[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure ???? over the Internet

To: Dave Darnell <dave_d@xxxxxxxxxxxxx>, Mats Jansson <mjansson@xxxxxxxxxxx>, ietf-ediint@xxxxxxx
Subject: Re: Secure ???? over the Internet
From: Robert Moskowitz <rgm3@xxxxxxxxxxxx>
Date: Tue, 21 May 1996 13:27:58 -0400
Sender: owner-ietf-ediint@xxxxxxx

At 09:46 AM 5/21/96 -0700, Dave Darnell wrote:
>
>OK, I see where you are coming from -- many FORTUNE 1000 level corporations
>probably operate as HUBs and own their own EDI GATEWAY SYSTEM that SPOKE
>TP's can log into and retrieve/deposit their EDI transactions.

Right.

>I can see where FTP with Kerberos and encrypted EDI files would be the
>easiest way for a HUB to migrate to Internet EDI, and not store-and-forward
>oriented SMTP/MIME.

Heck with encrypted EDI files, anonymous FTP works.  Kerberos will just get
in the way.  I don't care if Budd grabs Dana's files, they can't do anything
with them.  And since puts will be processed immediately and not stored
(HTTPD CGI as a minimal solution), once we decrypt, we KNOW who it came from.

>In that case --- use PGP to encrypt your files and allow users to log into a
>Kerberos protected FTP EDI Application Server.

I would LOVE to use PGP today.  Just I have some problems with it.  The
least of which is to get it on all IBM platforms.  I have personally been
arguing this with them.  They on their part have been taking NSA's position,
and only seem to have PLANs for S/MIME.

And again, why would I need Kerberos.  We are doing Kerberos internally.  I
know its scaling problems.  Don't know  if I want to burden and
international trading group with it.

>But I still think that SMTP/MIME is the way to go in order to roll out EDI
>to the 95% of our 6 million Small to Medium sized Enterprises (SME's) that
>do not have EDI now.  E-mail is easy, cost effective and requires a minimum
>of training/support.  Of course you could argue for FTP/HTTP like this also.

As SMEs move to EDI driven manufacturing, they will not be satisfied with
SMTP based EDI.  Our SMEs (only a few thousand) are in this class.  But EDI
for bids and purchase orders, SMTP will hunt.

>SO what is the answer - don't ask me - I am just a dumb Texan stuck in the
>Arizona desert (I like it here - it's a "dry heat"!)  :-)

Stay out of the daytime heat :)   (I've cousins in Phoenix, been there, will
take real weather.)

Robert Moskowitz
Chrysler Corporation
(810) 758-8212

Prev by Date: Re: Secure ???? over the Internet
Next by Date: Re: Secure ???? over the Internet
Previous by thread: Re: Secure ???? over the Internet
Next by thread: Re: Secure ???? over the Internet
Index(es):
- Date
- Thread