RFC 3335 (rfc3335) - Page 2 of 29

MIME-based Secure Peer-to-Peer Business Data Interchange over the Internet

Alternative Format: Original Text Document
< Previous
Next >
RFC 3335                 MIME-based Secure EDI            September 2002


Table of Contents

   1.0   Introduction .................................................3
   2.0   Overview .....................................................4
   2.1   Purpose of a Security Guideline for MIME EDI .................4
   2.2   Definitions ..................................................4
   2.2.1 Terms ........................................................4
   2.2.2 The Secure Transmission Loop .................................5
   2.2.3 Definition of Receipts .......................................5
   2.3   Assumptions ..................................................6
   2.3.1 EDI Process Assumptions ......................................6
   2.3.2 Flexibility Assumptions ......................................7
   3.0   Referenced RFCs and Their Contribution .......................8
   3.1   RFC 821 SMTP [7] .............................................8
   3.2   RFC 822 Text Message Format [3] ..............................8
   3.3   RFC 1847 MIME Security Multiparts [6] ........................8
   3.4   RFC 1892 Multipart/Report [9] ................................8
   3.5   RFC 1767 EDI Content [2] .....................................9
   3.6   RFC 2015, 3156, 2440 PGP/MIME [4] ............................9
   3.7   RFC 2045, 2046, and 2049 MIME [1] ............................9
   3.8   RFC 2298 Message Disposition Notification [5] ................9
   3.9   RFC 2633 and 2630 S/MIME Version 3 Message Specifications [8] 9
   4.0   Structure of an EDI MIME Message - Applicability .............9
   4.1   Introduction .................................................9
   4.2   Structure of an EDI MIME Message - PGP/MIME .................10
   4.2.1 No Encryption, No Signature .................................10
   4.2.2 No Encryption, Signature ....................................10
   4.2.3 Encryption, No Signature ....................................10
   4.2.4 Encryption, Signature .......................................10
   4.3   Structure of an EDI MIME Message - S/MIME ...................10
   4.3.1 No encryption, No Signature..................................10
   4.3.2 No encryption, Signature ....................................10
   4.3.3 Encryption, No Signature ....................................11
   4.3.4 Encryption, Signature .......................................11
   5.0   Receipts ....................................................11
   5.1   Introduction ................................................11
   5.2   Requesting a Signed Receipt .................................13
   5.2.1 Additional Signed Receipt Considerations ....................16
   5.3   Message Disposition Notification Format .....................17
   5.3.1 Message Disposition Notification Extensions .................18
   5.3.2 Disposition Mode, Type, and Modifier Use ....................19
   5.4   Message Disposition Notification Processing .................21
   5.4.1 Large File Processing .......................................21
   5.4.2 Example .....................................................22
   6.0   Public Key Certificate Handling .............................24
   6.1   Near Term Approach ..........................................24
   6.2   Long Term Approach ..........................................24
   7.0   Security Considerations .....................................25



Harding, et. al.            Standards Track
< Previous
Next >