=====General=====
While until 1st of April 2024 most communications between energy market participants (roles) were relying on automatically processed email, this is changed to a [https://www.edi-energy.de/index.php?id=38&tx_bdew_bdew%5Buid%5D=1608&tx_bdew_bdew%5Baction%5D=download&tx_bdew_bdew%5Bcontroller%5D=Dokument&cHash=5fbee16dcbd284d5f9899875d50353de machine-to-machine communication via webservices], using [[wikipedia:AS4 (<nowiki>https://en.wikipedia.org/wiki/|AS4</nowiki> ) ]] encrypted payloads. The requirements for the XML encryption / signing public key infrastructure (PKI) leans on Diffie-Hellman key exchange procedures. The keys algorithms themselves however can be based on anything commonly accepted like: RSA, Diffie-Hellman, DLIES or Elliptic-Curve (<nowiki>[https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9</nowiki> )anything] commonly accepted like: RSA, Diffie-Hellman, DLIES or Elliptic-Curve.
=====Keygen and Distribution=====
=====Payload Encryption vs. Transport encryption=====
The National Institute for IT Security (BSI) emphasizes two alternative AS4 compatible approaches: PKI encrypted payloads with electronic signatures and transport based (TLS 1.2) encryption. It is not clear from the [https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/Technische-Richtlinien/TR-nach-Thema-sortiert/tr02102/tr02102_node.html requirements specification ] which one should be used when. But the initial thinking probably was to go for the payload encryption in the first place and to fall back to TLS, when the procedures implemented proved unreliable for the market participants. As this is currently under implementation by a multitude of software vendors for energy market communication products at the point of this writing (March/2024), no statement can be made on the initial success and use of payload encryption.
=Chapter 3 Grid Operators=