[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure ???? over the Internet

To: ietf-ediint@xxxxxxx
Subject: Re: Secure ???? over the Internet
From: PETER_MCKINNEY@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Date: Wed, 22 May 96 12:24:16 -0700
Sender: owner-ietf-ediint@xxxxxxx

     From Dave Crocker-
"*     one could argue that we should not make a standard which is
designed to overcome deficiencies in translators.  if the labeling is there and 
is sufficient to permit differential handling, then users having mixed traffic 
should get translators fixed, if that is an issue.  What's wrong with this line 
of argument?"

The fact that a translator does not nativlet support X12.58 is not a deficiency.
It is like saying that a car is deficient because it does not automatically 
support pulling a trailer.  You have to have a hitch and nrake kight wires 
added.

Your point is bang on, in that the translator and the security module need to be
sensitive to the existence of an secure message and process it correctly.

Cheers

Peter

______________________________ Reply Separator _________________________________
Subject: Re: Secure ???? over the Internet
Author:  Non-HP-owner-ietf-ediint (owner-ietf-ediint@imc.org) at 
HP-Boise,mimegw2
Date:    5/17/96 5:01 PM

At 3:36 PM -0700 5/17/96, Robert C. Lyons wrote: 
>But, as pointed out in my previous message, 
>the recipient may require a warning in
>the MIME header that the X12 interchange 
>was secured via X12.58.
>
>If the recipient's X12.58 software can 
>handle non-secured interchanges (i.e., do 
>nothing to the data), then such a warning 
>would not be needed in the MIME header, 
>since the inbound X12 interchanges can 
>always be passed to the X12.58 software 
>and then to the translator.

ok.  then, here's some additional questions:

  *     how much x12.58 activity is there, really.  last i heard, it was
very small.

  *     one could argue that we should not make a standard which is
designed to overcome deficiencies in translators.  if the labeling is there 
and is sufficient to permit differential handling, then users having mixed 
traffic should get translators fixed, if that is an issue.  What's wrong 
with this line of argument?

  *     MIME multipart security has envelopes for signed and for encrypted
objects.  Why not just use that?

                multipart/signed        parm=application/edi-x12

                        application/edi-x12

        would be roughly what it would look like.  officially, there's
supposed to be a section to hold the signature information but this would 
just use the multipart labeling to make explicit that the data are signed. 
By convention, it would mean x12.58.

        The goal is to make standards that are reasonably clean and
compact.  While one should not ignore the installed base -- ever -- one 
must be careful about the ways in which the installed base distorts things.

d/

--------------------
Dave Crocker                                            +1 408 246 8253 
Brandenburg Consulting                             fax: +1 408 249 6205 
675 Spruce Dr.                                 dcrocker@brandenburg.com 
Sunnyvale CA 94086 USA                       http://www.brandenburg.com

Internet Mail Consortium               http://www.imc.org, info@imc.org

.......................................................................

TO: dcrocker@brandenburg.com,
    owner-ietf-ediint@imc.org

Prev by Date: Re: Decision: Encryption Method/Product
Next by Date: Re: Internet Security
Previous by thread: Re: Secure ???? over the Internet
Next by thread: Re: Secure ???? over the Internet
Index(es):
- Date
- Thread