Need AS2 and SFTP Information.

Hi Experts,

I need some information on SFTP and AS2 Protocol. I do not know what are the requirements for these.

My requirement is that I need to send flatfiles to trading partners using AS2 and sometimes SFTP. So, what are the details I need to ask from the trading partner like certificates, encryption keys etc…

I am dealing with sensitive data…so, I need to encrypt them before sending to partner.

What are the different types of AS2 protocol…like http, https…whats the difference between them and also diff between ftp and sftp.

What information do we need for them…and where should be configure in IS. If any of you can list out the steps…It would be really helpful.

Regards,
David.

You are mixing concepts:

1- Data protection: can be done using encryption, digital signature, or combination of both.

2- Data transport: Can be done using secure transport protocols, such HTTPS, FTPS and SFTP.

AS2 protocol does not deal with transport by itselves, is a message exchange definition http://en.wikipedia.org/wiki/AS2 (No idea if supported by wM).

For transport side, IS does support HTTPS and FTPS out of the box, but not SFTP. However I saw some implementations for SFTP in the samples area using a OpenSource framework.

I would say TN gives you already all the needed protection in both areas, data security and transport. Maybe take a look at TN Administrators guide.

Hope this helps :wink:

SFTP is used for secure shell login. Where one unix server communicate to another unix server or windows server using RSA/DSA version public keys.
AS2 is not a protocol, it is a specification.When AS2 is used with HTTP or HTTPS then these protocols bound to behave as per AS2 specifications.
Normally AS2 does handshake process, mean for each and every transaction MDN (Message delivery Notification) is expected, it can be synchronously or asynchronously.

For HTTPS AS2, you need to ask certificates for SSL handshake, signature verification and for encryption. You partner may use same certificate for all the purpose or can use three different certificates.
For SFTP, you need to exchange DSA/RSA version public keys for communication/connection.

You need to decide first what kind of encryption you or your partner will be using. (PGP, GPG, SMIME,Hash based…)

FTP is a normal File transfer protocol.
FTPS : FTP over SSL.
SFTP: Secure shell login and transfer the file.

Regards,
David.
[/quote]

Thanks Vikas…That was really helpful. Will get back to you if I need anymore information.

I will try to get in touch with the trading partner regarding the certificates and will let you know the result.