Sent for Bill Morgan by David Peet:
There currently is no "AS3".
For the past three years, bTrade has been facilitating a healthy exchange of opinions in this great debate.
Secure FTP is an established technology that leverages SSL to protect the session.
"SMIME-ing" the payload is easily achievable for a nested security schema, as is DES, 3DES, AES, PGP, etc.
Message Disposition Notifications are foreign to FTP servers and would thus present a formidable barrier to adoption by current S/FTP environments.
Finally, there is still the great firewall policy debates relating to exposing FTP ports to the Internet.
That is why Virtual Private Networks were created, to leverage the Internet for secure business communications without the risk of exposing FTP ports.
Those of us who have provided EDIINT solutions over the past two or three years have always understood these "FTP" challenges and have responded in kind to market demands. To date, the market has demanded Secure FTP, AS1, and AS2.
An AS3 offering can quickly be released by most of us, but adoption rates will not be nearly as high as AS1 or AS2, if AS3 gains traction at all.
However, AS3 offerings may provide a degree of consternation by those trying to simplify and consolidate secure Internet communications.
Regarding ebXML, the Message, Routing, and Transportation standard is agnostic to SMTP, HTTP, or FTP communications.
Furthermore, the ebXML protocol was carefully crafted to be neutral of all transport protocols.
HTTP, FTP, SMTP or any other "P" can be used within an ebXML framework.
By the way, did you hear about bTrade's AS4?
Executive Vice President,
Chief Solutions Officer
I strongly suggest we take up the issue of demand. Cyclone has been servicing market demand for this capability for several years in production hardened environments and would be happy to argue in favor of FTP as a valid transport for EDIINT.
Alternatively, the role of FTP within the ebXML standard could be elevated to achieve the same desired functionality with the advantage of what ebXML brings to the table.
Either way, the absence of FTP as a transport for secure B2B messaging is an obvious hole. FTP is a valid transport with an enormous amount of existing infrastructure - it ought to be elevated in the appropriate standards, be it EDIINT, ebXML, or both.
I'm happy to actively participate in any initiatives in this regard.