Providing standards, tools and services
for the automotive supply chain

Secure File Transfer resources

Reference EN01

Version 3.0

Published Mar 2006

Security Features to consider when developing APIs

Provides guidelines on how to address security features when developing and implementing APIs. It is not intended as a complete and detailed catalogue of measures but should give interested par􀆟es hints and best prac􀆟ce recommenda􀆟ons on this topic.

Reference OA03

Version 1.0

Published Dec 2023

OFTP2 Implementation Guideline

The ODETTE File Transfer Protocol 2 (OFTP2) has become one of the most widely used and trusted protocols for secure information exchange over the internet.

This publication contains comprehensive technical guidelines on implementing and operating OFTP2, including use of digital certificates, archiving and integrating into existing IT infrastructures.

Developer guidelines are included for software vendors who wish to add OFTP2 functionality to their products.

Also includes Recommendation for OFTP2 Partner Data Exchange using XML.

(corrections 2024-02)

Reference OP08

Version 3.1

Published Dec 2023

OFTP2 Interoperability Testing Service

Test Cases

Odette tests OFTP2 software products against established Test Cases to ensure that the software complies with the OFTP2 specification (RFC5024) and inter-operates successfully with reference implementations of OFTP2.

This document describes the tests that an OFTP2 software must successfully pass in order to obtain the certificate of "OFTP2 Tested Software" from Odette.

Includes OFTP2 Partner Data XML Exchange - Functionality Tests

Reference OP09

Version 3.1

Published Dec 2023

Reference -

Version -

Published Jul 2019

Security Certificate Exchange (SCX)

This publication details Odette recommendations on establishing trust between business partners by enabling the automated exchange and renewal of digital Security Certificates and the use of a Trust Service Status List (TSL). These recommendations cover processes, interfaces and protocols for certificate exchange, trust and verification and for achieving the security levels required by business partners for data exchange processes in their commercial and product development relationships.

Reference SE01

Version 1.0

Published Jan 2009

Security and Risk Reduction (S2R)

This publication defines common security policies, measures and techniques to be implemented between partners with regards to security certificate use. The recommendations cover roles and responsibilities, common risk schema and classification of data, basic security requirements, password policies and data privacy considerations for business partners across the supply chain.

Reference SE02

Version 1.0

Published Apr 2006

Odette OFTP2 Partner Details Exchange via XML Generator

OFTP2 PDX XML Generator

Online tool developed to simplify the management of partner master data.

Acts as a bridge between solutions with full PDX XML capability and those without by allowing users to generate or view PDX XML data sheet in the correct standard format.

Data sheets generated with the tool are stored on the users local machine only. They are not stored centrally by Odette.

Available to use free of charge.

Reference -

Version 1.0

Published Jun 2024