I am trying to develop an integration that conforms to NAESB (Retail Gas Quadrant) standards. Part of the standard states that electronic transport to partners must be done through AS2 (http) and PGP encryption. I understand that webMethods only supports S/MIME version 2 encryption. Can anyone share experiences or provide feedback on a solution for using PGP encryption with AS2 protocol?
Thanks in advance.
I haven’t worked with NAESB so far, so maybe I do not fully understand your problem. But here are my thoughts:
S/MIME encryption is part of AS2 standard. If so, what you are trying to achieve is sending mime message with only some payload encrypted using PGP, right? In this case encrypt attachment or body of mime using pgp, add it to properly constructed mime message and send as unencrypted AS2 message. Then you get AS2 advanatages (http transfer protocol, mdns, etc) and your partner can decrypt attachment/body of message using pgp.
Thanks for the quick response. Yes, I have thought of that design already. However, there are a couple of problems with the inbound transaction.
How will I modify the processMsg service in such a way where the PGP encyption is complete BEFORE the MDN response is sent back to the partner? That is the challenge for me so far…
Any further input? Thanks again for your feedback.
If your MDN communication is asynchronous, I’m assuming you could write a custom service to decrypt your data, perform various checks and then send a status message back to enable an MDN?
I’m not sure if that exactly will work, but if there is a way to leverage the asynchronous MDN, then you have some flexability.