[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: EDIINT and HIPAA

To: dick@xxxxxxxx, Terry Harding <tharding@xxxxxxxxxxxxxxxxxxx>, Gunther Schadow <gunther@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: EDIINT and HIPAA
From: "K.W. Chan" <kingchan@xxxxxxxxxx>
Date: Fri, 3 Nov 2000 08:57:20 +0800
Cc: Rik Drummond <rvd2@xxxxxxxxxxxxxxxx>, Kepa Zubeldia <Kepa.Zubeldia@xxxxxxxxxxx>, CLEM <clem@xxxxxxxxxxxxxxxxxx>, Gary Crough <gcrough@xxxxxxxxxxxxxxxxxxx>, Beth Morrow <Beth@xxxxxxxxxxxxxxxxx>, "David@Drummondgroup. Com" <david@xxxxxxxxxxxxxxxxx>, GISB1@xxxxxxx, ietf-ediint@xxxxxxx
List-archive: <http://www.imc.org/ietf-ediint/mail-archive/>
List-id: <ietf-ediint.imc.org>
List-unsubscribe: <mailto:ietf-ediint-request@imc.org?body=unsubscribe>
Sender: owner-ietf-ediint@xxxxxxxxxxxx

Title: RE: EDIINT and HIPAA

Hi,

I am a new comer to this group. Can anyone kindly point to me some useful sources to study how XML influences the development of Internet EDI? In various places, I see mentioning that EDI is dead because of the proliferation of XML. I don't understand this. Conventional EDI requires translators to integrate with backend applications. XML will not do away with this, but will perhaps make it easier for organizations to write their own translators.

Is XML a hype or really a catalyst for next generation of EDI?

K. W.

-----Original Message-----
From: Dick Brooks [mailto:dick@xxxxxxxx]
Sent: Friday, November 03, 2000 7:55 AM
To: Terry Harding; Gunther Schadow
Cc: Rik Drummond; Kepa Zubeldia; CLEM; Gary Crough; Beth Morrow; David@Drummondgroup. Com; GISB1@xxxxxxx; ietf-ediint@xxxxxxx

Subject: RE: EDIINT and HIPAA

Terry, my answers are inline:

> This may have been mentioned in your email, but i must ask.
>
> You mentioned within your email, that AS2 supports two distinct types of
> packaging,
> a GISB style and an AS1 style. EDIINT(AS1) also specifies two packaging
> standards,
> one based around S/MIME(RSA) and another around openPGP(PGP).
>
> Will the gas industry support an AS2 compliant product which
> produces a GISB
> style message using RSA security, or must the security layer be PGP as in
> your example...

GISB has been using PGP to encrypt and sign EDI data since 1997 so this will
remain their "crypto" standard. GISB REQUIRES the use of RSA public key
algorithms to process EDI data. RSA algorithms are supported in PGP.

The GISB/AS2 interoperability profile packages "PGP processed" data inside a
multipart/signed or multipart/encrypted MIME envelope, in accordance with
AS2 specifications. The entire multipart/* MIME envelope and encrypted data
is then placed inside a multipart/form-data package. Here is what the entire
package looks like when it's all put together (indention used to indicate
layering only):

Content-Type: multipart/form-data; boundary="foo"

message headers are packaged here (To=XXX, From=YYY, etc.)

Content-Type: multipart/encrypted; boundary="foo2";
protocol="application/pgp-encrypted"

Content-Type: application/pgp-encrypted

Content-Type: application/octet-stream

Content-Type: application/EDI-X12 (signed/encrypted using PGP)

ISA*.....X12 data (signed/encrypted using PGP)

With regard to an earlier reference to the AS1 packaging style within AS2; I
believe the new AS2-To and AS2-From header fields are incompatible with AS1
so we might want to refer to this "new packaging style" as the AS2/email
packaging style in the next version of the AS2 spec and remove references to
AS1. Would you agree?

Regards,

Dick Brooks
Group 8760
110 12th Street North
Birmingham, AL 35203
dick@xxxxxxxx
205-250-8053
Fax: 205-250-8057
http://www.8760.com/

InsideAgent - Empowering e-commerce solutions

Prev by Date: RE: EDIINT and HIPAA
Next by Date: AD review of EDIINT documents (was RE: Status and Future of EDIINT)
Previous by thread: RE: EDIINT and HIPAA
Next by thread: RE: EDIINT and HIPAA
Index(es):
- Date
- Thread