Configuring local FTP users / Configuring AS3 for Local FTP Mailbox
Parent topic: Configuring AS3 for Local FTP Mailbox

Local AS3 settings reference

The AS3 tab contains three sections: Request, MDN Receipt, and Inbound Message Security.

Request
Encrypted
Signed
These fields allow you to specify the combination of attributes (with respect to S/MIME format ) of the message you want to send to the remote AS3 client.
  • Unsigned/unencrypted (neither the Encrypted nor Signed check boxes are selected)
  • Signed (only the Signed check box is selected)
  • Encrypted (only the Encrypted check box is selected)
  • Signed / Encrypted (both the Signed and Encrypted check boxes are selected)
Receipt
Enables the MDN Receipt section, where you specify attributes related to a receipt for your message.
Encryption Algorithm
This field is enabled when you select the Encrypted check box. It allows you to choose an encryption algorithm for the message. The remote AS3 client must be able to decrypt the message using the algorithm you choose. For a non-VersaLex AS3 client, it is important to verify the algorithms it is capable of handling prior to sending an encrypted message. The default encryption algorithm is TripleDES.  See Cryptographic Services for more information on choosing an encryption algorithm.
Key Algorithm
When Encrypted is selected, the Key Algorithm field is enabled and allows you to choose the algorithm to encrypt the content encryption key with the public key of your trading partner’s encryption certificate. Your trading partner uses the private key of their encryption certificate to decrypt the content encryption key that is subsequently used to decrypt the content of the message.
Possible values:
  • RSA(default)
  • RSAES-OEAP
Signature Algorithm
When Signed is selected, the Signature Algorithm is used to encrypt the hash value of the signature with the private key of your signing certificate. Your trading partner uses the public key of your signing certificate to decrypt the hash value of the signature that authenticates you as the sender of the message. When RSA is selected, the selected Hash/MIC Algorithm is used to determine the appropriate signature algorithm, for example, rsaEncryption, sha256WithRSAEncryption, sha384WithRSAEncryption or sha512WithRSAEncryption. If RSASSA-PSS is selected, the combination of the private key of your signing certificate and the hash algorithm is used in conjunction with the RSASSA-PSS algorithm to secure the signature.
Possible values:
  • RSA (default)
  • RSASSA-PSS
Hash/MIC Algorithm
When Signed in the Request section is selected, the combination of the signature algorithm and the selected hash algorithm is used to secure the signature.
Note: If the RSASSA-PSS signature algorithm is used and the SHA-512 hash algorithm is selected, the strength of the signature algorithm of your signing certificate must be SHA256withRSA or better.
When the Signed option in the MDN Receipt section is selected, the selected Hash/MIC Algorithm is used to compute the independent Message Integrity Check (MIC) value that is returned in the MDN Receipt.
Possible values:
  • SHA-1 (default)
  • MD5 (cryptographically weak and should not be used unless no other Hash/MIC algorithm is available)
  • SHA-256
  • SHA-384
  • SHA-512
Compress Content
Select this check box to enable ZLIB compression for the message.
Use compression to conserve bandwidth and improve security when sending large files.
MDN Receipt
When the Receipt check box is selected in the Request section, the fields in an MDN Receipt is enabled for editing. Otherwise, these fields will be disabled.
Signed
When you select the Signed check box, a hash is computed over the content of the sent message using the algorithm you select from the Hash/MIC Algorithm menu.  The recipient returns the MDN with a digital signature and will compute an independent MIC value over the content of the message received (using the same MIC algorithm) and return this value as a Base64-encoded value in the human-readable portion of the MDN.  When the MDN is received, the MIC you selected is compared against the received MIC.  When the MIC values match, the sender is guaranteed that the message read by the recipient was identical to the message that came from the sender and not modified in any way.
Forward MDN to Email
Select this check box to forward a copy of the received MDN to recipient you specify in the Email Address field. 
Synchronous
Asynchronous
Because an AS3 client must connect to your FTP server to send and receive messages, MDNs for AS3 can only be returned Asynchronously as part of a new FTP session.  Depending on whether the user makes a clear or secure connection, MDNs will be returned either via FTP or FTPS. 
Email Address
If you selected the Forward MDN to Email check box, specify the address to which the email should be sent.
Inbound Message Security
Enforce Encryption
Force Signature
Force MDN Signature
Select any combination of Force Encryption, Force Signature and Force MDN Signature options to configure inbound message security for this Local FTP User Mailbox. If a message is received but does agree with these settings, an error is logged and the message is rejected. If a given setting is not selected (which is the default), the message will not be checked for conformance with that security setting.
Parent topic: Configuring AS3 for Local FTP Mailbox
© 2018 Cleo. All rights reserved.