OFTP2 (= ODETTE File Transfer Protocol version 2)
OFTP2 is a further development of the ODETTE File Transfer Protocol.
OFTP2 can be set up on different transport layers: ISDN, X.25, TCP/ IP. SupplyOn supports
OFTP2 via TCP/ IP (Internet).
Process of the communication
The communication is initiated by one of the partners. After exchange of Odette IDs and passwords, files can be exchanged in both directions. The files receive a pre-configured virtual file name for the transmission. Files can be transmitted via OFTP2 either encrypted or unencrypted. After the transmission a confirmation in form of an End to End Response ( EERP = positive acknowledgment of receipt, EERN = negative acknowledgment) takes place. This End to End Response can take place either immediately after the transmission within the same connection, or the receiver dials in independently to the original sender for transmission.
Hint: SupplyOn allows only an encrypted transmission.
Strength of OFTP2
- OFTP2 allows a restart to the connection after abort. It is not necessary to send the entire file again.
- The implicit End to End Response guarantees correct transmission and processing of the file through the receiver.
- Secure data and connection due to encryption.
SupplyOn OFTP parameter sheet
Should you have decided to transmit your EDIFACT messages with OFTP2, and we have received the contract for this service, you will receive the OFTP parameter sheet with the SupplyOn OFTP parameters. Please fill out this parameter sheet carefully and send it to integration-service@supplyon.com.
OFTP2 encryption
SupplyOn uses with OFTP2 the maximal security settings, including the latest cryptographic algorithms:
A symmetrical encryption using the AES/256 algorithm, the SHA1 digital signature algorithm, data compression and only a signed and encrypted receipt.
OFTP2 parameter & explanations
|
|
OFTP2 Parameter |
SupplyOn Communication |
Explanation |
|---|---|---|---|
| Security | Communication Certificate | trusted | One certificate for communication and signature Trusted: Certificate Authority assigns, administrates and controls certificates. There are Class 2 and Class 3 certificates. Certificates have to be updated at least after 5 years. |
| Digital signature | SHA1 | Before the data is dispatched a signature is generated and attached to the transmission. With the receipt of the message the receiver verifies the signature. This guarantees that the message really comes from the sender. SHA1 is an option of the signature algorithm and is recommended. | |
| Encryption | AES/256 | Advanced Encryption Standard is a symmetrical encryption method that is considered to be the new encryption standard. It is used to encrypt data and the transmission connection. | |
| Transport layer | Internet connection |
● permanent internet connection ● fixed and public URL or IP address mandatory |
A permanent Internet connection has to be granted. |
| Transport Protocol | OFTP2 via HTTPS | HTTPS is a special form of the HTTP Protocol offering increased security via SSL (128 Bit encryption). HTTPS is used to prevent the „monitoring“ during the transmission of sensitive data. | |
| Client Authentication | Authentication | HTTPS Basic authentication with username and password | Authentication of the sending interface system during the receipt. |