The DCP SignedServiceMetadata data structure includes a Certificate Element. Several implementers have questioned whether this element is expected to be used to meet the mutual TLS requirement.
This element is a mandatory part of the underlying OASIS SMP Specification. As such, the Council’s profile for the DCP has not neither modified nor removed this constraint. This ensures that the Council’s DCP Implementation Guidance is conformant with the OASIS Standards and ensures implementers can leverage already available open source SMP solutions.
However, the Council’s eInvoicing use case does not have a direct requirement to use the information contained in this element. It is NOT intended for this element to be populated with an Access Point’s mutual TLS certificate.
A clarification statement will be added to the DCP Implementation Guide when the next material update occurs.