FTP Transport for Secure Peer-to-Peer Business Data Interchange over the Internet
RFC 4823
Document | Type | RFC - Informational (April 2007; Errata) | |
---|---|---|---|
Authors | Terry Harding , Richard Scott | ||
Last updated | 2020-01-21 | ||
Stream | Internent Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized with errata bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 4823 (Informational) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Scott Hollenbeck | ||
Send notices to | (None) |
Network Working Group T. Harding Request for Comments: 4823 R. Scott Category: Informational Axway April 2007 FTP Transport for Secure Peer-to-Peer Business Data Interchange over the Internet Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract This Applicability Statement (AS) describes how to exchange structured business data securely using the File Transfer Protocol (FTP) for XML, Binary, Electronic Data Interchange (EDI - ANSI X12 or UN/EDIFACT), or other data used for business-to-business data interchange for which MIME packaging can be accomplished using standard MIME content types. Authentication and data confidentiality are obtained by using Cryptographic Message Syntax (S/MIME) security body parts. Authenticated acknowledgements employ multipart/signed replies to the original message. Harding & Scott Informational [Page 1] RFC 4823 AS3 Data Interchange for EDIINT April 2007 Table of Contents 1. Introduction ....................................................4 2. Overview ........................................................4 2.1. Overall Operations .........................................4 2.2. Purpose of a Security Guideline for MIME EDI ...............5 2.3. Definitions ................................................5 2.3.1. Terms ...............................................5 2.3.2. The Secure Transmission Loop ........................6 2.3.3. Definition of Receipts ..............................7 2.4. Operational Assumptions and Options ........................8 2.4.1. EDI/EC Process Assumptions ..........................8 2.4.2. Process Options .....................................8 2.4.2.1. Security Options ...........................8 2.4.2.2. Compression Options .......................10 3. Referenced RFCs and Their Contribution .........................10 3.1. RFC 959: File Transfer Protocol [3] .......................10 3.2. RFC 2228: FTP Security Extensions [4] .....................10 3.3. RFC 1847: MIME Security Multiparts [7] ....................10 3.4. RFC 3462: Multipart/Report [12] ...........................11 3.5. RFC 1767: EDI Content [2] .................................11 3.6. RFCs 2045, 2046, and 2049: MIME [1] .......................11 3.7. RFC 3798: Message Disposition Notification [6] ............11 3.8. RFC 3852: CMS [9] and RFC 3851: S/MIME Version 3.1 Message Specification [10] ................................11 3.9. RFC 3850: S/MIME Version 3.1 Certificate Handling [11] ....11 3.10. RFC 3274: Compressed Data Content Type for Cryptographic Message Syntax (CMS) [17] ..................11 3.11. RFC 3023: XML Media Types [16] ...........................12 4. Structure of an AS3 Message ....................................12 4.1. Introduction ..............................................12 4.2. Structure of an Internet EDI MIME Message .................12 5. AS3-Specific Headers ...........................................13 5.1. AS3-From and AS3-To Headers ...............................13 5.2. AS3-Version Header ........................................14 6. FTP Considerations .............................................15 6.1. FTP Security Requirements .................................15 6.2. Large File Transfers ......................................15 6.3. MIME Considerations for FTP ...............................15 6.3.1. Required/Optional Headers ..........................15 6.3.2. Content-Transfer-Encoding ..........................16 6.3.3. Epilogue Must Be Empty .............................16 6.3.4. Message-Id and Original-Message-Id .................16 7. Structure and Processing of an MDN Message .....................17 7.1. Introduction ..............................................17 7.2. Message Disposition Notifications (MDN) ...................19 7.3. Requesting a Signed Receipt ...............................19 7.3.1. Signed Receipt Considerations ......................22 Harding & Scott Informational [Page 2] RFC 4823 AS3 Data Interchange for EDIINT April 2007 7.4. MDN Format and Value ......................................23Show full document text