Data Communications Company (DCC) Users are required to Digitally Sign XML format Service Requests and Signed Pre-Commands with a User Role Signing Private Key. That Key must be a separate dedicated Key that must not be used for communication with Devices. The Security Sub-Committee (SSC) is concerned that Keys could be used incorrectly. However, without the means to validate the use of separate Keys, there is no way to monitor if or how frequently this occurs and no way to advise Users to enable them to ensure they are compliant with the Smart Energy Code (SEC).
The solution is to implement a DCC validation check to identify if this is occurring and, if necessary, work with DCC Users to ensure compliance.
Who should respond?
- All DCC Users.
How to respond