Email Communication
with the German Energy Sector

Looking for an EDI@Energy compliant way of data exchange via email?
Learn more about the Z1 SecureMail Gateway Energy Module from Zertificon

As a subset of EDIFACT, EDI@Energy is a communication standard for the energy, water, and electricity industries. This has been regulating the electronic data exchange between the market partners of the German energy industry since June 2017.
According to the Market Communication 2020 (Marktkommunikation 2020 — MaKo 2020) regulation, emails between market partners must be signed and encrypted using the S/MIME standard. The email certificates used in market communication must be issued by a trustworthy CA, and signature and encryption algorithms need to meet specific requirements.

E-Mail-Verschlüsselung in der Energiebranche

EDI@Energy & MaKo 2020: Compliant Email Encryption for the Energy Market

Looking for a local German email encryption provider who is an expert in EDI@Energy? Zertificon Solutions is your competent partner for complex challenges in secure digital communication for energy companies. We have been securing email communication for over 15 years. Energy companies like BS|ENERGY, EWAG, Energie SaarLoLux, REWAG, TWS Netz, and many more exchange data using the Z1 SecureMail Gateway with the Energy Module. This is a convenient, automatic, and compliant adjustment to the latest MAKO 2020 guidelines. 

EDI@Energy Module: Market Communication & Schedule Data Exchange

The Zertificon Energy Module is available as an extension to the Z1 SecureMail Gateway.
It provides you with the following industry-specific solutions:

  1. The algorithms required by the BNetzA according to S/MIME v3.2 and TR-03116-4 are supported and preconfigured in the Z1 solution. No additional administrative efforts are required.
  2. MaKo 2020 Stage 1 regulations for “sign only” secure exchange in the schedule process and MaKo 2020 Stage 2 “encrypt and sign” are implemented, as well as the reproduction of error cases according to the valid guidelines.
  3. The securly regulated management of certificates for encryption and signature is easy to implement. The Energy Module enables you to:
    • manage own and third-party certificates manually (import/export including extended validation) in a convenient way;
    • get regular notification of the automated purchase of successor certificates;
    • use both old and new certificates during transition periods that can be two weeks or more;
    • conveniently administer and use certificates from other market partners for 1:1 communication;
    • automatically validate the certificates for decryption and verify the signature following the specifications;
    • automate the publication of your certificates in the market.
  4. The organizational regulations for the transmission channel are also fulfilled. The specifications regarding the consequences of non-compliance with these requirements can be easily implemented. Specific actions for all types of violations can be mapped via rule extensions, and it is also possible to route certain emails to clearing mailboxes.
  5. The processing of all emails by the Z1 SecureMail Gateway is documented. You have access to detailed monitoring and reporting of your market communication at all times.
EDI@energy compliant communication and secure email with Z1 SecureMail Gateway

Z1 SecureMail Gateway: EDI@Energy communication and secure email

Certificates for market communication and schedule data exchange

All new certificates issued from January 1, 2019 must be signed with RSASSA-PSS.

The IT security of the CA operation has been checked by an audit / certification according to a recognized audit / certification standard …

i.e. EDI@Energy regulations for the transmission channel, 5.5.1 Certification bodies, 5.5.2 Certificate parameters and requirements.

Automate issue and renewal of EDI-compliance certificates with Zertificon

In partnership with QuoVadis, we offer the convenient automatic certificate retrieval for energy specific certificates. Alternatively, you can import certificates from a certification authority of your choice into the Z1 SecureMail Gateway.

Logo SwissSign

Current Communication Requirements in the Energy Industry

Energy market communication regulations from April 1, 2019

On December 20, 2018, the German Federal Network Agency published Resolution BK6-18-032 on “Market Communication 2020”. In this resolution, the regulations valid in the current interim model will continue to apply beyond January 1, 2020. It was also stipulated that the use of combination certificates, which can be used for both signature and encryption, is permitted until December 31, 2021.

The revised version 1.3 of the EDI@Energy regulations on the transmission channel can be found here in German.

Exchange in the schedule process must be encrypted as of October 1, 2020

Schedule data in the exchange between balancing group managers and the transmission system operators have only been signed at Stage 1 since October 1, 2019. From October 1, 2020, at Stage 2, the data must be signed and encrypted (previously July 1, 2020, postponed due to COVID-19).

Valid algorithms for S/MIME and certificates for the energy market

Certificates: Parameters and requirements
All newly issued certificates since January 1, 2019, must be signed by the CA with the RSASSA-PSS algorithm.

Algorithms for S/MIME:

Email encryption (key encryption)

with RSA key length at least 2048 bit.

RSAES-OAEP (according to IETF RFC 3447) The key encryption has hash functions as a parameter. Here SHA-256 or SHA-512 are to be used.

Sources: EDI@Energy regulations for transmission channel 1.3 (German only), Regulations for secure exchange in the schedule process 1.0