Learn More

Background Information

The internet standard RFC 5024 (OFTP2) is the internet standard for secure transmission of business documents whether they be commercial or technical. OFTP2 has been designed to allow OFTP users to operate securely over the internet, whereas previously this was only possible by the use of an expensive VPN connection.
By utilising OFTP2 and an ODETTE digital certificate, data files may be signed to assure recipients that the data really was sent by you and the data content can be encrypted to protect it from being read by unauthorised entities ensuring that only the intended recipient can decrypt the data.
The security capabilities of OFTP2 exceed those of the already legacy AS2.

Why are certificates used?

Digital certificates underpin the security infrastructure of the internet. Most users will have seen internet security as a padlock symbol on their browser whilst they are making financial transactions on the internet. Some people will have seen digital certificates as a result of individuals signing emails but in many cases free certificates available for email signing are not worth the paper they are written on, in terms of proof of authenticity.
Industry and commerce need digital certificates in which they can have confidence and which address their business requirements. Until the formation of the ODETTE Certification Authority, such digital certificates were difficult and expensive to acquire from existing certification authorities.

Why do I need a certificate?

The security capabilities within the OFTP2 protocol utilise proven cryptographic security algorithms which are widely regarded as the most secure mechanism that can be used for the exchange of data electronically. The provision of digital certificates is an intrinsic necessity for the operation of OFTP2 software.
ODETTE can provide you with digital certificates which have the capability to sign data, ensuring that your trading partners can be confident in its authenticity, and to encrypt data to ensure that it cannot be decrypted by unauthorised recipients.
For digital certificates to be viable, your trading partners must be confident that your certificate is valid and trustworthy. To provide this assurance, ODETTE's own digital signature on your certificate ensures that any tampering with the contents of the certificate can be easily detected and provides the assurance required by your trading partners.
The ODETTE Certification Authority has been created specifically to issue certificates for B2B activities utilising OFTP2 and the internet. We are able to manage the complete certificate lifecycle, from the registration of new certificate requests to the expiry of certificates.

ODETTE certificates are safer

When ODETTE issues a signed certificate, we are guaranteeing the identity of the organisation that requested the certificate. You cannot just purchase an ODETTE certificate off the shelf. Your certification request must go through a formal validation procedure where ODETTE verifies that the organisation requesting the certificate is actually who they claim to be. By using a certificate issued by the ODETTE CA you can be sure that your trading partners will trust your certificate.
Security based on digital certificates is required at all levels of a company. ODETTE certificates can be used on a company basis for general purposes and may also be used at a departmental level. For example, the Engineering department may utilise their own certificate to sign CAD files and the Chief Engineer may also have his own certificate to sign particularly sensitive designs.

Cost savings

Digital certificates in conjunction with OFTP2 provide you with significant cost savings. One obvious payback is that of prevention, eliminating the cost impact of data exposure, but equally important is the saving achieved because you do not need to invest in expensive private networks and VPN infrastructures, which are difficult to set up and maintain.
Prior to the ODETTE Certification Authority, major players in the industry have given their own self-signed certificates to suppliers; this has led to an increased operational overhead of managing and administering certificates. ODETTE has rationalised this situation removing the operational overheads of both customer and supplier, leading to cost savings.

ODETTE security

The ODETTE Certification Authority is highly secure and adheres strictly to the requirements defined within the Federal Information Processing Standard (FIPS) PUB 140-1 [2] level 3 recommendation, which defines a security accreditation program for cryptographic modules.

What about self-signed certificates?

Un-trusted, self-signed certificates can be created and signed by the certificate owner, but the validity of a self-signed certificate will not be recognised by other users' OFTP systems. Self-signed certificates do not provide any guarantee concerning the identity of the organisation using the certificate. ODETTE certificates are an integral component of the solution and provide the assurance to OEMs and suppliers that the certificates may be trusted.

How do I obtain an ODETTE certificate?

ODETTE certificates can be obtained on-line via the ODETTE CA web site. The simple application process will guide you through the information that is required to make your certificate request directly to the ODETTE Registration Authority (RA).
Having received your certificate application request, we will issue you with logon details that you will use to download the certificate once your application has been approved. The ODETTE RA then verifies all submitted details to ensure that fraudulent applications are intercepted.
Once your application has been approved by the ODETTE RA, we will create your certificate and inform you via email that it is available for download. You may then use your secure logon details to download your certificate as many times as you wish.