Protocol and Standard Specifications

Below are links to documents which detail the specifications for common standards related to e-Business data exchange. Note that many of these documents are "works in progress" which may change over time. For the most up-to-date information visit the Internet Engineering Task Force at: http://www.ietf.org/ and the respective websites listed.

AS1

Abstract: This document describes how to exchange structured business data securely using SMTP transport for Electronic Data Interchange, (EDI -either the American Standards Committee X12 or UN/EDIFACT, Electronic Data Interchange for Administration, Commerce and Transport), XML or other data used for business to business data interchange. The data is packaged using standard MIME content-types. Authentication and privacy are obtained by using Cryptographic Message Syntax (S/MIME) or OpenPGP security body parts. Authenticated acknowledgements make use of multipart/signed replies to the original SMTP message.
Complete document: http://www3.ietf.org/proceedings/02jul/1-D/draft-jeff-edint-as1-17.txt

AS2

Abstract: This document describes how to exchange structured business
data securely using HTTP transfer for XML, Binary, Electronic Data Interchange, (EDI - either the American Standards Committee X12 or UN/EDIFACT, Electronic Data Interchange for Administration, Commerce and Transport) or other data describable in MIME used for business to business data interchange. The data is packaged using standard MIME content-types. Authentication and privacy are obtained by using Cryptographic Message Syntax (S/MIME) security body
parts. Authenticated acknowledgements make use of multipart/signed replies to the original HTTP message.
Complete document:
http://www1.ietf.org/mail-archive/web/ietf-announce/current/msg01383.html

AS3

Abstract: This Applicability Statement (AS) describes how to exchange structured
business data securely using the File Transfer Protocol (FTP) for XML, Binary, Electronic Data Interchange (EDI - ANSI X12 or UN/EDIFACT), or other data used for business-to-business data interchange for which MIME packaging can be accomplished using standard MIME content-types. Authentication and data confidentiality are obtained by using Cryptographic Message Syntax (S/MIME) security body parts. Authenticated acknowledgements employ multipart/signed replies to the original message.
Complete document: target="_blank">http://www.ietf.org/proceedings/03nov/I-D/draft-ietf-ediint-as3-01.txt

ebXML/ ebMS

Introduction: This specification is one of a series of specifications that realize the vision of creating a single global electronic marketplace where enterprises of any size and in any geographical location can meet and conduct business with each other through the exchange of XML based messages. The set of specifications enable a modular, yet complete electronic business framework. This specification focuses on defining a communications-protocol neutral method for exchanging the
electronic business messages. It defines specific enveloping constructs that support reliable, secure delivery of business information. Furthermore, the specification defines a flexible enveloping technique that permits ebXML-compliant messages to contain payloads of any format type. This versatility ensures that legacy electronic business systems employing traditional syntaxes (i.e. UN/EDIFACT, ASC X12, or HL7) can leverage the advantages of the ebXML infrastructure along with users of emerging technologies.
Complete document: http://www.oasis-open.org/committees/ebxml-msg/documents/ebMS_v2_0.pdf

RosettaNet

Link to the business and technical specifications to implement RosettaNet standards: www.rosettanet.org/standards

HTTP

Abstract: The Hypertext Transfer Protocol (HTTP) is an application-level
protocol for distributed, collaborative, hypermedia information systems. It is a generic, stateless, protocol which can be used for many tasks beyond its use for hypertext, such as name servers and distributed object management systems, through extension of its request methods, error codes and headers [47]. A feature of HTTP is the typing and negotiation of data representation, allowing systems to be built independently of the data being transferred.HTTP has been in use by the World-Wide Web global information initiative since 1990. This specification defines the protocol referred to as "HTTP/1.1", and is an update to RFC 2068 [33].
Complete document: http://www.ietf.org/rfc/rfc2616.txt

HTTPS

Abstract: This memo describes how to use TLS to secure HTTP connections over the Internet. Current practice is to layer HTTP over SSL (the predecessor to TLS), distinguishing secured traffic from insecure traffic by the use of a different server port. This document documents that practice using TLS. A companion document describes a method for using HTTP/TLS over the same port as normal HTTP.
Complete document: http://ftp.ics.uci.edu/pub/ietf/http/draft-ietf-tls-https-03.txt

FTP

Introduction: The objectives of FTP are 1) to promote sharing of files (computer
programs and/or data), 2) to encourage indirect or implicit (via programs) use of remote computers, 3) to shield a user from variations in file storage systems among hosts, and 4) to transfer data reliably and efficiently. FTP, though usable directly by a user at a terminal, is designed mainly for use by programs....
Complete document: http://www.ietf.org/rfc/rfc0959.txt

FTP/S

Abstract: This document describes an extension to the FTP protocol [RFC-959]
that allows secured, authenticated communications to take place on the control and data channels using the SSL protocol. This enables secure, authenticated file transfer across the Internet. The document describes a specific mechanism for negotiating SSL session protection in a manner that allows other encryption/authentication techniques to be proposed in a complemetary manner....
Complete document: http://www.ford-hutchinson.com/~fh-1-pfh/draft-murray-auth-ftp-ssl-00.txt