CEN/WS XBRL: Improving transparency in financial and business reporting
description
Transcript of CEN/WS XBRL: Improving transparency in financial and business reporting
Present situationEmile Bartolé
CEN/WS XBRL: Improving transparency in financial and business reporting
CWA2 Situation & latest evolutions
1 CWA2
Objectives of CWA2Dual objective of CWA2: standardize
The way of submitting instances, a container with standardizedEncryptionDigital signatureCompression…
The way of transmitting the usual metadata that determine the context of an xbrl reporting instance
the sender of the documentcontact detailsdate and time of submission…
Page 2 CWA2
Submission container
Feedback containers
Standards used: Compression & Hash
Zip as defined in
http://www.pkware.com/documents/casestudies/APPNOTE.TXT
SHA256 as defined in
http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf
Standards used: Digital signature
The file structure generated by the signature SHALL be XAdES-BES/EPES
http://uri.etsi.org/01903/v1.4.1/
using RSA with SHA512
http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
implemented in accordance with
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2011:053:0066:0072:EN:PDF
Standards used: Encryption
W3C Encryption
http://www.w3.org/TR/xmlenc-core/
using key transport RSA-OAEP
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
and encrypting data with AES256.
http://www.w3.org/2001/04/xmlenc#aes256-cbc
Requirements input
EBAEasy to use, minimal model (1 instance per container)Senders identified in transport system, only encryption required (no digital signatures)Known people from NSAs, no need to identify them explicitely in a header
EIOPAMinimal structural headerExtensibility of header for content-based fields
Reserved extended suffix
.signed.xmlexclusively reserved for signed files
.encrypted.xmlexclusively reserved for encrypted files
File name change upon signatureFile to sign Name of the signed file Filename inside the XML signature
file
Lol Lol.signed.xml Same as « File to sign »
Lol.pdf Lol.signed.xml Same as « File to sign »
Lol.zip Lol.signed.xml Same as « File to sign »
Lol.signed.xml Lol.signed.xml Same as « File to sign »
Lol.encrypted.xml Lol.signed.xml Same as « File to sign »
Container.signed.xml
Container.zip
Sign with a first signature and replace extension
header.xmlfile1.xbrlfile2.xbrlfile3.xbrl
Compress
Container.encrypted.xml
Encrypt and replace extension
Container.signed.xml
Sign with a second signature and replace extension
Filename in XML: Container.zip
Filename in XML: Container.signed.xml
Filename in XML: Container.signed.xml
Container creation example
Container.encrypted.xml
Container.signed.xml
Decrypt and extract file
Container.signed.xml
Validate first signature and extract file
Container.zip
Validate second signature and extract file
header.xmlfile1.encrypted.xmlfile2.signed.xmlfile3.xbrlcontainer.zip
Uncompress
Filename in XML: Container.zip
Filename in XML: Container.signed.xml
Filename in XML: Container.signed.xml
header.xmlfile1.xbrlfile2.xbrlfile3.xbrlcontainer.zip
header.xmlfile1.signed.xmlfile2.xbrlfile3.xbrlcontainer.zip
Container reception example
Exchange files
Header file - characteristics of the data files in the submission (caution: deprecated, not yet extensible version!)
http://www.eurofiling.info/eu/fr/esrs/header
Container feedback files - confirming (or not) the success of the reception of a submission container
http://www.eurofiling.info/eu/fr/esrs/ContainerFeedback
Instance feedback files - Result of the (XBRL-)validation of every submitted data file
http://www.eurofiling.info/eu/fr/esrs/InstanceFeedback
Exchange model
Subnission container
Receiver
encrypted(optional)
signed(optional)
Feedback container
Sender
Containerfeedback file
Rest of the Feedback container
encrypted(optional)
signed(optional)
2-level support: Forwarding
Submission container 1
ReportingEntity
header.xmlnationalinstance1.xbrlnationalinstance2.xbrl
Submission container 2
Submission container 2
National National Supervision Supervision
AuthorityAuthority
EuropeanEuropeanSupervision Supervision
AuthorityAuthority
Response Container 1 Response Container 2
2-level support: Repackaging
Reporting entity submission
header.xmlre1.xbrlre2.xbrl………ren.xbrl
NSA submission
National National Supervision Supervision
AuthorityAuthority
EuropeanEuropeanSupervision Supervision
AuthorityAuthority
Response RE Response NSA
header.xmlre1.xbrlre2.xbrl………ren.xbrl
ReportingEntity
2-level support: Regeneration
Reporting entity submission
header.xmlre1.xbrlre2.xbrl………ren.xbrl
NSA submission
National National Supervision Supervision
AuthorityAuthority
EuropeanEuropeanSupervision Supervision
AuthorityAuthority
Response RE Response NSA
header.xmlnsa1.xbrlnsa2.xbrl…nsan.xbrl
ReportingEntity
BasicHeader
RegisteredOrganizationVocabulary
ExtendedHeader
OtherModule(s)
Extensible Header
Use-cases provided by CWA2Use-case Characteristics
BasicHeaderOnly This header imports the BasicHeader « as is », makes no extensions of it and does not import the RegisteredOrganizationVocabulary as it uses none of its fields. Namespace: http://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnlyXSD URL: http://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnly.xsd XML sample instance URL: http://www.eurofiling.info/eu/fr/esrs/Header/BasicHeaderOnly.xml
StandardHeaderWithRegOrg
This header structure reflects the survey made within the Eurofiling BestPractices efforts which had given the results documented in http://www.wikixbrl.info/index.php?title=Best_Practices_on_Common_European_Reporting_StructuresAll fields related to « Transport » issues have been removed as these are out of scope of this CWA. Namespace: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrgXSD URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithRegOrg.xsd XML sample instance URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWith
RegOrg.xml
StandardHeaderWithoutRegOrg
This header is (with regards to its function and its content) equivalent to the previous “StandardHeaderWithRegOrg”, but it does not import RegOrg and creates the missing fields as equivalent simple XML fieldsNamespace: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrgXSD URL: http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrg.xsd Sample instance URL:
http://www.eurofiling.info/eu/fr/esrs/Header/StandardHeaderWithoutRegOrg.xml
NSA / ESA requiring something else
Extend it according to your own needs !