Using ebXML in NIST 800-131a compliance mode

When you are in strict mode, the following changes need to be made to the Collaboration Protocol Agreement (CPA) to maintain a successful transaction:

  • Verify that all certificates using the ebxml transaction are NIST 800-131a compliant. To verify compliance, refer to Verifying NIST 800-131a Compliance with Digital Certificates.
  • Change the tp:HasFunction from: to
  • Change the tp:SignatureAlgorithm from: to
  • If the ebxml transaction uses a server adapter with SSL, that adapter must be configured with a NIST 800-131a compliant certificate and other applicable security details.
    Note: The signing algorithm dsa-sha256 is not supported..