Following consultation with UK national competent authorities we can provide some clarification on connection methodologies:
Software solutions for the wholesaler and dispensing communities must provide for transparency of end-user locations (i.e. physical location, place of business, registered premises) and therefore direct connection to the NMVS where the certificate is stored on the terminal, is the preferred methodology.
Where thin-client/aggregator/concentrator type architecture is used, alignment between certificate and location may be maintained via a centralised certificate-management application.
Compliant operation of this type of system will rely on accurate association of credentials (User-ID, Password and Certificate) with a single Location.
For clarity, ‘Hiding’ of locations behind a single connection to a central system (User ID obscured to the NMVS) will not be compliant.