• Security

Common information exchange and a comprehensive CRD are key to rail interoperability and therefore a harmonised railway sector in Europe. This is made possible by a decentralised peer-to-peer network with a common interface that can be used by all industry stakeholders. To ensure high security standards along with message-based encryption and signing within this network, RNE acts as a central Certification Authority (CA):

  • All actors require a certificate for secure communication between CIs
  • Certificates are established and controlled by RNE
    • Establishing secure SSL/TLS communication between two peers using CI or CI and CRD
    • Message encryption
    • Message singing
  • All certificates are issued by RNE only
  • Only certificates from the RNE Certificate Authority (with the same root) will trust each other

As a Certificate Authority, RNE provides certificate services within the RNE PKI (Public Key Infrastructure) and will:

  • Issue and publish certificates in a timely manner in accordance with the issuance periods set out by RNE (The expiry time of the certificates has been set to two years)
  • Revoke certificates, upon receipt of a valid request from a person authorised to request revocation
  • Publish and update CRLs (Certificate Revocation Lists)
  • Distribute issued certificates in accordance with the procedures specified by RNE

How to get a certificate from RNE:

Users shall request certificates by sending a valid CSR file (CSR stands for: Certificate Signing Request) to the RNE Certification Authority.