ZIP code field empty and put the ZIP code in the City field. |
Phone no |
Must be Empty |
Identification data |
The email address must be the same as the one used for registering the Unique Identifier. + Must be the name of the person representing the organisation. (Used for the Power of Attorney) + Commercial Register No (only mandatory for private organisations) Entered at the Local Court of (only required for German and Austrian private organisations) |
Revocation password |
Mandatory field chosen by the requestor |
Revocation password repetition |
Mandatory field chosen by the requestor repeated |
2.2.4. Step 3: Registration at Registration Authority (Certificate approval)
2.2.5. Step 4: Certificate generation
2.2.6. Step 5: Certificate publication and retrieval
3.
Certificate revocation process
4.
General Terms and conditions of the CEF PKI service
4.1. Context
4.2. Disclaimer on liability
4.3. Authorised/prohibited uses of certificates
4.3.1. Permitted usage of certificates
4.3.2. Prohibited usage of certificates
4.4. Additional obligations of the certificate owner
5.
Contact persons and trusted couriers identification form (sample)
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
|