Select encryption and signing for sending messages and optional security for receiving
messages. If an MDN receipt is required, you can also select the format and delivery method of
that receipt.
- Request
- Specify the S/MIME format for messages to send to the remote host.
- Unsigned / unencrypted (neither Encrypted nor
Signed selected)
- Signed (only Signed selected)
- Encrypted (only Encrypted selected)
- Signed / Encrypted (both Signed and
Encrypted selected)
- Receipt
- Enables the MDN Receipt section. See MDN Receipt.
- Encryption Algorithm
- When Encrypted is selected, the Encryption
Algorithm field is enabled and allows you to choose the encryption
algorithm for the message to be sent to the remote host. The remote host must be able to
decrypt the message using the algorithm you choose. For a non-VersaLex
trading partner, it is important to verify that your trading partner can use the
selected algorithm prior to sending an encrypted message. The default encryption method
is TripleDES. See Cryptographic Services for more
information on choosing an encryption algorithm.
- Key Algorithm
- When Encrypted is selected, the Key
Algorithm field is enabled and allows you to choose the algorithm to
encrypt the content encryption key with the public key of your trading partner’s
encryption certificate. Your trading partner uses the private key of their encryption
certificate to decrypt the content encryption key that is subsequently used to decrypt
the content of the message.
- Possible values:
- Signature Algorithm
- When Signed is selected, the Signature
Algorithm is used to encrypt the hash value of the signature with the
private key of your signing certificate. Your trading partner uses the public key of
your signing certificate to decrypt the hash value of the signature that authenticates
you as the sender of the message. When RSA is selected, the
selected Hash/MIC Algorithm is used to determine the appropriate
signature algorithm; for example, rsaEncryption,
sha256WithRSAEncryption,
sha384WithRSAEncryption or
sha512WithRSAEncryption. If RSASSA-PSS
is selected, the combination of the private key of your signing certificate and the hash
algorithm is used in conjunction with the RSASSA-PSS algorithm to secure the signature.
- Possible values:
- Hash/MIC Algorithm
- When Signed in the Request section is
selected, the combination of the signature algorithm and the selected hash algorithm is
used to secure the signature.
Note: If the RSASSA-PSS signature algorithm is used and
the SHA-512 hash algorithm is selected, the strength of the signature algorithm of
your signing certificate must be SHA256withRSA or better.
- When the Signed option in the MDN Receipt
section is selected, the selected Hash/MIC Algorithm is used to
compute the independent Message Integrity Check (MIC) that is returned in the MDN
Receipt.
- Possible values:
- SHA-1 (default)
- MD5 (cryptographically weak and should not be used unless
no other Hash/MIC algorithm is available)
- SHA-256
- SHA-384
- SHA-512
- Compress Content
- When Compress is selected, the message will be compressed using
ZLIB compression. Compression is generally used for large files so that the message will
conserve bandwidth and be transferred more efficiently and securely over the
Internet.
- Inbound Message Security
- Indicates how inbound messages should be received.
- Select any combination of Force Encryption, Force
Signature and Force MDN Signature to check the
level of the inbound message security. If the message is not received according to the
corresponding message security settings, the message is rejected and an error is logged.
- By default, no settings are selected. If no settings are selected, the security level
of the message is not checked.
- MDN Receipt
- Attributes of the Message Disposition Notification (MDN) receipt you requested.
- Message Disposition Notifications can only be returned Asynchronously in AS3 as part
of a new FTP PUT or GET command.
-
- Signed
- Compute and remember an independent hash over the content of the sent message
using the Hash/MIC Algorithm you select. The trading
partner returns the MDN with a digital signature; and computes an independent MIC
value over the content of the message it received (using the same MIC algorithm)
and returns this value as a base64-encoded value in the human-readable portion of
the MDN. When the MDN is received, the original MIC is compared against the
received MIC. When the MIC values match, the sender is guaranteed that the message
read by the trading partner is identical to the message that came from the sender
and was not modified in any way.
- Forward MDN to Email
- Forward a copy of the MDN received to the email address specified in the
Email Address field.
- Synchronous
- Disabled for AS3.
- Asynchronously
- The only option available for AS3.
- Return the MDN as part of a new FTP session, that is, only the FTP status
message is returned during the acknowledgment phase of the message response and
the MDN is returned later in a separate FTP PUT or
GET command.