I just subscribed to the mailing list a week ago and apologies
if the comments I am doing have already been discussed, I didn't
find anything about these points in the mailing list archive.
- Section 5.1 (Sending EDI in HTTP Post Requests), paragraph 3
> When using Transport Layer Security [10] or SSLv3, the
> request-URI should indicate the appropriate scheme value,
> HTTPS
A reference to "HTTP Over TLS", RFC 2818 might be added.
When sending an HTTP POST request over TLS, the absoluteURI form
of the request-URI (which contains the scheme value) shouldn't be used.
I think this sentence can apply to the "return-url" string or a
request-URI sent out of band (as mentioned in the first paragraph
of the section), but not to the request-URI sent in the HTTP POST
request. It should be removed from this section.
I am not familiar with RFC writing, but it seems that HTTPS is not
an assigned key word; maybe adding a note saying that
'HTTPS refers to the use of HTTP over TLS' would be more accurate.
- Section 5.2.2 (Message bodies), paragraph 2
> In [4], sections 5.4.1, options for large file processing
> are discussed for SMTP transport. For HTTP, large files
> should be handled correctly by the TCP layer. However, [3]
> sections 3.5 and 3.6 discuss some options for compressing or
> chunking entities to be transferred. [3] Section 8.1.2.2
> discusses a pipelining option that is useful for segmenting
> large amounts of data.
I might be missing something but TCP layer doesn't have anything
to do with handling large files.
As far as I understood HTTP/1.1, segmenting data is only possible
with the use of 'ranges', and 'ranges' are only available for GET
responses. Segmenting data will not be possible with AS2.
Pipelining only allows a client to make multiple requests without
waiting for each response.
- Section 7.2 (Synchronous and Asynchronous MDNs)
> The synchronous AS2-MDN is sent as an HTTP response to an
> HTTP POST or as an HTTPS response to an HTTPS POST.
My comment might not be relevant at all, but there is a sort of
repetition here.
Continuing with my first comment, from protocol point of view,
HTTPS can be seen as the use of HTTP over an implicit transparent
TLS connection layer.
Maybe this sentence could be:
The synchronous AS2-MDN is sent as a response to a
POST request, using either HTTP or HTTPS.
or
The synchronous AS2-MDN is sent as an HTTP response to a
POST request, using TLS or not.
- Section 7.3 (Requesting a Signed Receipt), paragraph 2 and any following
example
> mail-address field is specified as an RFC 2822 local-
> <mailto:part@domain> part@domain [addr-spec] address, and while it MUST be
...
> Disposition-notification-to: <mailto:xxx@xxxxxxxx> xxx@xxxxxxxx
...
> Receipt-delivery-option: <http://www.as2system.com/>
> http://www.AS2system.com
...
The editor used to create the document has probably generated this,
but any string that precedes an address, or an URL, and
looks like "<...>", has to be removed.
I hope this will help.
Sebastien
|
