RE: CPA and overrides

[Dick Brooks <dick@8760.com>]

Maryann,

Speaking strictly from the standpoint of the Energy industry use of AS2, no
"override"
functionality is being permitted with regard to delivering receipts. All
receipts must
be delivered synchronously over the same session used to send a message. So,
overrides
aren't an issue here.

However, I don't believe overrides are a major security issue with AS2 as
long as the following
are true:

- The sender provides some form of authentication for access control when
sending data (with overrides)
- The sessions used to send data are encrypted (TLS/SSL)
- Messages are digitally signed by the sender
- Man in the middle attacks are prevented (using hard addresses, NO DNS
resolution)

AS2 provides the functionality to accomplish all of the above to ensure a
secure message exchange.

Dick Brooks
Group 8760
110 12th Street North
Birmingham, AL 35203
dick@8760.com
205-250-8053
Fax: 205-250-8057
http://www.8760.com/

InsideAgent - Empowering e-commerce solutions

> -----Original Message-----
> From: Maryann Hondo [mailto:mhondo@us.ibm.com]
> Sent: Friday, February 23, 2001 8:17 AM
> To: Dick Brooks
> Cc: rsalz@CaveoSystems.com; ebxml-transport@lists.ebxml.org;
> maw2@daimlerchrysler.com
> Subject: RE: CPA and overrides
>
>
> List-Unsubscribe:
>  <mailto:ebxml-transport-request@lists.ebxml.org?body=unsubscribe>
> List-Archive: <http://lists.ebxml.org/archives/ebxml-transport>
> List-Help: <http://lists.ebxml.org/doc/email-manage.html>,
>  <mailto:ebxml-transport-request@lists.ebxml.org?body=help>
>
> Am I the only one who is concerned about this from a security view?
> if we allow for "overrides" .....what is the model of who overrides what?
> can i override the "to" part or the "from" part (particularly if i want to
> muck up the works of my
> competition a bit) can i "override" the https protocol with http? and what
> about "intermediaries"?
> are they allowed to "override" things?
>
> how does as2 provide for this type of override? is this ok? is it
> up to the
> receiving
> app to determine if the transaction came over a secure channel?  whose
> liability is it
> if the sender sends data over an insecure link when a secure link was
> agreed to and
> some information is "stolen"? are these issues addressed in as2?
>
> i could see defining a default which is used instead of a cpp/cpa or if
> there is no cpa referenced,
> but i would want to know how the security piece was agreed to by both
> parties and how it is possible to
> verify that the correct mechanism was used.
>
>  Maryann
>
>
> Dick Brooks <dick@8760.com> on 02/23/2001 08:44:19 AM
>
> To:   rsalz@CaveoSystems.com, ebxml-transport@lists.ebxml.org,
>       maw2@daimlerchrysler.com
> cc:
> Subject:  RE: CPA and overrides
>
>
>
> I agree with Martha and Rich. Forcing a CPA/CPP module onto an
> MSH solution
> is an unnecessary burden on those
> needing simple, "direct" file transfer over a single transport, which is
> the
> majority of implementations
> in the Energy industry. The EDIINT AS2 specification made provisions for
> multiple transport options by adding
> a "receipt-delivery-option" header.  This header contains a URI indicating
> the transport and delivery point (e.g.
> http://b2b.imacompany.com/cgi-bin/ebxmlhandler or
> mailto:ebxmlhandler@imacompany.com ) to send an asynchronous receipt
> (acknowledgement).
>
> CPA/CPP functionality is a nice feature for some, but it shouldn't be a
> requirement for ALL. If alternate delivery channels are needed for
> *acknowledgements* then I suggest a solution like that found in AS2.
>
> Dick Brooks
> http://www.8760.com/
>
>
> -----Original Message-----
> From: rsalz@CaveoSystems.com [mailto:rsalz@CaveoSystems.com]
> Sent: Friday, February 23, 2001 7:57 AM
> To: ebxml-transport@lists.ebxml.org; maw2@daimlerchrysler.com
> Subject: Re: CPA and overrides
>
>
> List-Unsubscribe:
>  <mailto:ebxml-transport-request@lists.ebxml.org?body=unsubscribe>
> List-Archive: <http://lists.ebxml.org/archives/ebxml-transport>
> List-Help: <http://lists.ebxml.org/doc/email-manage.html>,
>  <mailto:ebxml-transport-request@lists.ebxml.org?body=help>
>
> As I recall the discussion of "override" from the telecon's of a couple
> of weeks ago, the concern was that an MSH not be able to change the
> delivery semantics that were specified in the CPA.  For example, a
> UDP-based MSH could not accept a message intended for ReliableMessaging,
> but then silently use BestEffort.
>
> *IF* we put all the delivery semantics into the ebXML message header,
> then this question mostly goes away, because there is no CPA involved:
> it becomes a quality of implementation issue for how the business app
> tells its local MSH what semantics are required *by the business
> agreements.*
>
> Requiring an MSH to have to refer to a CPA is clearly a layering
> violation.
>
>      /r$
>
> ------------------------------------------------------------------
> To unsubscribe from this elist send a message with the single word
> "unsubscribe" in the body to: ebxml-transport-request@lists.ebxml.org
>
>
> ------------------------------------------------------------------
> To unsubscribe from this elist send a message with the single word
> "unsubscribe" in the body to: ebxml-transport-request@lists.ebxml.org
>
>
>
> ------------------------------------------------------------------
> To unsubscribe from this elist send a message with the single word
> "unsubscribe" in the body to: ebxml-transport-request@lists.ebxml.org
>