[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Message From KO/Office
drickards@livgroup.com (Dale Rickards) writes:
: The beautiy of
: X12.58 is that it allows you to choose which ever algorithm you want. Then
: when the security is applied to the EDI transaction set that security method
: is identified so that the receiver is aware which method was used.
Actually, S/MIME (a.k.a. PKCS7) and MOSS also allow the specific algorithm
to be selected. MOSS is the most flexible and most extensible in algorithm
selection and different models for key and certificate management.
Beyond that, MIME allows any program including future encryption applications
to be invoked. Anyone can add thier own program, including proprietary methods.
However, there is a central registry of MIME types, so everyone can agree
upon the name and semantics.
The way I think what will actually happen with the MIME-EDI software is
that it will automatically support future encryption software. The particular
algorithm (e.g. PKCS7 (the name used by S/MIME), MOSS, PGP, MSP, etc.)
is selected by a MIME header. Some algorithms might be built in as subroutine
calls for efficiency, but an external program could be invoked to support
future extensibility, and avoid patent licensing and export problems.
To add a future algorithm, the sysadmin would simply need to edit a
configuration file defining MIME types or link in the program into a
MIME application subdirectory. That's the way current MIME software works,
e.g. Netscape, Eudora, etc.
If X12.58 were used, it would be handled by the X12 translator, not
the MIME email software.
: This
: allows for quick modifications if the security algorithm is somehow broken
: by a third party.
Assuming your TP's X12.58 supports the modified method.
--------------------------------------------------------------------------
Carl Hage C. Hage Associates
<email:carl@chage.com> Voice/Fax: 1-408-244-8410 1180 Reed Ave #51
<http://www.chage.com/chage/> Sunnyvale, CA 94086