MFT Resource Center
Applicability Statement 1 protocol (AS1)
What is AS1?
The AS1 protocol is based on SMTP and S/MIME (email technologies). It was the first AS protocol developed and uses signing, encryption and MDN conventions. It works as follows:
- Files are sent as "attachments" in a specially coded SMIME email message
- Messages can, but aren't required to be signed
- Messages can, but aren't required to be encrypted
- Messages may, but aren't required to, request Message Disposition Notifications, or MDNs, to ensure the recipient gets the message.
- If an MDN is requested, upon receipt and successful decryption or signature validation, a "success" MDN goes from the recipient to the original sender
- Upon receipt and verification of the signature on the MDN, the original sender knows the recipient got their message, providing "non-repudiation"
- If there are any problems receiving or interpreting the original AS1 message, a "failed" MDN may be sent back
Age
AS1 was developed by EDI over the Internet (EDIINT), a working group of the Internet Engineering Task Force (IETF) during the 1990s to help facilitate web-based EDI communications between partners. At the time, it was a major technological step forward that delivered higher security with reduced setup costs over the Internet.
Status and Popularity
The AS1 EDI specification is superseded by the Applicability Statement 2 (AS2) standard, which uses HTTP.
Security
AS1 achieves security with digital certificates and encryption. AS1 (like all AS file transfers) generally requires both sides of the exchange to trade X.509 certificates and specific "trading partner" names before transferring any documents. Its use of MDNs and digital certificates, and encryption is a recurring theme in many other protocols.