[taler-docs] branch master updated: EBICS bank transport doc

[gnunet]

This is an automated email from the git hooks/post-receive script.

dold pushed a commit to branch master
in repository docs.

The following commit(s) were added to refs/heads/master by this push:
     new c8db85c  EBICS bank transport doc
c8db85c is described below

commit c8db85cc9900c42a84ad0d09456f2e6e9931c672
Author: Florian Dold <address@hidden>
AuthorDate: Wed May 13 20:38:59 2020 +0530

    EBICS bank transport doc
---
 libeufin/bank-transport-ebics.rst | 48 +++++++++++++++++++++++++++++++++++++++
 libeufin/index.rst                |  7 ++++++
 2 files changed, 55 insertions(+)

diff --git a/libeufin/bank-transport-ebics.rst 
b/libeufin/bank-transport-ebics.rst
new file mode 100644
index 0000000..1363fa3
--- /dev/null
+++ b/libeufin/bank-transport-ebics.rst
@@ -0,0 +1,48 @@
+The EBICS Bank Transport
+========================
+
+An EBICS bank transport in LibEuFin conceptually corresponds
+to the "EBICS Subscriber" in EBICS terminology.
+
+
+Bank Transport Setup
+--------------------
+
+The following steps are required to set up an EBICS bank transport:
+
+1. The bank must set up the EBICS access for the user.
+   The bank will notify the user of the following parameters:
+
+   * the URL of the EBICS server used by the bank
+   * the HostID of the bank within the EBICS server (sometimes one EBICS 
server hosts multiple banks)
+   * the PartnerID (typically identifies the owner of the bank account within 
the banking system)
+   * the UserID (typically identifies the person that accesses the bank 
account, can be different from the owner)
+   * the SystemID (optional and rarely used, basically a "sub-identity" of a 
subscriber when multiple technical
+     systems have access to the account via EBICS)
+
+2. The user enters the information from the list above in the setup dialog in 
the LibEuFin nexus (UI/CLI).
+3. The LibEuFin nexus generates cryptographic key material (3 RSA key pairs)
+5. The nexus sends the public keys electronically to the bank's EBICS server, 
together with the information
+   identifying the subscriber (PartnerID, UserID, SystemID).
+6. The user print a document that contains the public key and hashes for all 
three key pairs.
+   The user then signs this document sends it to the bank (physically/scanned).
+7. The bank receives the letter and verifies that the keys from the letter 
correspond
+   to the electronically sent keys.  If they match, the bank sets the state of 
the
+   subscriber to "ready".
+8. The user now has to wait until the bank has set the EBICS subscriber state 
to "ready".
+   There is no in-band notification for this, but the Nexus can try 
downloading the bank's
+   cryptographic parameters.  This will only succeed once the EBICS subscriber 
is set to "ready"
+   by the bank.
+9. The user should confirm the public keys of the bank received in the 
previous step.
+   Typically the bank gives the value of these public keys in an out-of-band 
channel.
+10. Now the user can finally use the EBICS bank transport.  The first step 
after finishing
+    the setup should be to import the bank accounts accessible for this EBICS 
subscriber.
+
+
+Alternative ways of setting up the EBICS bank transport are:
+
+* Importing from a backup.  The backup contains metadata (EBICS URL, HostID,
+  UserId, ...) and the three passphrase-protected subscriber keys.
+* Certificate-based setup (currently not supported by LibEuFin, only used in 
France)
+
+
diff --git a/libeufin/index.rst b/libeufin/index.rst
index bc00b96..f8d3a98 100644
--- a/libeufin/index.rst
+++ b/libeufin/index.rst
@@ -7,7 +7,14 @@ LibEuFin is a project providing free software tooling for 
European FinTech.
   :glob:
 
   concepts
+<<<<<<< Updated upstream
   ebics
   api-sandbox
   api-nexus
+=======
+  bank-transport-ebics
+  api-nexus2
+  api-sandbox
+  ebics
+>>>>>>> Stashed changes
   iso20022

-- 
To stop receiving notification emails like this one, please contact
address@hidden.