Folks,
In preparing for a presentation at the Vancouver SPEEDE/ExPRESS
conference, last week, I cobbled together the core of a specification
for doing EDI as a MIME body part. The purpose of the spec is to
trigger discussion, rather than to be submitted (yet) for
registration. I have had *some* discussions with others about the
spec, but not much and not with many.
I am copying both the edi and 822 lists since this affects both and
neither has much background with the other. My guess is that whatever
initial discussion takes place should be moved to (perhaps) a special
email list for this. Anyone volunteer to establish one?
(For the 822 list, the conference was for academic institutions using
formal, official, standardized X12 EDI to send student transcripts.
My view is that their data should, therefore, be treated simply as
generic EDI.)
Two technical issues were raised at the conference and viewed as
barriers to use of email:
1. Reliability/performance, especially with respect to the sending of
large files. I notes that Mime fragmentation is the answer to the
large-file issue, though it is not yet in heavy use. End-to-end
reliability is being addressed (pun?) by the proposals for delivery
ack. Performance is a matter of debate.
2. Security. This stuff at least needs authentication, data integrity
and confidentiality. There is a strong faction within the
SPEEDE/ExPRESS community that prefers use of FTP because it does not
let the data reside in a transit disk queue for unknown periods of
time. I agree with this concern, with respect to *current* email
operations, but note that these requirements are entirely in line with
the mail security work already underway. I.e., they must be solved
anyhow.
I am attaching the draft spec because it is quite short and because it
is too close to the IETF meeting to get it put into the I-D repository.
- - - - -
Internet Draft Application/EDI-X12 (Expiration: 4/94)
D. Crocker
Network Working Group D. Crocker
Internet Draft:
Expiration <4/94>
MIME Application/EDI-X12:
A Working Draft Proposal
Status of This Memo
This is a preliminary draft document, intended for eventual
submission to the IETF working group process. At this stage, the
document should be viewed strictly as a think-piece, with
comments, corrections, etc. eagerly sought.
Summary
Inter-organization information exchanges often involve highly
regularized transactions. In recent years, many such
transactions have been specified in terms of a technology known
as EDI (Electronic Data Interchange). One line of this work has
been done by the ANSI X12 working group. This document specifies
the fram ework for transmission of ANSI X12 EDI transaction units
within MIME message.
Table Of Contents
1. Introduction
2. Header-Set Content-Subtype Usage in MIME
3. APPLICATION/EDI-X12 Specification
4. APPLICATION/EDI-X12 Usage
5. References
6. Security Considerations
7 Acknowledgments
8. Contact
1. Introduction
<<This will give some background, motivation, summary of utility,
and summary of work remaining.>>
2. Header-Set Content-Subtype Usage in MIME
Header-Set information is specified by:
MIME type name: APPLICATION
MIME subtype name: EDI-X12
Required parameters: TS (see below)
Optional parameters: none
Encoding considerations: none
Security considerations: See separate section in the
document .
Published specification: Contained in the following section.
Rationale: The ANSI X12 EDI specifications are
accepted standards for a class of
inter-organization transactions;
this permits their transmission
over the Internet, via email
Contact-info: See Contact section, below.
Detail specific to MIME-based usage:
This is a generic mechanism for sending any ANSI X12
transaction set. The TS parameter on the Content-type
header is used to specify the particular EDI transaction set
that is included.
3. APPLICATION/EDI-X12 Specification
The APPLICATION/EDI-X12 MIME body-part contains data as specified
for electronic data interchange by ANSI X12.
4. APPLICATION/EDI-X12 Usage
Assume that a user is sending data from the FOO file system, with
its file-system specific information registered as
Application/Filesys-FOO, and the user data containing US-ASCII
text:
To: <<recipient organization EDI email address>>
Subject:
From: <<sending organization EDI email address>>
Date:
Mime-Version: 1.00
Content-Type: APPLICATION/EDI-X12; TS=146 (request transcript)
<<standard ANSI X12 EDI Transaction set goes here>>
5. References
[Bore92] Borenstein, N. & Freed, N., RMime (Multipurpose
Internet Mail Extensions): Mechanisms for
Specifying and Describing The Format of Internet
Message Bodies. March, 1992, Network Information
Center, Rfc 1341.
6. Security Considerations
EDI transactions typically include senstivie data, so that
transmission usually at least needs to account for
authentication, data integrity, privacy, and access control
concerns. This specification permits transmission of such
sensitive data via Internet mail. It does not provide special
security-related mechanisms. As needed and appropriate, such
mechanisms MUST be added to the Internet EMail service for this
capability to provide sufficient protection of EDI records.
7 Acknowledgments
8. Contact
Name: David H. Crocker;
Email: dcrocker(_at_)mordor(_dot_)stanford(_dot_)edu;
Phone: +1 408 246 8253; Fax: +1 408 249 6205>