Internet-Draft EDI-INT Features Header August 2008 Private K. Meadors Internet-Draft Drummond Group Inc. Expires: April 1, 2009 Created: October 1, 2008 Target Category: Informational EDI-INT Features Header draft-meadors-ediint-features-header-05.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Any questions, comments, and reports of defects or ambiguities in this specification may be sent to the mailing list for the EDIINT working group of the IETF Trust, using the address . Requests to subscribe to the mailing list should be addressed to . Copyright Notice Copyright (C) The IETF Trust (2008). Abstract Meadors Expires - April 2008 [Page 1] Draft EDI-INT Features Header October 2008 With the maturity of the EDI-INT standard of AS1, AS2 and AS3, applications and additional features are being built upon the basic secure transport functionality. These features are not necessarily supported by all EDI-INT applications and could cause potential problems with implementations. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119. Feedback Instructions NOTE TO RFC EDITOR: This section should be removed by the RFC editor prior to publication. If you want to provide feedback on this draft, follow these guidelines: -Send feedback via e-mail to kyle@drummondgroup.com, with "EDIINT Features Header" in the Subject field. -Be specific as to what section you are referring to, preferably quoting the portion that needs modification, after which you state your comments. -If you are recommending some text to be replaced with your suggested text, again, quote the section to be replaced, and be clear on the section in question. Table of Contents 1. Introduction...................................................2 2. EDIINT Features Header Syntax..................................3 3. Implementation and Processing..................................3 4. EDI-INT Applications...........................................3 5. Security Considerations........................................4 6. References.....................................................4 6.1 Normative References.......................................4 6.2 Informative References.....................................4 Author's Address..................................................4 1. Introduction EDI-INT applications provide for a secure means of payload document transport. The original intent was for transport of a single EDI or Meadors Expires - April 2008 [Page 2] Draft EDI-INT Features Header October 2008 XML document. However, as AS1 [AS1], AS2 [AS2] and AS3 [AS3] matured, other features and application logic were implemented upon EDI-INT standards. Since these features go beyond but do not violate the basic premise of EDI-INT, a means is needed to communicate to trading partners features which are supported by the originating user agent. The EDIINT Features header indicates the capability of the user agent to support the listed feature with its trading partner without out- of-band communication and agreement. 2. EDIINT Features Header Syntax The EDIINT Features header can appear in the header section of an AS1, AS2 and AS3 message. Its BNF syntax is listed below. Feature = "EDIINT-Features: " Feature-Name *("," Feature-Name) Feature-Name = Feature-Token Feature-Token = %d48-57 / ; 0-9 %d65-90 / ; A-Z %d97-122 / ; a-z "-" ; blank space " " is not allowed The Feature-Token allows for feature names to be specified and can only contain alphanumeric characters along with the hyphen. Feature names are case-insensitive. 3. Implementation and Processing The EDIINT Features header indicates the originating user agent is capable of supporting the features listed. The feature header MUST be present in all messages transmitted by the user agent and not just messages which utilize the feature. Upon examination of the feature header, the trading partner SHOULD assume the user agent is capable of receiving messages utilizing any of the features listed. The features listed MUST be supported by existing IETF RFC or RFC- track Internet-draft standards. These standards MUST describe the feature name which is listed in the header and the means which it should be used. 4. EDI-INT Applications Since AS1 uses email and the EDIINT Features header is not a registered header with IANA, the header MUST be preceded by a "X-" to be used. If the receiving trading partner does not support EDIINT Features, it can choose to ignore the header because of the "X-". Because AS2 and AS3 utilize transports of HTTP and FTP, respectively, which allow the application to ignore headers which it does not Meadors Expires - April 2008 [Page 3] Draft EDI-INT Features Header October 2008 recognize, the addition of the EDIINT Features header in AS2 and AS3 can be done without affecting trading partners who have not implemented the header. AS2 and AS3 applications currently use a version header, AS2-Version and AS3-Version, respectively, to indicate functional support. The EDIINT Features header tremendously improves the purpose and function of the old version header. However, to provide a connection from the old version header and the EDIINT Features header, AS2 and AS3 applications which implement the EDIINT Features header MUST use the version value of "1.2" to indicate the support of the Feature header. Also, since version "1.1" indicates the implementation supports compression [COMPRESS] and "1.2" builds upon "1.1", AS2-Version or AS3-Version of "1.2" MUST support compression regardless of whether it is mentioned as a feature in the EDIINT Features header. 5. Security Considerations Because headers are often un-encrypted, it may be possible for the feature header to be altered. Trading partners MAY consult out-of- band to confirm feature support. 6. References 6.1 Normative References [AS1] RFC3335 "MIME-based Secure Peer-to-Peer Business Data Interchange over the Internet using SMTP", T. Harding, R. Drummond, C. Shih, 2002. [AS2] RFC4130 "MIME-based Secure Peer-to-Peer Business Data Interchange over the Internet using HTTP", D. Moberg, R. Drummond, 2005. [AS3] RFC 4823 "FTP Transport for Secure Peer-to-Peer", T. Harding, R. Scott, 2007. [COMPRESS] draft-ietf-ediint-compression-10.txt "Compressed Data for EDIINT", T. Harding, 2008. [RFC2119] RFC2119 "Key Words for Use in RFC's to Indicate Requirement Levels", S.Bradner,August 1997. 6.2 Informative References Author's Address Kyle Meadors Drummond Group Inc. Meadors Expires - April 2008 [Page 4] Draft EDI-INT Features Header October 2008 4700 Bryant Irvin Court, Suite 303 Fort Worth, TX 76107 USA Email: kyle@drummondgroup.com Full Copyright Statement Copyright (C) The IETF Trust (2008). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. "This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE." Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- ipr@ietf.org. Meadors Expires - April 2008 [Page 5]