πŸ“– eUICC.tech ← All Stories 🏠 Home
Page 1 of 7
πŸ”Œ TELEPHONE SWITCHBOARD ES1 ES2 ES3 ES4 ES5 8 interfaces: ES1 through ES8

πŸ”Œ How All the Helpers Talk

ES1 Through ES8: The Off-Card Interfaces

A story of telephone lines, secret connections, and the 8 channels that let helpers share secrets

Page 2 of 7
Page 3 of 7
🏭 EUM πŸ›οΈ CI πŸ”‘ SM-DP 🦾 SM-SR πŸ“‘ Operator πŸš› M2M SP Every pair needs a dedicated conversation channel!

πŸ—£οΈ So Many Helpers, So Many Conversations

With six different helpers in the M2M system, there are a lot of conversations happening at once! The EUM talks to the CI. The SM-DP talks to the SM-SR. The Operator talks to both the SM-DP and SM-SR. SGP.02 defined 8 standard interfaces (ES1–ES8) so all these channels are secure and standardised.

Page 4 of 7
ES1: Ordering πŸ“‘ Operator ⬇ order profiles πŸ”‘ SM-DP ES2: Reporting πŸ“‘ Operator ⬆ gets updates 🦾 SM-SR "Build profile for #8721!" "Profile #8721 is live!" Ordering (ES1) and Reporting (ES2) The Operator's two direct lines

πŸ“‘ ES1 & ES2: Ordering and Reporting

ES1 is the ordering line: the Fleet Owner tells the Key Factory "make me a profile for this robot." ES2 is the reporting line: the Commander sends status updates back to the Fleet Owner, like "profile installed successfully" or "robot #8721 is now on Network B." Order and report: the heartbeat of the fleet!

Page 5 of 7
ES3: Key Factory ↔ CMDR πŸ”‘ SM-DP ↔ mutual auth, EIS query 🦾 SM-SR ES4: Vault ↔ Key Factory πŸ›‘οΈ eUICC (chip) ↔ secret handshake πŸ”‘ SM-DP ES4: The Secret Handshake 1. SM-DP sends its ID badge β†’ eUICC checks CI 2. eUICC sends random challenge β†’ SD-DP signs it 3. Both compute shared secret β†’ SCP03t encrypts profile This is the MOST important interface in the whole system

πŸ”‘ ES3 & ES4: The Key Factory Conversations

ES3 is the line between the Key Factory and the Commander: they ask about robot identities, send encrypted profiles for relay, and check each other's certificates. ES4 is the most critical interface: it's the secure tunnel from the Key Factory directly to the robot's vault chip, where all the secret handshake math happens!

Page 6 of 7
ES5: Vault ↔ Commander Profile management (through ISD-R) ES6: Vault ↔ Fleet Mgr Direct management line (ISD-R) ES7: CMDR Handover Old SM-SR β†’ New SM-SR ES8: Chip ↔ Factory EUM ↔ CI (birth certificate) πŸ”Œ 8 Interfaces = 8 Secure Channels ES3-ES4: Key Factory's world ES5-ES6: Direct chip access (ISD-R)

πŸ”Œ ES5–ES8: Every Pair Gets a Line

ES5 and ES6 connect directly to the robot's ISD-R channel for local profile management. ES7 is the special handover line when Commanders change. ES8 is the chip-building line: the EUM and CI exchanging certificates when a new robot is born. Eight interfaces, six helpers, one seamless system!

Page 7 of 7
πŸ”Œ Switchboard ES1 through ES8 All standardised All secured with certificates ES1 ES2 ES3 ES4 ES5 ES6 ES7 ES8 Every connection defined, every path secure

The ES interfaces are the invisible plumbing of eSIM. They don't live on the chip: they're off-card, running between servers in data centres around the world. Every ES interface uses mutual TLS with certificates signed by the CI, ensuring that every conversation is authenticated end-to-end!

πŸ“š Read the Next Story!

βš–οΈ Next: Three Kinds of eSIM β†’

πŸ“– Back to All Stories

⬆ ⬇