5.3.6 Web Server Set-up and Authentication
This standard does not define an authentication mechanism for the Web Service based communication between companies. Should the two parties require their communication to be authenticated, they are free to use any of the existing web-based authentication methods including, but not limited to, Basic Auth, HTTP Digest Authentication, HTTPS Client Authentication, OAUTH, etc.