A new IETF non-working group email list has been created. List address: [email protected] Archive: https://mailarchive.ietf.org/arch/browse/ediint/ To subscribe: https://mailman3.ietf.org/mailman3/lists/ediint.ietf.org/
Purpose: This mailing list is being created to support discussion among participants in the Birds of a Feather (BOF) session focused on modernizing RFC 4130, which defines the AS2 (Applicability Statement 2) messaging standard. The objective of the BOF is to evaluate and build consensus around proposed updates to RFC 4130 that will improve the security, clarity, and interoperability of AS2 implementations. The primary goals of the discussion on this mailing list include: 1. Updating Cryptographic Algorithms and References: RFC 4130 currently references outdated and deprecated algorithms such as SHA-1 and MD5. This list will facilitate discussion on revising the specification to mandate or recommend the use of more secure, modern algorithms (e.g., SHA-256, SHA-3, and modern encryption standards), aligning with current IETF security recommendations. 2. Removing Deprecated or Ambiguous Constructs: Over time, some elements of RFC 4130 have become outdated or have been interpreted inconsistently. The mailing list will serve as a venue to propose the removal of deprecated features and resolve ambiguities that have impacted interoperability across vendor implementations. 3. Incorporating Industry-Driven Enhancements: AS2 is widely used in industry sectors such as healthcare, retail, and manufacturing. Many implementers have already added enhancements to their AS2 solutions to meet evolving business and compliance needs. The mailing list will gather input on these features and assess their suitability for inclusion in the formal standard to better support current and future industry requirements. 4. Establishing Interoperability and Best Practices Guidance: While many AS2 implementations have evolved independently to support more secure or extended functionality, formalizing these enhancements in the updated RFC is essential to ensure future AS2 systems remain interoperable. The mailing list will enable discussion on codifying best practices and implementation guidance that can be referenced by developers, integrators, and certification bodies. 5. Ensuring Backward Compatibility and Forward Guidance: The discussions will also focus on how to update the standard in a way that acknowledges existing implementations and eases the path for migration or coexistence, helping maintain continuity across the AS2 ecosystem. We recognize that many implementations have already adopted modern features and security practices. However, these changes are often undocumented or are vendor specific. By revisiting RFC 4130 in a transparent and inclusive IETF process, we aim to produce an updated standard that reflects real-world usage, improves security and interoperability, and supports the continued evolution of AS2 for years to come. This mailing list is intended to be the primary forum for exploring these issues, soliciting community input, and building consensus ahead of any formal working group chartering process. This list belongs to IETF area: ART For additional information, please contact the list administrators. _______________________________________________ IETF-Announce mailing list -- [email protected] To unsubscribe send an email to [email protected]
