EDIINT: AS1, AS2, AS3 Standard Guides
EDIINT AS1, AS2, AS3 is neither an invention nor replacement of the SMTP, HTTP, and FTP protocols, which have long existed before. Companies can still transmit data via HTTP, SMTP or FTP without the use of AS1, AS2, or AS3. The goal of the technology was to standardize the way the message is packaged, secured and sent, so that all trading partners could use a standard way of transmitting the data instead of each of them using their own custom method of SMTP, HTTP or FTP. For example, a VCR can be guaranteed to connect to the television by using RCA cables.
EDIINT software vendors have to go through interoperability testing process conducted by the Drummond Group, Inc. Some large size hub companies like Wal-Mart will not allow the use of non-certified EDIINT software vendors.
Security: According to the IETF. There are several security techniques that could be used for EDIINT. Either Secure MIMEv3 or PGPMIME. AS2 also supports the use of HTTPS (SSL/TLS) for secure channel connections. Documents sent using AS1/AS2/AS3 may use any combination of singing and/or encrypting methods, using standard PKCS#7 functions in a number of vendor libraries. AS2 testing has used up to 1024bit keys for Public Key encryption, 128bit keys for Symmetric encryption, SHA1 and MD5 for hashing and Triple-DES (3DES) for encryption.
AS2 will support larger keys and other algorithms as they become readily available. Utilizing a certified software vendor guarantees the availability of these security features. Also, the EDIINT software is usually user-friendly enough and makes it easy to select these security options. The process almost always involves the exchanging of certificates with trading partners. The messages sent via AS2 can be signed and/or encrypted depending on the requirements of the trading partner.
MDN Technical Overview: MDN stands for Message Disposition Notification. Typically trading partners will want some kind of confirmation that the data transmitted was successfully sent. Upon the receipt of the data and successful signature or decryption validation an MDN message is sent to the sender for confirmation. This MDN message can be sent back via HTTP/HTTPS immediately via AS2 w/ “Sync” MDNs or at a later time via AS2 w/ “ASync” MDNs. The MDN option maybe turned off if trading partners agree that no such confirmation is required. Also, the MDN maybe sent back via EMAIL which is very rare. The security and EDIINT method of choice is always subject to agreement between the trading partners.
To learn more about EDI communication methods and become a certified EDI Professional please visit our course schedule page.