tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Glossaries     Architecture     IMS     UICC    |    search     info

RFC 5024

 
 
 

ODETTE File Transfer Protocol 2.0

Part 2 of 4, p. 28 to 68
Prev RFC Part       Next RFC Part

 


prevText      Top      Up      ToC       Page 28 
4.  Protocol Specification

4.1.  Overview

   ODETTE-FTP is divided into five operating phases.

      Start Session
      Start File
      Data Transfer
      End File
      End Session

   After the End File phase, an ODETTE-FTP entity may enter a new Start
   File phase or terminate the session via the End Session phase.

   ODETTE-FTP peers communicate by sending and receiving messages in
   Exchange Buffers via the Network Service.  Each Exchange Buffer
   contains one of the following commands.

      SSRM    Start Session Ready Message
      SSID    Start Session
      SECD    Security Change Direction
      AUCH    Authentication Challenge
      AURP    Authentication Response
      SFID    Start File
      SFPA    Start File Positive Answer
      SFNA    Start File Negative Answer
      DATA    Data
      CDT     Set Credit
      EFID    End File
      EFPA    End File Positive Answer
      EFNA    End File Negative Answer
      ESID    End Session
      CD      Change Direction
      EERP    End to End Response
      NERP    Negative End Response
      RTR     Ready To Receive

   The remainder of this section describes the protocol flows.  Section
   five details the command formats.

4.2.  Start Session Phase

   The Start Session phase is entered immediately after the network
   connection has been established.

Top      Up      ToC       Page 29 
4.2.1.  Entity Definition

   The ODETTE-FTP entity that took the initiative to establish the
   network connection becomes the Initiator.  Its peer becomes the
   Responder.

4.2.2.  Protocol Sequence

   The first message must be sent by the Responder.

   1. Initiator <-------------SSRM -- Responder   Ready Message
                -- SSID ------------>             Identification
                <------------ SSID --             Identification

4.2.3.  Secure Authentication

   Having exchanged SSIDs, the Initiator may optionally begin an
   authentication phase, in which each party proves its identity to the
   other.

4.2.4.  Protocol Sequence

   The first authentication message must be sent by the Initiator.

   1. Initiator -- SECD ------------> Responder   Change Direction
                <------------ AUCH --             Challenge
                -- AURP ------------>             Response
                <------------ SECD --             Change Direction
                -- AUCH ------------>             Challenge
                <------------ AURP --             Response

   The Initiator sends a Security Change Direction (SECD) to which the
   Responder replies with an Authentication Challenge (AUCH).

   The Responder looks up the public certificate that is linked to the
   purported identity of the Initiator (located in the SSID).  If the
   Responder is unable to locate a suitable certificate then
   authentication fails.  The Responder uses the public key contained in
   the certificate to encrypt a random challenge, unique for each
   session, for the Initiator.  This encrypted challenge is sent as a
   [CMS] envelope to the Initiator as part of the AUCH.

   The Initiator decrypts the challenge using their private key and
   sends the decrypted challenge back to the Responder in the
   Authentication Response (AURP).

   The Responder checks that the data received in the AURP matches the
   random challenge that was sent to the Initiator.

Top      Up      ToC       Page 30 
   If the data matches, then the Initiator has authenticated
   successfully and the Responder replies with a Security Change
   Direction (SECD) beginning the complementary process of verifying the
   Responder to the Initiator.  If the data does not match, then the
   Initiator fails authentication.

4.3.  Start File Phase

4.3.1.  Entity Definition

   The Initiator from the Start Session phase is designated the Speaker
   while the Responder becomes the Listener.  The roles are reversed by
   the Speaker sending a Change Direction command to the Listener.

4.3.2.  Protocol Sequence

   1. Speaker  -- SFID ------------> Listener   Start File
               <------------ SFPA --            Answer YES

   2. Speaker  -- SFID ------------> Listener   Start File
               <------------ SFNA --            Answer NO
                     Go To 1

      Note: The User Monitor should take steps to prevent a loop
            situation occurring.

   2. Speaker  -- CD --------------> Listener   Change Direction
      Listener <------------ EERP -- Speaker    End to End Response
               -- RTR ------------->            Ready to Receive
               <------------ NERP --            Negative End Response
               -- RTR ------------->            Ready to Receive
               <------------ SFID --            Start File

4.3.3.  Restart Facilities

   The Start File command includes a count allowing the restart of an
   interrupted transmission to be negotiated.  If restart facilities are
   not available, the restart count must be set to zero.  The sender
   will start with the lowest record count + 1.

4.3.4.  Broadcast Facilities

   The destination in a Start File command can be specified as follows.

   1.  An explicitly defined destination.

   2.  A group destination that allows an intermediate location to
       broadcast the Virtual File to multiple destinations.

Top      Up      ToC       Page 31 
   The Listener will send a negative answer to the Speaker when the
   destination is not known.

4.3.5.  Priority

   The prioritisation of files for transmission is left to the local
   implementation.  To allow some flexibility, a change direction
   mechanism is available in the End File phase.

4.3.6.  End to End Response (EERP)

   The End to End Response (EERP) command notifies the originator of a
   Virtual File that the Virtual File has been successfully delivered to
   its final destination.  This allows the originator to perform house
   keeping tasks such as deleting copies of the delivered data.

   If the originator of the Virtual File requested a signed EERP in the
   SFID, the EERP must be signed.  Signing allows the originator of the
   file to prove that the EERP was generated by the final destination.
   If the final destination is unable to sign the EERP, it may send back
   an unsigned EERP.  It is an implementation issue to allow the
   acceptance of an unsigned EERP if a signed EERP is requested.

   A Response Command must be sent from the location performing the
   final processing or distribution of the data to the originator.  The
   Response is mandatory and may be sent in the same or in any
   subsequent session.

   When an intermediate location broadcasts or distributes a Virtual
   File, it must receive a Response command from all the locations to
   which it forwarded the data before sending its own Response.  This
   ensures that the Response received by the Virtual File's originator
   accounts for all the destination locations.  An intermediate location
   therefore needs to track the status of files it processes over time.

   The requesting of a signed EERP is incompatible with the use of
   broadcast facilities because an EERP can be signed by only one
   destination.  If this scenario occurs, the intermediate broadcast
   location may continue and ignore the request for a signed EERP or
   send back a NERP.

   Example: Point to Point

      Location A sends file Ba to location B, which will send an EERP to
      location A after it successfully receives the file.

Top      Up      ToC       Page 32 
         o----------o                          o-----------o
         | Loc. A   |----------- S1 ---------->| Loc. B    |
         |          |                          |           |
         | [Ba]     |<---------- R2 -----------| [Ba]      |
         +----------o                          o-----------o

                     Key:   S - File Transfer
                            R - Response EERP
                         [Ba] - File for B from A

   Example: Data distribution

      Location A sends a Virtual File containing data for distribution
      to locations B and C via clearing centres E1 and E2.  Clearing
      centre E1 must wait for a response from E2 (for file Ba) and
      location C before it sends its response, R8, to location A.
      Clearing centre E2 can only send response R7 to E1 when location B
      acknowledges file Ba with response R6.

   o---------o        o---------o        o---------o        o---------o
   | Loc. A  |-- S1 ->| Loc. E1 |-- S2 ->| Loc. E2 |-- S5 ->| Loc. B  |
   |         |        |         |        |         |        |         |
   | [Ba,Ca] |<- R8 --| [Ba,Ca] |<- R7 --| [Ba]    |<- R6 --| [Ba]    |
   o---------o        o---------o        o---------o        o---------o
                         A   |
                         |   |           o---------o
                         |   +----- S3 ->| Loc. C  |
                         |               |         |
                         +--------- R4 --| [Ca]    |
                                         o---------o

   Example: Data collection

      Locations A and B send files Ca and Cb to clearing centre E1,
      which forwards both files to location C in a single Virtual File.
      When it receives response R4 from C, clearing centre E1 sends
      response R5 to location A and R6 to location B.

Top      Up      ToC       Page 33 
         o---------o        o---------o        o---------o
         | Loc. A  |-- S1 ->| Loc. E1 |-- S3 ->| Loc. C  |
         |         |        |         |        |         |
         | [Ca]    |<- R5 --| [Ca,Cb] |<- R4 --| [Ca,Cb] |
         o---------o        o---------o        o---------o
                               A   |
         o---------o           |   |
         | Loc. B  |-- S2 -----+   |
         |         |               |
         | [Cb]    |<- R6 ---------+
         o---------o

4.3.7.  Negative End Response (NERP)

   In addition to the EERP, which allows control over successful
   transmission of a file, a Negative End Response signals that a file
   could not be delivered to the final destination or that the final
   destination could not process the received file.

   It may be created by an intermediate node that could not transmit the
   file any further because the next node refuses to accept the file.
   The cause of the refusal has to be non-temporary, otherwise the
   intermediate node has to try the transmission again.

   It may also be created by the final node that is unable to process
   the file because of non-recoverable syntax or semantic errors in the
   file, or because of the failure of any other processing performed on
   the file.

   The NERP will be sent back to the originator of the file.

   The parameters are equal to the ones of the EERP, but with additional
   information about the creator of the NERP and the abort reason.
   Where the NERP is created due to a failure to transmit, the abort
   reason is taken from the refusal reason that was sent by the node
   refusing the file.  Because of the NERP, it is possible for the
   intermediate node to stop trying to send the non-deliverable file and
   to delete the file.

   The NERP allows the originator of the file to react to the
   unsuccessful transmission or processing, depending on the reason code
   and the creator of the NERP.

   If the originator of the Virtual File requested a signed EERP in the
   SFID, the NERP must be signed.  Signing allows the originator of the
   file to prove by whom the NERP was generated.  If the location

Top      Up      ToC       Page 34 
   generating the NERP is unable to sign the NERP, it may send back an
   unsigned NERP.  It is an implementation issue to allow the acceptance
   of an unsigned EERP if a signed NERP is requested.

4.3.8.  Ready To Receive Command (RTR)

   In order to avoid congestion between two adjacent nodes caused by a
   continuous flow of EERPs and NERPs, a Ready To Receive (RTR) command
   is provided.  The RTR acts as an EERP/NERP acknowledgement for flow
   control but has no end-to-end significance.

      Speaker  -- EERP ------------> Listener   End to End Response
               <------------- RTR --            Ready to Receive
               -- EERP ------------>            End to End Response
               <------------- RTR --            Ready to Receive
               -- NERP ------------>            Negative End Response
               <------------- RTR --            Ready to Receive
               -- SFID ------------>            Start File
                         or
               -- CD -------------->            Exchange the turn

   After sending an EERP or NERP, the Speaker must wait for an RTR
   before sending any other commands.  The only acceptable commands to
   follow are:

        EERP
        NERP
        SFID or CD (if there are no more EERPs or NERPs to be sent)

4.4.  Data Transfer Phase

   Virtual File data flows from the Speaker to the Listener during the
   Data Transfer phase, which is entered after the Start File phase.

4.4.1.  Protocol Sequence

   To avoid congestion at the protocol level, a flow control mechanism
   is provided via the Set Credit (CDT) command.

   A Credit limit is negotiated in the Start Session phase; this
   represents the number of Data Exchange Buffers that the Speaker may
   send before it is obliged to wait for a Credit command from the
   Listener.

   The available credit is initially set to the negotiated value by the
   Start File positive answer, which acts as an implicit Credit command.
   The Speaker decreases the available credit count by one for each data
   buffer sent to the Listener.

Top      Up      ToC       Page 35 
   When the available credit is exhausted, the Speaker must wait for a
   Credit command from the Listener; otherwise, a protocol error will
   occur and the session will be aborted.

   The Listener should endeavour to send the Credit command without
   delay to prevent the Speaker blocking.

   1. Speaker  -- SFID ------------> Listener   Start File
               <------------ SFPA --            Answer YES

   2. If the credit value is set to 2

      Speaker  -- Data ------------> Listener   Start File
               -- Data ------------>
               <------------- CDT --            Set Credit
               -- Data ------------>
               -- EFID ------------>            End File

4.5.  End File Phase

4.5.1.  Protocol Sequence

   The Speaker notifies the Listener that it has finished sending a
   Virtual File by sending an End File (EFID) command.  The Listener
   replies with a positive or negative End File command and has the
   option to request a Change Direction command from the Speaker.

   1. Speaker  -- EFID ------------> Listener   End File
               <------------ EFPA --            Answer YES

   2. Speaker  -- EFID ------------> Listener   End File
               <------------ EFPA --            Answer YES + CD
               -- CD -------------->            Change Direction
      Listener <------------ EERP -- Speaker    End to End Response
               -------------- RTR ->            Ready to Receive
      Listener <------------ NERP -- Speaker    Negative End Response
               -------------- RTR ->            Ready to Receive
               Go to Start File Phase

   3. Speaker  -- EFID ------------> Listener   End File
               <------------ EFNA --            Answer NO

Top      Up      ToC       Page 36 
4.6.  End Session Phase

4.6.1.  Protocol Sequence

   The Speaker terminates the session by sending an End Session (ESID)
   command.  The Speaker may only do this if the Listener has just
   relinquished its role as speaker.

   1. Speaker  -- EFID ------------> Listener   End File
               <------------ EFPA --            Answer YES
               -- CD -------------->            Change Direction
      Listener <------------ ESID -- Speaker    End Session

4.7.  Problem Handling

   Error detection and handling should be done as close as possible to
   the problem.  This aids problem determination and correction.  Each
   layer of the reference model is responsible for its own error
   handling.

   ODETTE-FTP can detect protocol errors by virtue of its state machine
   and uses activity timers to detect session hang conditions.  These
   mechanisms are separate from the End to End controls.

4.7.1.  Protocol Errors

   If a protocol error occurs, the session will be terminated and
   application activity aborted.  Both locations enter the IDLE state.

4.7.2.  Timers

   To protect against application and network hang conditions, ODETTE-
   FTP uses activity timers for all situations where a response is
   required.  The timers and actions to be taken if they expire are
   described in Section 9, "Protocol State Machine".

4.7.3.  Clearing Centres

   The use of clearing centres introduces the possibility of errors
   occurring as a result of data processing activities within the
   centre.  Such errors are not directly related to ODETTE-FTP or the
   communication network and are therefore outside the scope of this
   specification.

Top      Up      ToC       Page 37 
5.  Commands and Formats

   ODETTE-FTP entities communicate via Exchange Buffers.  The Command
   Exchange Buffers are described below.  Virtual File data is carried
   in Data Exchange Buffers, which are described in Section 7.

5.1.  Conventions

5.1.1.  Representation Unit

   The basic unit of information is an octet, containing 8 bits.

5.1.2.  Values and Characters

   The ISO 646 IRV 7-bit coded character set [ISO-646], according to
   Appendix B, is used to encode constants and strings within Command
   Exchange Buffers except where [UTF-8] is explicitly indicated against
   a field.

5.2.  Commands

   A Command Exchange Buffer contains a single command starting at the
   beginning of the buffer.  Commands and data are never mixed within an
   Exchange Buffer.  Commands cannot be compressed.  Variable-length
   parameters may be omitted entirely if not required and the associated
   length indicator field set to zero.

   Components:

   1. Command identifier:

      The first octet of an Exchange Buffer is the Command Identifier
      and defines the format of the buffer.

   2. Parameter(s):

      Command parameters are stored in fields within a Command Exchange
      Buffer.  Where variable-length fields are used, they are preceded
      with a header field indicating the length.  All values are
      required except where explicitly indicated.

5.3.  Command Formats

   The ODETTE-FTP commands are described below using the following
   definitions.

Top      Up      ToC       Page 38 
   Position (Pos)

      Field offset within the Command Exchange Buffer, relative to a
      zero origin.

   Field

      The name of the field.

   Description

      A description of the field.

   Format

      F    - A field containing fixed values.  All allowable values for
             the field are enumerated in the command definition.

      V    - A field with variable values within a defined range.  For
             example, the SFIDLRECL field may contain any integer value
             between 00000 and 99999.

      X(n) - An alphanumeric field of length n octets.

        A String contains alphanumeric characters from the following
        set:

         The numerals:               0 to 9
         The upper case letters:     A to Z
         The following special set:  / - . & ( ) space.

        Space is not allowed as an embedded character.

      9(n) - A numeric field of length n octets.

      U(n) - A binary field of length n octets.

             Numbers encoded as binary are always unsigned and in
             network byte order.

      T(n) - An field of length n octets, encoded using [UTF-8].

      String and alphanumeric fields are always left justified and right
      padded with spaces where needed.

      Numeric fields are always right justified and left padded with
      zeros where needed.

Top      Up      ToC       Page 39 
      Reserved fields should be padded with spaces.

5.3.1.  SSRM - Start Session Ready Message

   o-------------------------------------------------------------------o
   |       SSRM        Start Session Ready Message                     |
   |                                                                   |
   |       Start Session Phase     Initiator <---- Responder           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | SSRMCMD   | SSRM Command, 'I'                     | F X(1)  |
   |   1 | SSRMMSG   | Ready Message, 'ODETTE FTP READY '    | F X(17) |
   |  18 | SSRMCR    | Carriage Return                       | F X(1)  |
   o-------------------------------------------------------------------o

   SSRMCMD   Command Code                                      Character

      Value: 'I'  SSRM Command identifier.

   SSRMMSG   Ready Message                                    String(17)

      Value: 'ODETTE FTP READY '

   SSRMCR    Carriage Return                                   Character

      Value: Character with hex value '0D' or '8D'.

Top      Up      ToC       Page 40 
5.3.2.  SSID - Start Session

   o-------------------------------------------------------------------o
   |       SSID        Start Session                                   |
   |                                                                   |
   |       Start Session Phase     Initiator <---> Responder           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | SSIDCMD   | SSID Command 'X'                      | F X(1)  |
   |   1 | SSIDLEV   | Protocol Release Level                | F 9(1)  |
   |   2 | SSIDCODE  | Initiator's Identification Code       | V X(25) |
   |  27 | SSIDPSWD  | Initiator's Password                  | V X(8)  |
   |  35 | SSIDSDEB  | Data Exchange Buffer Size             | V 9(5)  |
   |  40 | SSIDSR    | Send / Receive Capabilities (S/R/B)   | F X(1)  |
   |  41 | SSIDCMPR  | Buffer Compression Indicator (Y/N)    | F X(1)  |
   |  42 | SSIDREST  | Restart Indicator (Y/N)               | F X(1)  |
   |  43 | SSIDSPEC  | Special Logic Indicator (Y/N)         | F X(1)  |
   |  44 | SSIDCRED  | Credit                                | V 9(3)  |
   |  47 | SSIDAUTH  | Secure Authentication (Y/N)           | F X(1)  |
   |  48 | SSIDRSV1  | Reserved                              | F X(4)  |
   |  52 | SSIDUSER  | User Data                             | V X(8)  |
   |  60 | SSIDCR    | Carriage Return                       | F X(1)  |
   o-------------------------------------------------------------------o

      SSIDCMD   Command Code
      Character

      Value: 'X'  SSID Command identifier.

   SSIDLEV   Protocol Release Level                           Numeric(1)

             Used to specify the level of the ODETTE-FTP protocol

      Value: '1' for Revision 1.2
             '2' for Revision 1.3
             '4' for Revision 1.4
             '5' for Revision 2.0

             Future release levels will have higher numbers.  The
             protocol release level is negotiable, with the lowest level
             being selected.

             Note: ODETTE File Transfer Protocol 1.3 (RFC 2204)
                   specifies '1' for the release level, despite adhering
                   to revision 1.3.

Top      Up      ToC       Page 41 
   SSIDCODE  Initiator's Identification Code                  String(25)

    Format:  See Identification Code (Section 5.4)

             Uniquely identifies the Initiator (sender) participating in
             the ODETTE-FTP session.

             It is an application implementation issue to link the
             expected [X.509] certificate to the SSIDCODE provided.

   SSIDPSWD  Initiator's Password                              String(8)

             Key to authenticate the sender.  Assigned by bilateral
             agreement.

   SSIDSDEB  Data Exchange Buffer Size                        Numeric(5)

    Minimum: 128
    Maximum: 99999

             The length, in octets, of the largest Data Exchange Buffer
             that can be accepted by the location.  The length includes
             the command octet but does not include the Stream
             Transmission Header.

             After negotiation, the smallest size will be selected.

   SSIDSR    Send / Receive Capabilities                       Character

      Value: 'S'  Location can only send files.
             'R'  Location can only receive files.
             'B'  Location can both send and receive files.

             Sending and receiving will be serialised during the
             session, so parallel transmissions will not take place in
             the same session.

             An error occurs if adjacent locations both specify the send
             or receive capability.

Top      Up      ToC       Page 42 
   SSIDCMPR  Buffer Compression Indicator                      Character

      Value: 'Y'  The location can handle OFTP data buffer compression
             'N'  The location cannot handle OFTP buffer compression

             Compression is only used if supported by both locations.

             The compression mechanism referred to here applies to each
             individual OFTP data buffer.  This is different from the
             file compression mechanism in OFTP, which involves the
             compression of whole files.

   SSIDREST  Restart Indicator                                 Character

      Value: 'Y'  The location can handle the restart of a partially
                  transmitted file.
             'N'  The location cannot restart a file.

   SSIDSPEC  Special Logic Indicator                           Character

      Value: 'Y'  Location can handle Special Logic
             'N'  Location cannot handle Special Logic

             Special Logic is only used if supported by both locations.

             The Special Logic extensions are only useful to access an
             X.25 network via an asynchronous entry and are not
             supported for TCP/IP connections.

   SSIDCRED  Credit                                           Numeric(3)

    Maximum: 999

             The number of consecutive Data Exchange Buffers sent by the
             Speaker before it must wait for a Credit (CDT) command from
             the Listener.

             The credit value is only applied to Data flow in the Data
             Transfer phase.

             The Speaker's available credit is initialised to SSIDCRED
             when it receives a Start File Positive Answer (SFPA)
             command from the Listener.  It is zeroed by the End File
             (EFID) command.

             After negotiation, the smallest size must be selected in
             the answer of the Responder, otherwise a protocol error
             will abort the session.

Top      Up      ToC       Page 43 
             Negotiation of the "credit-window-size" parameter.

             Window Size m  -- SSID ------------>
                            <------------ SSID --  Window Size n
                                                  (n less than or
                                                   equal to m)
             Note: negotiated value will be "n".

   SSIDAUTH  Secure Authentication                             Character

      Value: 'Y'  The location requires secure authentication.  'N'  The
             location does not require secure authentication.

             Secure authentication is only used if agreed by both
             locations.

             If the answer of the Responder does not match with the
             authentication requirements of the Initiator, then the
             Initiator must abort the session.

             No negotiation of authentication is allowed.

             authentication p  -- SSID ------------>
                               <------------ SSID --  authentication q

             p == q -> continue.
             p != q -> abort.

   SSIDRSV1  Reserved                                          String(4)

             This field is reserved for future use.

   SSIDUSER  User Data                                         String(8)

             May be used by ODETTE-FTP in any way.  If unused, it should
             be initialised to spaces.  It is expected that a bilateral
             agreement exists as to the meaning of the data.

   SSIDCR    Carriage Return                                   Character

      Value: Character with hex value '0D' or '8D'.

Top      Up      ToC       Page 44 
5.3.3.  SFID - Start File

   o-------------------------------------------------------------------o
   |       SFID        Start File                                      |
   |                                                                   |
   |       Start File Phase           Speaker ----> Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | SFIDCMD   | SFID Command, 'H'                     | F X(1)  |
   |   1 | SFIDDSN   | Virtual File Dataset Name             | V X(26) |
   |  27 | SFIDRSV1  | Reserved                              | F X(3)  |
   |  30 | SFIDDATE  | Virtual File Date stamp, (CCYYMMDD)   | V 9(8)  |
   |  38 | SFIDTIME  | Virtual File Time stamp, (HHMMSScccc) | V 9(10) |
   |  48 | SFIDUSER  | User Data                             | V X(8)  |
   |  56 | SFIDDEST  | Destination                           | V X(25) |
   |  81 | SFIDORIG  | Originator                            | V X(25) |
   | 106 | SFIDFMT   | File Format (F/V/U/T)                 | F X(1)  |
   | 107 | SFIDLRECL | Maximum Record Size                   | V 9(5)  |
   | 112 | SFIDFSIZ  | File Size, 1K blocks                  | V 9(13) |
   | 125 | SFIDOSIZ  | Original File Size, 1K blocks         | V 9(13) |
   | 138 | SFIDREST  | Restart Position                      | V 9(17) |
   | 155 | SFIDSEC   | Security Level                        | F 9(2)  |
   | 157 | SFIDCIPH  | Cipher suite selection                | F 9(2)  |
   | 159 | SFIDCOMP  | File compression algorithm            | F 9(1)  |
   | 160 | SFIDENV   | File enveloping format                | F 9(1)  |
   | 161 | SFIDSIGN  | Signed EERP request                   | F X(1)  |
   | 162 | SFIDDESCL | Virtual File Description length       | V 9(3)  |
   | 165 | SFIDDESC  | Virtual File Description              | V T(n)  |
   o-------------------------------------------------------------------o

   SFIDCMD   Command Code                                      Character

      Value: 'H'  SFID Command identifier.

   SFIDDSN   Virtual File Dataset Name                        String(26)

             Dataset name of the Virtual File being transferred,
             assigned by bilateral agreement.

             No general structure is defined for this attribute.

             See Virtual Files - Identification (Section 1.5.2)

   SFIDRSV1  Reserved                                          String(3)

             This field is reserved for future use.

Top      Up      ToC       Page 45 
   SFIDDATE  Virtual File Date stamp                          Numeric(8)

     Format: 'CCYYMMDD'  8 decimal digits representing the century,
             year, month, and day.

             Date stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   SFIDTIME  Virtual File Time stamp                         Numeric(10)

     Format: 'HHMMSScccc'  10 decimal digits representing hours,
             minutes, seconds, and a counter (0001-9999), which gives
             higher resolution.

             Time stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   SFIDUSER  User Data                                         String(8)

             May be used by ODETTE-FTP in any way.  If unused, it should
             be initialised to spaces.  It is expected that a bilateral
             agreement exists as to the meaning of the data.

   SFIDDEST  Destination                                      String(25)

     Format: See Identification Code (Section 5.4)

             The Final Recipient of the Virtual File.

             This is the location that will look into the Virtual File
             content and perform mapping functions.  It is also the
             location that creates the End to End Response (EERP)
             command for the received file.

   SFIDORIG  Originator                                       String(25)

     Format: See Identification Code (Section 5.4)

             Originator of the Virtual File.

             It is the location that created (mapped) the data for
             transmission.

Top      Up      ToC       Page 46 
   SFIDFMT   File Format                                       Character

      Value: 'F'  Fixed format binary file
             'V'  Variable format binary file
             'U'  Unstructured binary file
             'T'  Text

             Virtual File format.  Used to calculate the restart
             position (Section 1.5.4).

             Once a file has been signed, compressed, and/or encrypted,
             in file format terms it becomes unstructured, format U.
             The record boundaries are no longer discernable until the
             file is decrypted, decompressed, and/or verified.  SFID
             File Format Field in this scenario indicates the format of
             the original file, and the transmitted file must be treated
             as U format.

   SFIDLRECL Maximum Record Size                              Numeric(5)

    Maximum: 99999

             Length in octets of the longest logical record that may be
             transferred to a location.  Only user data is included.

             If SFIDFMT is 'T' or 'U', then this attribute must be set
             to '00000'.

             If SFIDFMT is 'V' and the file is compressed, encrypted, or
             signed, then the maximum value of SFIDRECL is '65536'.

   SFIDFSIZ  Transmitted File Size                           Numeric(13)

    Maximum: 9999999999999

             Space in 1K (1024 octet) blocks required at the Originator
             location to store the actual Virtual File that is to be
             transmitted.

             For example, if a file is compressed before sending, then
             this is the space required to store the compressed file.

             This parameter is intended to provide only a good estimate
             of the Virtual File size.

             Using 13 digits allows for a maximum file size of
             approximately 9.3 PB (petabytes) to be transmitted.

Top      Up      ToC       Page 47 
   SFIDOSIZ  Original File Size                              Numeric(13)

    Maximum: 9999999999999

             Space in 1K (1024 octet) blocks required at the Originator
             location to store the original before it was signed,
             compressed, and/or encrypted.

             If no security or compression services have been used,
             SFIDOSIZ should contain the same value as SFIDFSIZ.

             If the original file size is not known, the value zero
             should be used.

             This parameter is intended to provide only a good estimate
             of the original file size.

             The sequence of events in file exchange are:

              (a) raw data file ready to be sent
                   SFIDOSIZ = Original File Size

              (b) signing/compression/encryption

              (c) transmission
                   SFIDFSIZ = Transmitted File Size

              (d) decryption/decompression/verification

              (e) received raw data file for in-house applications
                   SFIDOSIZ = Original File Size

             The Transmitted File Size at (c) indicates to the receiver
             how much storage space is needed to receive the file.

             The Original File Size at (e) indicates to the in-house
             application how much storage space is needed to process the
             file.

Top      Up      ToC       Page 48 
   SFIDREST  Restart Position                                Numeric(17)

    Maximum: 99999999999999999

             Virtual File restart position.

             The count represents the:
                - Record Number if SSIDFMT is 'F' or 'V'.
                - File offset in 1K (1024 octet) blocks if SFIDFMT is
                  'U' or 'T'.

             The count will express the transmitted user data (i.e.,
             before ODETTE-FTP buffer compression, header not included).

             After negotiation between adjacent locations,
             retransmission will start at the lowest value.

             Once a file has been signed, compressed, and/or encrypted,
             in file format terms, it has become unstructured, like
             format U.  The file should be treated as format U for the
             purposes of restart, regardless of the actual value in
             SFIDFMT.

   SFIDSEC   Security Level                                   Numeric(2)

      Value: '00'  No security services
             '01'  Encrypted
             '02'  Signed
             '03'  Encrypted and signed

             Indicates whether the file has been signed and/or encrypted
             before transmission. (See Section 6.2.)

   SFIDCIPH  Cipher suite selection                           Numeric(2)

      Value: '00'  No security services
             '01'  See Section 10.2

             Indicates the cipher suite used to sign and/or encrypt the
             file and also to indicate the cipher suite that should be
             used when a signed EERP or NERP is requested.

Top      Up      ToC       Page 49 
   SFIDCOMP  File compression algorithm                       Numeric(1)

      Value: '0'  No compression
             '1'  Compressed with [ZLIB] algorithm

             Indicates the algorithm used to compress the file.
             (See Section 6.4.)

   SFIDENV   File enveloping format                           Numeric(1)

      Value: '0'  No envelope
             '1'  File is enveloped using [CMS]

             Indicates the enveloping format used in the file.

             If the file is encrypted/signed/compressed or is an
             enveloped file for the exchange and revocation of
             certificates, this field must be set accordingly.

   SFIDSIGN  Signed EERP request                               Character

      Value: 'Y'  The EERP returned in acknowledgement of the file
                  must be signed
             'N'  The EERP must not be signed

             Requests whether the EERP returned for the file must be
             signed.

   SFIDDESCL Virtual File Description length                  Numeric(3)

             Length in octets of the field SFIDDESC.

             A value of 0 indicates that no description is present.

   SFIDDESC  Virtual File Description                         [UTF-8](n)

             May be used by ODETTE-FTP in any way.  If not used,
             SFIDDESCL should be set to zero.

             No general structure is defined for this attribute, but it
             is expected that a bilateral agreement exists as to the
             meaning of the data.

             It is encoded using [UTF-8] to support a range of national
             languages.

             Maximum length of the encoded value is 999 octets.

Top      Up      ToC       Page 50 
5.3.4.  SFPA - Start File Positive Answer

   o-------------------------------------------------------------------o
   |       SFPA        Start File Positive Answer                      |
   |                                                                   |
   |       Start File Phase           Speaker <---- Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | SFPACMD   | SFPA Command, '2'                     | F X(1)  |
   |   1 | SFPAACNT  | Answer Count                          | V 9(17) |
   o-------------------------------------------------------------------o

   SFPACMD   Command Code                                      Character

      Value: '2'  SFPA Command identifier.

   SFPAACNT  Answer Count                                    Numeric(17)

             The Listener must enter a count lower than or equal to the
             restart count specified by the Speaker in the Start File
             (SFID) command.  The count expresses the received user
             data.  If restart facilities are not available, a count of
             zero must be specified.

5.3.5.  SFNA - Start File Negative Answer

   o-------------------------------------------------------------------o
   |       SFNA        Start File Negative Answer                      |
   |                                                                   |
   |       Start File Phase           Speaker <---- Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | SFNACMD   | SFNA Command, '3'                     | F X(1)  |
   |   1 | SFNAREAS  | Answer Reason                         | F 9(2)  |
   |   3 | SFNARRTR  | Retry Indicator, (Y/N)                | F X(1)  |
   |   4 | SFNAREASL | Answer Reason Text Length             | V 9(3)  |
   |   7 | SFNAREAST | Answer Reason Text                    | V T(n)  |
   o-------------------------------------------------------------------o

   SFNACMD   Command Code                                      Character

      Value: '3'  SFNA Command identifier.

Top      Up      ToC       Page 51 
   SFNAREAS  Answer Reason                                    Numeric(2)

      Value: '01'  Invalid filename.
             '02'  Invalid destination.
             '03'  Invalid origin.
             '04'  Storage record format not supported.
             '05'  Maximum record length not supported.
             '06'  File size is too big.
             '10'  Invalid record count.
             '11'  Invalid byte count.
             '12'  Access method failure.
             '13'  Duplicate file.
             '14'  File direction refused.
             '15'  Cipher suite not supported.
             '16'  Encrypted file not allowed.
             '17'  Unencrypted file not allowed.
             '18'  Compression not allowed.
             '19'  Signed file not allowed.
             '20'  Unsigned file not allowed.
             '99'  Unspecified reason.

             Reason why transmission cannot proceed.

   SFNARRTR  Retry Indicator                                   Character

      Value: 'N'  Transmission should not be retried.
             'Y'  The transmission may be retried later.

             This parameter is used to advise the Speaker if it should
             retry at a later time due to a temporary condition at the
             Listener site, such as a lack of storage space.  It should
             be used in conjunction with the Answer Reason code
             (SFNAREAS).

             An invalid file name error code may be the consequence of a
             problem in the mapping of the Virtual File on to a real
             file.  Such problems cannot always be resolved immediately.
             It is therefore recommended that when an SFNA with Retry =
             Y is received the User Monitor attempts to retransmit the
             relevant file in a subsequent session.

   SFNAREASL Answer Reason Text Length                        Numeric(3)

             Length in octets of the field SFNAREAST.

             0 indicates that no SFNAREAST field follows.

Top      Up      ToC       Page 52 
   SFNAREAST Answer Reason Text                               [UTF-8](n)

             Reason why transmission cannot proceed in plain text.

             It is encoded using [UTF-8].

             Maximum length of the encoded reason is 999 octets.

             No general structure is defined for this attribute.

5.3.6.  DATA - Data Exchange Buffer

   o-------------------------------------------------------------------o
   |       DATA        Data Exchange Buffer                            |
   |                                                                   |
   |       Data Transfer Phase        Speaker ----> Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | DATACMD   | DATA Command, 'D'                     | F X(1)  |
   |   1 | DATABUF   | Data Exchange Buffer payload          | V U(n)  |
   o-------------------------------------------------------------------o

   DATACMD   Command Code                                      Character

      Value: 'D'  DATA Command identifier.

   DATABUF   Data Exchange Buffer payload                      Binary(n)

             Variable-length buffer containing the data payload.  The
             Data Exchange Buffer is described in Section 7.

5.3.7.  CDT - Set Credit

   o-------------------------------------------------------------------o
   |       CDT         Set Credit                                      |
   |                                                                   |
   |       Data Transfer Phase        Speaker <---- Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | CDTCMD    | CDT Command, 'C'                      | F X(1)  |
   |   1 | CDTRSV1   | Reserved                              | F X(2)  |
   o-------------------------------------------------------------------o

   CDTCMD    Command Code                                      Character

      Value: 'C'  CDT Command identifier.

Top      Up      ToC       Page 53 
   CDTRSV1   Reserved                                          String(2)

             This field is reserved for future use.

5.3.8.  EFID - End File

   o-------------------------------------------------------------------o
   |       EFID        End File                                        |
   |                                                                   |
   |       End File Phase             Speaker ----> Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | EFIDCMD   | EFID Command, 'T'                     | F X(1)  |
   |   1 | EFIDRCNT  | Record Count                          | V 9(17) |
   |  18 | EFIDUCNT  | Unit Count                            | V 9(17) |
   o-------------------------------------------------------------------o

   EFIDCMD   Command Code                                      Character

      Value: 'T'  EFID Command identifier.

   EFIDRCNT  Record Count                                    Numeric(17)

    Maximum: 99999999999999999

             For SSIDFMT 'F' or 'V', the exact record count.
             For SSIDFMT 'U' or 'T', zeros.

             The count will express the real size of the file (before
             buffer compression, header not included).  The total count
             is always used, even during restart processing.

   EFIDUCNT  Unit Count                                      Numeric(17)

    Maximum: 99999999999999999

             Exact number of units (octets) transmitted.

             The count will express the real size of the file.  The
             total count is always used, even during restart processing.

Top      Up      ToC       Page 54 
5.3.9.  EFPA - End File Positive Answer

   o-------------------------------------------------------------------o
   |       EFPA        End File Positive Answer                        |
   |                                                                   |
   |       End File Phase             Speaker <---- Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | EFPACMD   | EFPA Command, '4'                     | F X(1)  |
   |   1 | EFPACD    | Change Direction Indicator, (Y/N)     | F X(1)  |
   o-------------------------------------------------------------------o

   EFPACMD   Command Code                                      Character

      Value: '4'  EFPA Command identifier.

   EFPACD    Change Direction Indicator                        Character

      Value: 'N'  Change direction not requested.
             'Y'  Change direction requested.

             This parameter allows the Listener to request a Change
             Direction (CD) command from the Speaker.

5.3.10.  EFNA - End File Negative Answer

   o-------------------------------------------------------------------o
   |       EFNA        End File Negative Answer                        |
   |                                                                   |
   |       End File Phase             Speaker <---- Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | EFNACMD   | EFNA Command, '5'                     | F X(1)  |
   |   1 | EFNAREAS  | Answer Reason                         | F 9(2)  |
   |   3 | EFNAREASL | Answer Reason Text Length             | V 9(3)  |
   |   6 | EFNAREAST | Answer Reason Text                    | V T(n)  |
   o-------------------------------------------------------------------o

   EFNACMD   Command Code                                      Character

      Value: '5'  EFNA Command identifier.

Top      Up      ToC       Page 55 
   EFNAREAS  Answer Reason                                    Numeric(2)

      Value: '01'  Invalid filename.
             '02'  Invalid destination.
             '03'  Invalid origin.
             '04'  Storage record format not supported.
             '05'  Maximum record length not supported.
             '06'  File size is too big.
             '10'  Invalid record count.
             '11'  Invalid byte count.
             '12'  Access method failure.
             '13'  Duplicate file.
             '14'  File direction refused.
             '15'  Cipher suite not supported.
             '16'  Encrypted file not allowed.
             '17'  Unencrypted file not allowed.
             '18'  Compression not allowed.
             '19'  Signed file not allowed.
             '20'  Unsigned file not allowed.
             '21'  Invalid file signature.
             '22'  File decryption failure.
             '23'  File decompression failure.
             '99'  Unspecified reason.

             Reason why transmission failed.

   EFNAREASL Answer Reason Text Length                        Numeric(3)

             Length in octets of the field EFNAREAST.

             0 indicates that no EFNAREAST field follows.

   EFNAREAST Answer Reason Text                               [UTF-8](n)

             Reason why transmission failed in plain text.

             It is encoded using [UTF-8].

             Maximum length of the encoded reason is 999 octets.

             No general structure is defined for this attribute.

Top      Up      ToC       Page 56 
5.3.11.  ESID - End Session

   o-------------------------------------------------------------------o
   |       ESID        End Session                                     |
   |                                                                   |
   |       End Session Phase          Speaker ----> Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | ESIDCMD   | ESID Command, 'F'                     | F X(1)  |
   |   1 | ESIDREAS  | Reason Code                           | F 9(2)  |
   |   3 | ESIDREASL | Reason Text Length                    | V 9(3)  |
   |   6 | ESIDREAST | Reason Text                           | V T(n)  |
   |     | ESIDCR    | Carriage Return                       | F X(1)  |
   o-------------------------------------------------------------------o

   ESIDCMD   Command Code                                      Character

      Value: 'F'  ESID Command identifier.

   ESIDREAS  Reason Code                                      Numeric(2)

      Value: '00'  Normal session termination

             '01'  Command not recognised

                   An Exchange Buffer contains an invalid command code
                   (1st octet of the buffer).

             '02'  Protocol violation

                   An Exchange Buffer contains an invalid command for
                   the current state of the receiver.

             '03'  User code not known

                   A Start Session (SSID) command contains an unknown or
                   invalid Identification Code.

             '04'  Invalid password

                   A Start Session (SSID) command contained an invalid
                   password.

             '05'  Local site emergency close down

                   The local site has entered an emergency close down
                   mode.  Communications are being forcibly terminated.

Top      Up      ToC       Page 57 
             '06'  Command contained invalid data

                   A field within a Command Exchange Buffer contains
                   invalid data.

             '07'  Exchange Buffer size error

                   The length of the Exchange Buffer as determined by
                   the Stream Transmission Header differs from the
                   length implied by the Command Code.

             '08'  Resources not available

                   The request for connection has been denied due to a
                   resource shortage.  The connection attempt should be
                   retried later.

             '09'  Time out

             '10'  Mode or capabilities incompatible

             '11'  Invalid challenge response

             '12'  Secure authentication requirements incompatible

             '99'  Unspecified Abort code

                   An error was detected for which no specific code is
                   defined.

   ESIDREASL Reason Text Length                               Numeric(3)

             Length in octets of the field ESIDREAST.

             0 indicates that no ESIDREAST field is present.

   ESIDREAST Reason Text                                      [UTF-8](n)

             Reason why session ended in plain text.

             It is encoded using [UTF-8].

             Maximum length of the encoded reason is 999 octets.

             No general structure is defined for this attribute.

Top      Up      ToC       Page 58 
   ESIDCR    Carriage Return                                   Character

      Value: Character with hex value '0D' or '8D'.

5.3.12.  CD - Change Direction

   o-------------------------------------------------------------------o
   |       CD          Change Direction                                |
   |                                                                   |
   |       Start File Phase           Speaker ----> Listener           |
   |       End File Phase             Speaker ----> Listener           |
   |       End Session Phase        Initiator <---> Responder          |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | CDCMD     | CD Command, 'R'                       | F X(1)  |
   o-------------------------------------------------------------------o

   CDCMD     Command Code                                      Character

      Value: 'R'  CD Command identifier.

5.3.13.  EERP - End to End Response

   o-------------------------------------------------------------------o
   |       EERP        End to End Response                             |
   |                                                                   |
   |       Start File Phase           Speaker ----> Listener           |
   |       End File Phase             Speaker ----> Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | EERPCMD   | EERP Command, 'E'                     | F X(1)  |
   |   1 | EERPDSN   | Virtual File Dataset Name             | V X(26) |
   |  27 | EERPRSV1  | Reserved                              | F X(3)  |
   |  30 | EERPDATE  | Virtual File Date stamp, (CCYYMMDD)   | V 9(8)  |
   |  38 | EERPTIME  | Virtual File Time stamp, (HHMMSScccc) | V 9(10) |
   |  48 | EERPUSER  | User Data                             | V X(8)  |
   |  56 | EERPDEST  | Destination                           | V X(25) |
   |  81 | EERPORIG  | Originator                            | V X(25) |
   | 106 | EERPHSHL  | Virtual File hash length              | V U(2)  |
   | 108 | EERPHSH   | Virtual File hash                     | V U(n)  |
   |     | EERPSIGL  | EERP signature length                 | V U(2)  |
   |     | EERPSIG   | EERP signature                        | V U(n)  |
   o-------------------------------------------------------------------o

Top      Up      ToC       Page 59 
   EERPCMD   Command Code                                      Character

      Value: 'E'  EERP Command identifier.

   EERPDSN   Virtual File Dataset Name                        String(26)

             Dataset name of the Virtual File being transferred,
             assigned by bilateral agreement.

             No general structure is defined for this attribute.

             See Virtual Files - Identification (Section 1.5.2)

   EERPRSV1  Reserved                                          String(3)

             This field is reserved for future use.

   EERPDATE  Virtual File Date stamp                          Numeric(8)

     Format: 'CCYYMMDD'  8 decimal digits representing the century,
             year, month, and day, respectively.

             Date stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   EERPTIME  Virtual File Time stamp                         Numeric(10)

     Format: 'HHMMSScccc'  10 decimal digits representing hours,
             minutes, seconds, and a counter (0001-9999), which gives
             higher resolution.

             Time stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   EERPUSER  User Data                                         String(8)

             May be used by ODETTE-FTP in any way.  If unused, it should
             be initialised to spaces.  It is expected that a bilateral
             agreement exists as to the meaning of the data.

Top      Up      ToC       Page 60 
   EERPDEST  Destination                                      String(25)

     Format: See Identification Code (Section 5.4)

             Originator of the Virtual File.

             This is the location that created the data for
             transmission.

   EERPORIG  Originator                                       String(25)

     Format: See Identification Code (Section 5.4)

             Final Recipient of the Virtual File.

             This is the location that will look into the Virtual File
             content and process it accordingly.  It is also the
             location that creates the EERP for the received file.

   EERPHSHL  Virtual File hash length                          Binary(2)

             Length in octets of the field EERPHSH.

             A binary value of 0 indicates that no hash is present.
             This is always the case if the EERP is not signed.

   EERPHSH   Virtual File hash                                 Binary(n)

             Hash of the transmitted Virtual File, i.e., not the hash of
             the original file.

             The algorithm used is determined by the bilaterally agreed
             cipher suite specified in the SFIDCIPH.

             It is an application implementation issue to validate the
             EERPHSH to ensure that the EERP is acknowledging the exact
             same file as was originally transmitted.

   EERPSIGL  EERP signature length                             Binary(2)

             0 indicates that this EERP has not been signed.

             Any other value indicates the length of EERPSIG in octets
             and indicates that this EERP has been signed.

Top      Up      ToC       Page 61 
   EERPSIG   EERP signature                                    Binary(n)

             Contains the [CMS] enveloped signature of the EERP.

             Signature = Sign{EERPDSN
                              EERPDATE
                              EERPTIME
                              EERPDEST
                              EERPORIG
                              EERPHSH}

             Each field is taken in its entirety, including any padding.
             The envelope must contain the original data, not just the
             signature.

             The [CMS] content type used is SignedData.

             The encapsulated content type used is id-data.

             It is an application issue to validate the signature with
             the contents of the EERP.

5.3.14.  NERP - Negative End Response

   o-------------------------------------------------------------------o
   |       NERP        Negative End Response                           |
   |                                                                   |
   |       Start File Phase           Speaker ----> Listener           |
   |       End File Phase             Speaker ----> Listener           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | NERPCMD   | NERP Command, 'N'                     | F X(1)  |
   |   1 | NERPDSN   | Virtual File Dataset Name             | V X(26) |
   |  27 | NERPRSV1  | Reserved                              | F X(6)  |
   |  33 | NERPDATE  | Virtual File Date stamp, (CCYYMMDD)   | V 9(8)  |
   |  41 | NERPTIME  | Virtual File Time stamp, (HHMMSScccc) | V 9(10) |
   |  51 | NERPDEST  | Destination                           | V X(25) |
   |  76 | NERPORIG  | Originator                            | V X(25) |
   | 101 | NERPCREA  | Creator of NERP                       | V X(25) |
   | 126 | NERPREAS  | Reason code                           | F 9(2)  |
   | 128 | NERPREASL | Reason text length                    | V 9(3)  |
   | 131 | NERPREAST | Reason text                           | V T(n)  |
   |     | NERPHSHL  | Virtual File hash length              | V U(2)  |
   |     | NERPHSH   | Virtual File hash                     | V U(n)  |
   |     | NERPSIGL  | NERP signature length                 | V U(2)  |
   |     | NERPSIG   | NERP signature                        | V U(n)  |
   o-------------------------------------------------------------------o

Top      Up      ToC       Page 62 
   NERPCMD   Command Code                                      Character

      Value: 'N'  NERP Command identifier.

   NERPDSN   Virtual File Dataset Name                        String(26)

             Dataset name of the Virtual File being transferred,
             assigned by bilateral agreement.

             No general structure is defined for this attribute.

             See Virtual Files - Identification (Section 1.5.2)

   NERPRSV1  Reserved                                          String(6)

             This field is reserved for future use.

   NERPDATE  Virtual File Date stamp                          Numeric(8)

     Format: 'CCYYMMDD'  8 decimal digits representing the century,
             year, month, and day, respectively.

             Date stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   NERPTIME  Virtual File Time stamp                         Numeric(10)

     Format: 'HHMMSScccc'  10 decimal digits representing hours,
             minutes, seconds, and a counter (0001-9999), which gives
             higher resolution.

             Time stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   NERPDEST  Destination                                      String(25)

     Format: See Identification Code (Section 5.4)

             Originator of the Virtual File.

             This is the location that created the data for
             transmission.

Top      Up      ToC       Page 63 
   NERPORIG  Originator                                       String(25)

     Format: See Identification Code (Section 5.4)

             The Final Recipient of the Virtual File.

             This is the location that will look into the Virtual File
             content and perform mapping functions.

   NERPCREA  Creator of the NERP                              String(25)

     Format: See Identification Code (Section 5.4)

             It is the location that created the NERP.

   NERPREAS  Reason code                                      Numeric(2)

             This attribute will specify why transmission cannot proceed
             or why processing of the file failed.

             "SFNA(RETRY=N)" below should be interpreted as "EFNA or
             SFNA(RETRY=N)" where appropriate.

      Value  '03'  ESID received with reason code '03'
                    (user code not known)
             '04'  ESID received with reason code '04'
                    (invalid password)
             '09'  ESID received with reason code '99'
                    (unspecified reason)
             '11'  SFNA(RETRY=N) received with reason code '01'
                    (invalid file name)
             '12'  SFNA(RETRY=N) received with reason code '02'
                    (invalid destination)
             '13'  SFNA(RETRY=N) received with reason code '03'
                    (invalid origin)
             '14'  SFNA(RETRY=N) received with reason code '04'
                    (invalid storage record format)
             '15'  SFNA(RETRY=N) received with reason code '05'
                    (maximum record length not supported)
             '16'  SFNA(RETRY=N) received with reason code '06'
                    (file size too big)
             '20'  SFNA(RETRY=N) received with reason code '10'
                    (invalid record count)
             '21'  SFNA(RETRY=N) received with reason code '11'
                    (invalid byte count)
             '22'  SFNA(RETRY=N) received with reason code '12'
                    (access method failure)

Top      Up      ToC       Page 64 
             '23'  SFNA(RETRY=N) received with reason code '13'
                    (duplicate file)
             '24'  SFNA(RETRY=N) received with reason code '14'
                    (file direction refused)
             '25'  SFNA(RETRY=N) received with reason code '15'
                    (cipher suite not supported)
             '26'  SFNA(RETRY=N) received with reason code '16'
                    (encrypted file not allowed)
             '27'  SFNA(RETRY=N) received with reason code '17'
                    (unencrypted file not allowed)
             '28'  SFNA(RETRY=N) received with reason code '18'
                    (compression not allowed)
             '29'  SFNA(RETRY=N) received with reason code '19'
                    (signed file not allowed)
             '30'  SFNA(RETRY=N) received with reason code '20'
                    (unsigned file not allowed)
             '31'  File signature not valid.
             '32'  File decompression failed.
             '33'  File decryption failed.
             '34'  File processing failed.
             '35'  Not delivered to recipient.
             '36'  Not acknowledged by recipient.
             '50'  Transmission stopped by the operator.
             '90'  File size incompatible with recipient's
                    protocol version.
             '99'  Unspecified reason.

   NERPREASL Reason Text Length                              Numeric(3)

             Length in octets of the field NERPREAST.

             0 indicates that no NERPREAST field follows.

   NERPREAST Reason Text                                     [UTF-8](n)

             Reason why transmission cannot proceed in plain text.

             It is encoded using [UTF-8].

             Maximum length of the encoded reason is 999 octets.

             No general structure is defined for this attribute.

Top      Up      ToC       Page 65 
   NERPHSHL  Virtual File hash length                          Binary(2)

             Length in octets of the field NERPHSH.

             A binary value of 0 indicates that no hash is present.
             This is always the case if the NERP is not signed.

   NERPHSH   Virtual File hash                                 Binary(n)

             Hash of the Virtual File being transmitted.

             The algorithm used is determined by the bilaterally agreed
             cipher suite specified in the SFIDCIPH.

   NERPSIGL  NERP Signature length                             Binary(2)

             0 indicates that this NERP has not been signed.

             Any other value indicates the length of NERPSIG in octets
             and indicates that this NERP has been signed.

   NERPSIG   NERP Signature                                    Binary(n)

             Contains the [CMS] enveloped signature of the NERP.

             Signature = Sign{NERPDSN
                              NERPDATE
                              NERPTIME
                              NERPDEST
                              NERPORIG
                              NERPCREA
                              NERPHSH}

             Each field is taken in its entirety, including any padding.
             The envelope must contain the original data, not just the
             signature.

             The [CMS] content type used is SignedData.

             The encapsulated content type used is id-data.

             It is an application issue to validate the signature with
             the contents of the NERP.

Top      Up      ToC       Page 66 
5.3.15.  RTR - Ready To Receive

   o-------------------------------------------------------------------o
   |       RTR         Ready To Receive                                |
   |                                                                   |
   |       Start File Phase         Initiator <---- Responder          |
   |       End File Phase           Initiator <---- Responder          |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | RTRCMD    | RTR Command, 'P'                      | F X(1)  |
   o-------------------------------------------------------------------o

   RTRCMD    Command Code                                      Character

      Value: 'P'  RTR Command identifier.

5.3.16.  SECD - Security Change Direction

   o-------------------------------------------------------------------o
   |       SECD        Security Change Direction                       |
   |                                                                   |
   |       Start Session Phase     Initiator <---> Responder           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | SECDCMD   | SECD Command, 'J'                     | F X(1)  |
   o-------------------------------------------------------------------o

   SECDCMD   Command Code                                      Character

      Value: 'J'  SECD Command identifier.

5.3.17.  AUCH - Authentication Challenge

   o-------------------------------------------------------------------o
   |       AUCH        Authentication Challenge                        |
   |                                                                   |
   |       Start Session Phase     Initiator <---> Responder           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | AUCHCMD   | AUCH Command, 'A'                     | F X(1)  |
   |   1 | AUCHCHLL  | Challenge Length                      | V U(2)  |
   |   3 | AUCHCHAL  | Challenge                             | V U(n)  |
   o-------------------------------------------------------------------o

Top      Up      ToC       Page 67 
   AUCHCMD   Command Code                                      Character

      Value: 'A'  AUCH Command identifier.

   AUCHCHLL  Challenge length                                  Binary(2)

             Indicates the length of AUCHCHAL in octets.

             The length is expressed as an unsigned binary number using
             network byte order.

   AUCHCHAL  Challenge                                         Binary(n)

             A [CMS] encrypted 20-byte random number uniquely generated
             each time an AUCH is sent.

   NOTE:

   Any encryption algorithm that is available through a defined cipher
   suite (Section 10.2) may be used.  See Section 10.1 regarding the
   choice of a cipher suite.

5.3.18.  AURP - Authentication Response

   o-------------------------------------------------------------------o
   |       AURP        Authentication Response                         |
   |                                                                   |
   |       Start Session Phase     Initiator <---> Responder           |
   |-------------------------------------------------------------------|
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | AURPCMD   | AURP Command, 'S'                     | F X(1)  |
   |   1 | AURPRSP   | Response                              | V U(20) |
   o-------------------------------------------------------------------o

   AURPCMD   Command Code                                      Character

      Value: 'S'  AURP Command identifier.

   AURPRSP   Response                                         Binary(20)

             Contains the decrypted challenge (AUCHCHAL).

Top      Up      ToC       Page 68 
   IMPORTANT:

   It is an application implementation issue to validate a received AURP
   to ensure that the response matches the challenge.  This validation
   is extremely important to ensure that a party is correctly
   authenticated.

5.4.  Identification Code

   The Initiator (sender) and Responder (receiver) participating in an
   ODETTE-FTP session are uniquely identified by an Identification Code
   based on [ISO-6523], Structure for the Identification of
   Organisations (SIO).  The locations are considered to be adjacent for
   the duration of the transmission.

   The SIO has the following format.

   o-------------------------------------------------------------------o
   | Pos | Field     | Description                           | Format  |
   |-----+-----------+---------------------------------------+---------|
   |   0 | SIOOID    | ODETTE Identifier                     | F X(1)  |
   |   1 | SIOICD    | International Code Designator         | V 9(4)  |
   |   5 | SIOORG    | Organisation Code                     | V X(14) |
   |  19 | SIOCSA    | Computer Subaddress                   | V X(6)  |
   o-------------------------------------------------------------------o

   SIOOID    ODETTE Identifier                                 Character

      Value: 'O' Indicates ODETTE assigned Organisation Identifier.
                 Other values may be used for non-ODETTE codes.

   SIOICD    International Code Designator                     String(4)

             A code forming part of the Organisation Identifier.

   SIOORG    Organisation Code                                String(14)

             A code forming part of the Organisation Identifier.  This
             field may contain the letters A to Z, the digits 0 to 9,
             and space and hyphen characters.

   SIOCSA    Computer Subaddress                               String(6)

             A locally assigned address that uniquely identifies a
             system within an organisation (defined by an Organisation
             Identifier).


Next RFC Part