Internet Draft Editor: Terry Harding
draft-ietf-ediint-compression-06.txt Axway
January 2007
Expires July 2007
Target Category: Informational
Compressed Data for EDIINT
Status of this memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress.
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
Harding [Page 1]
�
INTERNET DRAFT Compressed Data for EDIINT July 2007
Keywords
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
[RFC2119].
Abstract
The intent of this document is to be placed on the RFC track as an
Informational RFC.
The EDIINT AS1 and AS2 message formats don't currently contain any
transport neutral provisions for compressing data when utilizing
S/MIME as the secure packaging standard. Compressing data before
transmission provides a number of advantages including
1. reducing data redundancy, and so reducing opportunities for
attacks exploiting redundancy, and
2. reducing the amount of data and so speeding up cryptographic
processing such as signing, encryption, archiving, and
3. reducing the overall transmitted message size, reducing both time
and bandwidth needed for transport.
1. Introduction
This document describes an additional mime layer of compressed data
utilizing a new ContentInfo type for S/MIME. This new compressed-data
content type is defined in S/MIME 3.1, RFC RFC 3851. Further
reference can be found in the reference section under
[COMPRESSED-DATA]. The method of compression outlined in this
document will support any type of business related media. Documents
containing a large percentage of ASCII characters like xml, x12 or
edifact will experience greater compression ratios than documents
consisting largely of binary data. Ex: MSWord documents.
The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
interpreted as described in [RFC2119].
1.1 Compressed-Data Mime Wrapper
The compressed-data cms object will encapsulate a mime wrapped
business document. Implementors are to follow the appropriate
specifications identified under "References" in [MIME-TYPES], for
the type of object being transmitted. For example, to send an XML
object, the MIME media type of application/xml is used in the
Content-type MIME header and the specifications for enveloping the
object are contained in [XMLTYPES];
Harding [Page 2]
�
INTERNET DRAFT Compressed Data for EDIINT July 2007
for example:
Content-type: application/xml; charset="utf-8"
The mime wrapped object will be compressed and placed inside a CMS
compressed-data object as outlined in [COMPRESSED-DATA]. The
compressed data object will be mime wrapped according to details
outlined in [S/MIME3.1], RFC 3851, Section 3.5.
Example:
Content-Type: application/pkcs7-mime; smime-type=compressed-data;
name=smime.p7z
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p7z
MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGg
Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0
fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+
P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2d
UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5P
v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREm
SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6Adrn
vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtg
W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQS
3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri
+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA
Note: Content-Transfer-Encoding would only be required if the mime
wrapped CMS object was transferred via a 7-bit protocol like SMTP
and it was visible in the outer layer of the mime message. If the
compressed-data mime bodypart was place inside of an encrypted mime
bodypart, content-transfer-encoding would not be required on the
compressed-data mime bodypart, but would be required on the
encrypted mime bodypart.
1.2 Structure of an EDI MIME message utilizing compression
When compressing a document which will be signed, the application
MAY compress the inner most MIME body before signing, see Section
1.2.2.1and 1.2.4.1 or MAY compress the outer multipart/signed mime
body, see Section 1.2.2.2 and 1.2.4.2. but MUST not do both within
the same document. The receiving application MUST support both
methods of compression when unpackaging an inbound document.
1.2.1 No encryption, no signature
-RFC822/2045
-[COMPRESSED-DATA](application/pkcs7-mime)
-[MIME-TYPES](application/xxxxxxx)(compressed)
Harding [Page 3]
�
INTERNET DRAFT Compressed Data for EDIINT July 2007
1.2.2
1.2.2.1 No encryption, signature
-RFC822/2045
-RFC1847 (multipart/signed)
-[COMPRESSED-DATA](application/pkcs7-mime)
-[MIME-TYPES](application/xxxxxxx)(compressed)
-RFC2633 (application/pkcs7-signature)
1.2.2.2 No encryption, signature
-RFC822/2045
-[COMPRESSED-DATA](application/pkcs7-mime)
-RFC1847 (multipart/signed)(compressed)
-[MIME-TYPES](application/xxxxxxx)(compressed)
-RFC2633 (application/pkcs7-signature)(compressed)
1.2.3 Encryption, no signature
-RFC822/2045
-RFC2633 (application/pkcs7-mime)
-[COMPRESSED-DATA](application/pkcs7-mime) (encrypted)
-[MIME-TYPES](application/xxxxxxx)(compressed)(encrypted)
1.2.4.1 Encryption, signature
-RFC822/2045
-RFC2633 (application/pkcs7-mime)
-RFC1847 (multipart/signed) (encrypted)
-[COMPRESSED-DATA](application/pkcs7-mime) (encrypted)
-[MIME-TYPES](application/xxxxxxx) (compressed)(encrypted)
-RFC2633 (application/pkcs7-signature) (encrypted)
1.2.4.2 Encryption, signature
-RFC822/2045
-RFC2633 (application/pkcs7-mime)
-[COMPRESSED-DATA](application/pkcs7-mime) (encrypted)
-RFC1847 (multipart/signed) (compressed)(encrypted)
-[MIME-TYPES](application/xxxxxxx) (compressed)(encrypted)
-RFC2633 (application/pkcs7-signature) (compressed)(encrypted)
2. MIC Calculations For Compresed Messages Requesting Signed Receipts
For any signed messages, the MIC to be returned is calculated over
the same data that was signed in the original message as per AS1.
For encrypted, unsigned messages, the MIC to be returned is
calculated over the uncompressed data content including all
mime headers and any applied Content-Transfer-Encoding.
Harding [Page 4]
�
INTERNET DRAFT Compressed Data for EDIINT July 2007
For unsigned, unencrypted messages, the MIC is calculated
over the uncompressed data content including all mime headers
and any applied Content-Transfer-Encoding.
3. Error Disposition Modifier
For a received message where a signed receipt has been requested
and decompression fails, the following disposition modifier will be
returned in the signed mdn.
"Error: decompression-failed" - the receiver could not decompress
4. AS2 Version Header
Any application that supports the compression methods outlined within
this document MUST use a version identifier value of "1.1" or greater
within the AS2 or AS3 Version header as describe in HTTP Transport
for Secure Peer-to-Peer EDI over the Internet, see reference[AS2] and
FTP Transport for Secure Peer-to-Peer EDI over the Internet,
see reference[AS3].
5. Compression Formats
Implementations SHOULD support ZLIB [ZLIB] which utilizes
DEFLATE[DEFLATE], and is free of any intellectual property
restrictions and has a freely-available, portable and efficient
reference implementation.
6. Security Considerations
This document is not concerned with security, except for the fact
that compressing data before encryption can enhance the security by
reducing redundancy of the file. The lower the redundancy of the
plaintext being encrypted, the more difficult the cryptanalysis, see
reference[CRYPTANALYSIS].
Author's Addresses
Terry Harding
Axway
Scottsdale, Arizona, USA
tharding@us.axway.com
References
Normative References
[AS2] HTTP Transport for Secure Peer-to-Peer EDI over the Internet
draft-ietf-ediint-as2-11.txt, 2002.
Harding [Page 5]
�
INTERNET DRAFT Compressed Data for EDIINT July 2007
[AS3] FTP Transport for Secure Peer-to-Peer EDI over the Internet
draft-ietf-ediint-as3-03.txt, 2005.
[RFC2119] Key Words for Use in RFC's to Indicate Requirement Levels,
S.Bradner, March 1997.
[ZLIB] RFC1950 ZLIB Compressed Data Format Specification version 3.3,
P.Deutsch and J-L Gailly, May 1996.
[DEFLATE] RFC1951 DEFLATE Compressed Data Format Specification version
1.3, P.Deutsch, May 1996.
[S/MIME]RFC2633 S/MIME Version 3 Message Specification, B.Ramsdell,
June 1999.
[S/MIME3.1]S/MIME Version 3.1 Message Specification, B.Ramsdell,
July 2004. RFC 3851
[MIME-TYPES] "Media Types," http://www.isi.edu/in-
notes/iana/assignments/media-types/media-types.
[XMLTYPES] E. Whitehead, M. Murata, "XML Media Types", RFC 2376,
July 1998.
[COMPRESSED-DATA] P. Gutmann, "Compressed Data Content Type for CMS",
RFC 3274, June 2002.
[CRYPTANALYSIS] B. Schneier, "Self-Study Course in Block Cipher
Cryptanalysis", http://www.counterpane.com/self-study.html, Jan 2000.
Acknowledgements
A number of the members of the EDIINT Working Group have also worked
very hard and contributed to this document. The following people
have made direct contributions to this document.
David Fischer, Dale Moberg, Robert Asis and everyone involved in the
AS1, AS2 Interop testing during 2002.
Disclaimer
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Harding [Page 6]
�
INTERNET DRAFT Compressed Data for EDIINT July 2007
Copyright Statement
Copyright (C) The Internet Society (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Expires July 2007
Harding [Page 7]
�