Hi,
Can anybody explain the following points:
- Can EDIINT messages be sent without using a digital certificate?
- If so, how secure is this and what are the main draw backs?
It would be great if anybody could respond soon.
TIA,
Faris
Faris,
I am assuming that you mean not using certificates for EDIINT/payload part and not the actual communications (For HTTPS).
Yes you can send plain EDIINT messages by using the plain option for data/payload security. If this message is sent over a secured communications link, i.e., HTTPS then atleast the transmission part of the data will be secure and it’d not be open/visible during the transmission. But there will be no way for your partner to verify/authenticate if it was sent by you at the data level(as no data/payload security was used - HTTPS/SSL authentication may suffice some authentication requirements).
For SMTP and plain HTTP the data would go in open and will be visible in addition to again no authentication option as described above.
So basically, if you send your data over a secure link there is some transport level security, for a plain open link there is not security.
Hope this helps
~tS
Thanks Tahira,
Got a good idea.
Regards,
Faris