ETSI GS ECI 001-3 V1.1.1 (2017-07)

ETSI GS ECI 001-3 V1.1.1 (2017-07)






GROUP SPECIFICATION
Embedded Common Interface (ECI)
for exchangeable CA/DRM solutions;
Part 3: CA/DRM Container, Loader, Interfaces, Revocation
Disclaimer
The present document has been produced and approved by the Embedded Common Interface (ECI) for exchangeable CA/DRM
solutions ETSI Industry Specification Group (ISG) and represents the views of those members who participated in this ISG.
It does not necessarily represent the views of the entire ETSI membership.

---------------------- Page: 1 ----------------------
2 ETSI GS ECI 001-3 V1.1.1 (2017-07)



Reference
DGS/ECI-001-3
Keywords
CA, DRM, swapping

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2017.
All rights reserved.

TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are trademarks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are trademarks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
oneM2M logo is protected for the benefit of its Members.
GSM® and the GSM logo are trademarks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 ETSI GS ECI 001-3 V1.1.1 (2017-07)
Contents
Intellectual Property Rights . 21
Foreword . 21
Modal verbs terminology . 21
Introduction . 22
1 Scope . 23
2 References . 24
2.1 Normative references . 24
2.2 Informative references . 27
3 Definitions and abbreviations . 27
3.1 Definitions . 27
3.2 Abbreviations . 31
4 Conceptual principles . 33
5 ECI Certificate System . 33
5.1 Introduction . 33
5.1.1 Scope . 33
5.1.2 Notation and conventions of fields . 33
5.1.3 Extension Field . 34
5.2 ECI Certificates . 34
5.3 ECI Revocation List . 37
5.4 Certificate Chains and Revocation List Trees . 40
5.4.1 Data structure definitions . 40
5.4.2 Processing rules for Certificate Chains . 42
5.5 Revocation tree sets and revocation data files . 43
5.6 Large data item signatures . 45
5.7 Root Certificates . 45
5.7.1 Definition of a Root Certificate . 45
5.7.2 ECI Host Root Certificate Management . 46
6 ECI Host Loader . 46
6.1 Introduction . 46
6.2 Storage, verification and activation . 47
6.2.1 Principles of Operation . 47
6.2.2 Credential definition . 48
6.2.2.1 ECI Host Image related Certificates . 48
6.2.2.2 ECI Host Image Signatures . 50
6.2.2.3 ECI Host Credentials. 51
6.2.3 Loading process of ECI Host Image file . 52
6.3 ECI Host related file formats . 53
6.4 ECI Host Image transport protocols . 55
6.4.1 Introduction. 55
6.4.2 ECI Host Broadcast Transport Protocol . 56
6.4.2.1 General and Profiling . 56
6.4.2.2 CPE Manufacturer to Operator handover . 57
6.4.2.3 DVB SI Signalling . 57
6.4.2.3.1 Download location signalling . 57
6.4.2.3.2 Emergency Updates . 57
6.4.2.4 PSI signalling . 59
6.4.2.5 UNT option . 60
6.4.2.6 Carousel structure . 60
6.4.2.7 ECI Host downloading operation . 61
6.4.2.8 Operator Carousel schedules . 61
6.4.2.9 User Interface Aspects . 61
6.4.3 ECI Host Internet Transport Protocol . 62
ETSI

---------------------- Page: 3 ----------------------
4 ETSI GS ECI 001-3 V1.1.1 (2017-07)
6.4.3.1 IP Protocol. 62
6.4.3.2 Online Loader Operation . 62
6.4.4 Alternative transport protocols . 62
7 ECI Client Loader . 62
7.1 Introduction . 62
7.2 Discovery of ECI Clients . 63
7.2.1 Introduction. 63
7.2.2 Transport stream based networks . 64
7.2.2.1 Common signalling . 64
7.2.2.2 ECI_ platform_operation _descriptor . 64
7.2.2.3 ECI_base_url_descriptor . 65
7.2.2.4 Manual installation . 66
7.2.2.5 Self-discovery installation . 67
7.2.2.6 ECI service tag descriptor . 67
7.2.2.7 ECI platform list descriptor . 67
7.2.3 IP network based client discovery . 68
7.2.3.1 Manual installation . 68
7.2.3.2 Web-page based installation. 68
7.3 Storage, Verification and Activation . 68
7.3.1 General Update Policies . 68
7.3.2 ECI Client Image download and storage . 69
7.3.3 ECI Client Validation and Activation . 69
7.4 ECI Client Chain structure formats . 69
7.4.1 Introduction to ECI Client Chain structure formats . 69
7.4.2 Security Vendor Certificate . 70
7.4.3 ECI Client series Certificate and series target id . 70
7.4.4 ECI Client Image signature . 71
7.5 ECI Platform Operation Chain Formats . 72
7.5.1 Overview . 72
7.5.2 Operator Certificate . 72
7.5.3 Platform Operation Certificate . 73
7.5.4 Platform Operation client revocation List . 73
7.5.5 Platform Operation client co-signature . 73
7.6 File formats . 75
7.6.1 ECI Client Image File Format. 75
7.6.2 Platform Operation Chain Data . 77
7.6.3 Revocation data files . 78
7.7 ECI Client resources transport protocols . 78
7.7.1 General and profiling . 78
7.7.2 Broadcast transport protocol . 78
7.7.2.1 Introduction . 78
7.7.2.2 Credential and revocation data handover to Operator . 79
7.7.2.3 Security Vendor to Operator handover . 79
7.7.2.4 PSI signalling . 79
7.7.2.5 SI signalling . 80
7.7.2.5.1 Data Carousel location Signalling via Data Location Linkage Descriptor . 80
7.7.2.5.2 ECI Client emergency download descriptor . 81
7.7.2.6 Carousel compatibility descriptor . 83
7.7.2.7 Carousel DSI . 84
7.7.2.8 Carousel DDB . 85
7.7.2.9 Dynamic carousel behaviour . 85
7.7.3 Web transport protocols . 85
7.7.3.1 Introduction . 85
7.7.3.2 ECI Web API overview . 85
7.7.3.3 Web API ECI Host related requests . 86
7.7.3.4 Web API Platform Operation related requests . 87
7.7.3.5 Web API client requests . 88
7.7.3.6 Web API AS_setup requests . 90
7.8 Platform Operation ECI Client installation . 90
7.8.1 Scope and Profiling . 90
7.8.2 ECI Client installation mode with unencrypted ECI Client Image file . 91
ETSI

---------------------- Page: 4 ----------------------
5 ETSI GS ECI 001-3 V1.1.1 (2017-07)
7.8.3 ECI Client installation mode with encrypted ECI Client Image file . 91
7.8.4 Transport Protocol . 93
7.8.4.1 Broadcast protocol . 93
7.8.4.2 Online protocol . 94
7.8.5 Target ID presentation to user. 94
8 Revocation . 94
8.1 Introduction . 94
8.2 CPE Revocation . 95
8.3 Generic Revocation Process . 95
8.4 Revocation Lists based ECI Host Revocation . 96
8.5 ECI Platform Operation Revocation . 96
8.6 ECI Client Revocation . 96
9 ECI Client Interfaces . 97
9.1 Introduction . 97
9.1.1 Architecture of the ECI Client interfaces . 97
9.1.2 Media Handle . 98
9.2 ECI Virtual Machine Interface . 98
9.2.1 Principles . 98
9.2.2 Instructions and data (static resources) . 98
9.2.3 Interaction with ECI Host . 98
9.2.4 Dynamic Resources provided for ECI Client's . 100
9.2.5 API version management . 100
9.2.6 Responsiveness Monitoring . 100
9.3 Mechanism for ECI Client APIs . 101
9.3.1 Asynchronous message syntax . 101
9.3.2 Asynchronous message layout definition convention . 102
9.3.2.1 Syntax of message definitions . 102
9.3.2.2 Basic message parameter types . 102
9.3.2.3 Message payload to message parameter mapping . 102
9.3.2.4 Naming convention for asynchronous messages . 103
9.3.3 Synchronous messages . 104
9.3.4 Error codes in Return . 105
9.3.5 Secure Authenticated Channel (SAC). 105
9.3.6 Message Verification by ECI Host . 105
9.3.7 Message Processing by ECI Clients . 106
9.4 APIs for general ECI Host resources . 106
9.4.1 List of APIs defined in clause 9.4 . 106
9.4.2 API for the access to the ECI Host interface discovery resource . 107
9.4.2.1 Introduction . 107
9.4.2.2 getApis Message . 108
9.4.2.3 getApiVersions() Message . 108
9.4.2.4 setApiVersion() Message . 108
9.4.3 API for the access to the ECI Host user interface resource . 109
9.4.3.1 Introduction . 109
9.4.3.2 User Interface environment . 109
9.4.3.2.1 Browser Profile . 109
9.4.3.2.2 Constraints . 110
9.4.3.2.3 Browser Capabilities . 110
9.4.3.2.3.1 Display Model. 110
9.4.3.2.3.2 Text and Fonts . 111
9.4.3.2.3.3 Graphic Formats . 111
9.4.3.2.3.4 User Input . 111
9.4.3.2.3.5 Persistence . 111
9.4.3.2.3.6 ECI Application access to static HTML resources . 111
9.4.3.2.3.7 Communication between the ECI Client and ECI Applications . 111
9.4.3.3 Application Lifecycle . 112
9.4.3.3.1 Launch of an ECI Application . 112
9.4.3.3.2 Termination of an ECI Application . 113
9.4.3.4 APIs related to the User communication . 11
...