headers
Rik Drummond | 3 Aug 1998 18:50

New Draft for review....FW: I-D ACTION:draft-ietf-ediint-hl7-00.txt


-----Original Message-----
From: owner-ietf-ediint <at> imc.org [mailto:owner-ietf-ediint <at> imc.org] On
Behalf Of Internet-Drafts <at> ietf.org
Sent: Tuesday, July 28, 1998 9:21 AM
To: IETF-Announce: ;
Cc: ietf-ediint <at> imc.org
Subject: I-D ACTION:draft-ietf-ediint-hl7-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Electronic Data Interchange-Internet
Integration Working Group of the IETF.

	Title		: Secure HL7 Transactions using Internet Mail
	Author(s)	: G. Schadow, M. Tucker, W. Rishel
	Filename	: draft-ietf-ediint-hl7-00.txt
	Pages		: 68
	Date		: 27-Jul-98

This memo describes the applicability of the Internet standardization
efforts on secure electronic data interchange (EDI) transactions for
Health Level-7 (HL7), an EDI standard for healthcare used worldwide.
This memo heavily relies on the work in progress by the IETF EDIINT
working group. It is in most parts a restatement of the EDIINTs
requirements document and application statement 1 (AS#1) tailored to the
needs of the HL7 audience. We tried to make this document as self
consistent as possible. The goal is to give to the reader who is not a
security or Internet standards expert enough foundational and detail
information to enable him to build communication software that complies
(Continue reading)

Permalink | Reply | 0 comments |
headers
Rik Drummond | 5 Aug 1998 22:18

draft-ietf-ediint-as2-01.txt for review

If this looks ok, I will do a last call on it in a couple of weeks. Please
let us know your thoughts.... best regards, rik

-----Original Message-----
From: Dale Moberg [mailto:Dale_Moberg <at> stercomm.com]
Sent: Wednesday, August 05, 1998 10:07 AM
To: drummond <at> onramp.net
Subject: draft-ietf-ediint-as2-01.txt

Hi Rik,

Here is the revised draft.

This is the one sent earlier in June.

Bye
Dale

(See attached file: draft-ietf-ediint-as2-01.txt)
Attachment (draft-ietf-ediint-as2-01.txt): application/octet-stream, 19 KiB
Permalink | Reply | 0 comments |
headers
Rik Drummond | 18 Aug 1998 16:09

FW: draft-ietf-ediint-as2-01.txt for review

any comments on this HTTP EDIINT draft?

Rik

-----Original Message-----
From: owner-ietf-ediint <at> imc.org [mailto:owner-ietf-ediint <at> imc.org] On
Behalf Of Rik Drummond
Sent: Wednesday, August 05, 1998 3:19 PM
To: ietf-ediint <at> imc.org
Subject: draft-ietf-ediint-as2-01.txt for review

If this looks ok, I will do a last call on it in a couple of weeks. Please
let us know your thoughts.... best regards, rik

-----Original Message-----
From: Dale Moberg [mailto:Dale_Moberg <at> stercomm.com]
Sent: Wednesday, August 05, 1998 10:07 AM
To: drummond <at> onramp.net
Subject: draft-ietf-ediint-as2-01.txt

Hi Rik,

Here is the revised draft.

This is the one sent earlier in June.

Bye
Dale

(See attached file: draft-ietf-ediint-as2-01.txt)
(Continue reading)

Permalink | Reply | 2 comments |
headers
Shih,Chuck | 18 Aug 1998 19:29
Picon
Favicon

RE: draft-ietf-ediint-as2-01.txt for review

Rik,

It looks good.

> -----Original Message-----
> From:	Rik Drummond [SMTP:drummond <at> onramp.net]
> Sent:	Tuesday, August 18, 1998 7:09 AM
> To:	ietf-ediint <at> imc.org
> Subject:	FW: draft-ietf-ediint-as2-01.txt for review
> 
> any comments on this HTTP EDIINT draft?
> 
> Rik
> 
> -----Original Message-----
> From: owner-ietf-ediint <at> imc.org [mailto:owner-ietf-ediint <at> imc.org] On
> Behalf Of Rik Drummond
> Sent: Wednesday, August 05, 1998 3:19 PM
> To: ietf-ediint <at> imc.org
> Subject: draft-ietf-ediint-as2-01.txt for review
> 
> 
> If this looks ok, I will do a last call on it in a couple of weeks. Please
> let us know your thoughts.... best regards, rik
> 
> -----Original Message-----
> From: Dale Moberg [mailto:Dale_Moberg <at> stercomm.com]
> Sent: Wednesday, August 05, 1998 10:07 AM
> To: drummond <at> onramp.net
> Subject: draft-ietf-ediint-as2-01.txt
(Continue reading)

Permalink | Reply | 0 comments |
headers
Carl Hage | 19 Aug 1998 00:36

Re: FW: draft-ietf-ediint-as2-01.txt for review

> Reply-to:      <drummond <at> onramp.net>
> From:          "Rik Drummond" <drummond <at> onramp.net>

> any comments on this HTTP EDIINT draft?

I think it would be useful to explicitly mention the distinction between 
RFC822 headers and the HTTP transport headers. An example of the interchange 
would be useful. I think it's very easy to get confused and misinterpret the 
standard.

Are the To:, From:, and Message-ID: headers part of the HTTP content, or are 
they sent as extension headers along with the HTTP headers?

I assumed that the data transmitted to an http server would look something 
like:

POST /edi.cgi HTTP/1.1
Host: www.xxx.com
Content-Length: 4355
Content-Type: message/rfc822

To: edi <at> xxx.com
From: edi <at> yyy.com
Message-ID: 980234.0034 <at> yyy.com
Content-Type: multipart/signed

...First line of multipart content here...

The data transmitted consists of the HTTP headers, a blank line, the RFC822 
headers, a blank line, followed by the content.
(Continue reading)

Permalink | Reply | 1 comment |
headers
John Interrante | 19 Aug 1998 15:44
Picon
Favicon

Re: FW: draft-ietf-ediint-as2-01.txt for review

"Carl Hage" <carl <at> chage.com> writes:

> I think it would be useful to explicitly mention the distinction between 
> RFC822 headers and the HTTP transport headers. An example of the interchange 
> would be useful. I think it's very easy to get confused and misinterpret the 
> standard.

I interpreted the draft as saying that the To:, From:, and Message-ID: 
headers were supposed to be sent as extension headers along with the
HTTP headers.

> I assumed that the data transmitted to an http server would look something 
> like:
> 
> POST /edi.cgi HTTP/1.1
> Host: www.xxx.com
> Content-Length: 4355
> Content-Type: message/rfc822
> 
> To: edi <at> xxx.com
> From: edi <at> yyy.com
> Message-ID: 980234.0034 <at> yyy.com
> Content-Type: multipart/signed

I like this interpretation a LOT better for the following reason:

> Note that existing CGI processing does not pass the extension headers to the 
> processing application. Thus, the content-type: message/rfc822 works, and 
> merged headers won't work with existing http/cgi servers.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Dale Moberg | 19 Aug 1998 17:03

Re: FW: draft-ietf-ediint-as2-01.txt for review


>I interpreted the draft as saying that the To:, From:, and Message-ID:
>headers were supposed to be sent as extension headers along with the
>HTTP headers.

The current text probably needs some clarification but the "TO" etc headers
are added as extension headers. They may also be repeated in the
message body; maybe that needs to be suggested explicitly.

>> Note that existing CGI processing does not pass the extension headers to
the
>> processing application. Thus, the content-type: message/rfc822 works,
and
>> merged headers won't work with existing http/cgi servers. [This was Carl
Hage's
point I think.]
>The Java Servlet API also doesn't make it easy to get extension
>headers.  I believe it's possible, but very awkward.  You probably
>could enumerate the headers with getHeaderNames() and look up each
>header's value with getHeader(name), but I bailed out and didn't try
[This was John Interrante's comment.]
I wanted to avoid getting too much into implementation details, but
consider what
the CGI environment variable specification says:

http://hoohoo.ncsa.uiuc.edu/cgi/env.html

"In addition to these, the header lines received from the client, if any,
are placed into the environment with the prefix
HTTP_ followed by the header name. Any - characters in the header
(Continue reading)

Permalink | Reply | 0 comments |
headers
Dale Moberg | 19 Aug 1998 18:03

Re: FW: draft-ietf-ediint-as2-01.txt for review


>I interpreted the draft as saying that the To:, From:, and Message-ID:
>headers were supposed to be sent as extension headers along with the
>HTTP headers.

The current text probably needs some clarification but the "TO" etc headers
are added as extension headers. They may also be repeated in the
message body; maybe that needs to be suggested explicitly.

>> Note that existing CGI processing does not pass the extension headers to
the
>> processing application. Thus, the content-type: message/rfc822 works,
and
>> merged headers won't work with existing http/cgi servers. [This was Carl
Hage's
point I think.]
>The Java Servlet API also doesn't make it easy to get extension
>headers.  I believe it's possible, but very awkward.  You probably
>could enumerate the headers with getHeaderNames() and look up each
>header's value with getHeader(name), but I bailed out and didn't try
[This was John Interrante's comment.]
I wanted to avoid getting too much into implementation details, but
consider what
the CGI environment variable specification says:

http://hoohoo.ncsa.uiuc.edu/cgi/env.html

"In addition to these, the header lines received from the client, if any,
are placed into the environment with the prefix
HTTP_ followed by the header name. Any - characters in the header
(Continue reading)

Permalink | Reply | 0 comments |
headers
Dale Moberg | 19 Aug 1998 18:03

Re: FW: draft-ietf-ediint-as2-01.txt for review


>I interpreted the draft as saying that the To:, From:, and Message-ID:
>headers were supposed to be sent as extension headers along with the
>HTTP headers.

The current text probably needs some clarification but the "TO" etc headers
are added as extension headers. They may also be repeated in the
message body; maybe that needs to be suggested explicitly.

>> Note that existing CGI processing does not pass the extension headers to
the
>> processing application. Thus, the content-type: message/rfc822 works,
and
>> merged headers won't work with existing http/cgi servers. [This was Carl
Hage's
point I think.]
>The Java Servlet API also doesn't make it easy to get extension
>headers.  I believe it's possible, but very awkward.  You probably
>could enumerate the headers with getHeaderNames() and look up each
>header's value with getHeader(name), but I bailed out and didn't try
[This was John Interrante's comment.]
I wanted to avoid getting too much into implementation details, but
consider what
the CGI environment variable specification says:

http://hoohoo.ncsa.uiuc.edu/cgi/env.html

"In addition to these, the header lines received from the client, if any,
are placed into the environment with the prefix
HTTP_ followed by the header name. Any - characters in the header
(Continue reading)

Permalink | Reply | 0 comments |
headers
John Interrante | 19 Aug 1998 18:05
Picon
Favicon

Re: FW: draft-ietf-ediint-as2-01.txt for review

"Dale Moberg" <Dale_Moberg <at> stercomm.com> writes:

> The current text probably needs some clarification but the "TO" etc headers
> are added as extension headers. They may also be repeated in the
> message body; maybe that needs to be suggested explicitly.

Oh, I see now.  I misunderstood this part:

   [draft-ietf-ediint-as2-01.txt]
   2. Stages of an HTTP EDI exchange transaction

       An EDI data file or stream is first structured into one of the
       message templates described in [12], sections 4.2.1 to 4.2.4 or
       4.3.1 to 4.3.4 for PGP/MIME or S/MIME security. If TLS is to be used,

The cited sections in [12] are:

   [draft-ietf-ediint-as1-08.txt]
   4.3 Structure of an EDI MIME message - S/MIME

      4.3.1 No encryption, no signature

      -RFC822/2045
          -RFC1767 (application/EDIxxxx)

      4.3.2 No encryption, signature

      -RFC822/2045
          -RFC1847 (multipart/signed)
                  -RFC1767 (application/EDIxxxx)
(Continue reading)

Permalink | Reply | 0 comments |

Gmane