Tech-invite3GPPspaceIETF RFCsSIP
929190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 5024

ODETTE File Transfer Protocol 2.0

Pages: 135
Informational
Errata
Obsoletes:  2204
Updated by:  8996
Part 2 of 4 – Pages 28 to 68
First   Prev   Next

Top   ToC   RFC5024 - Page 28   prevText

4. Protocol Specification

4.1. Overview

ODETTE-FTP is divided into five operating phases. Start Session Start File Data Transfer End File End Session After the End File phase, an ODETTE-FTP entity may enter a new Start File phase or terminate the session via the End Session phase. ODETTE-FTP peers communicate by sending and receiving messages in Exchange Buffers via the Network Service. Each Exchange Buffer contains one of the following commands. SSRM Start Session Ready Message SSID Start Session SECD Security Change Direction AUCH Authentication Challenge AURP Authentication Response SFID Start File SFPA Start File Positive Answer SFNA Start File Negative Answer DATA Data CDT Set Credit EFID End File EFPA End File Positive Answer EFNA End File Negative Answer ESID End Session CD Change Direction EERP End to End Response NERP Negative End Response RTR Ready To Receive The remainder of this section describes the protocol flows. Section five details the command formats.

4.2. Start Session Phase

The Start Session phase is entered immediately after the network connection has been established.
Top   ToC   RFC5024 - Page 29

4.2.1. Entity Definition

The ODETTE-FTP entity that took the initiative to establish the network connection becomes the Initiator. Its peer becomes the Responder.

4.2.2. Protocol Sequence

The first message must be sent by the Responder. 1. Initiator <-------------SSRM -- Responder Ready Message -- SSID ------------> Identification <------------ SSID -- Identification

4.2.3. Secure Authentication

Having exchanged SSIDs, the Initiator may optionally begin an authentication phase, in which each party proves its identity to the other.

4.2.4. Protocol Sequence

The first authentication message must be sent by the Initiator. 1. Initiator -- SECD ------------> Responder Change Direction <------------ AUCH -- Challenge -- AURP ------------> Response <------------ SECD -- Change Direction -- AUCH ------------> Challenge <------------ AURP -- Response The Initiator sends a Security Change Direction (SECD) to which the Responder replies with an Authentication Challenge (AUCH). The Responder looks up the public certificate that is linked to the purported identity of the Initiator (located in the SSID). If the Responder is unable to locate a suitable certificate then authentication fails. The Responder uses the public key contained in the certificate to encrypt a random challenge, unique for each session, for the Initiator. This encrypted challenge is sent as a [CMS] envelope to the Initiator as part of the AUCH. The Initiator decrypts the challenge using their private key and sends the decrypted challenge back to the Responder in the Authentication Response (AURP). The Responder checks that the data received in the AURP matches the random challenge that was sent to the Initiator.
Top   ToC   RFC5024 - Page 30
   If the data matches, then the Initiator has authenticated
   successfully and the Responder replies with a Security Change
   Direction (SECD) beginning the complementary process of verifying the
   Responder to the Initiator.  If the data does not match, then the
   Initiator fails authentication.

4.3. Start File Phase

4.3.1. Entity Definition

The Initiator from the Start Session phase is designated the Speaker while the Responder becomes the Listener. The roles are reversed by the Speaker sending a Change Direction command to the Listener.

4.3.2. Protocol Sequence

1. Speaker -- SFID ------------> Listener Start File <------------ SFPA -- Answer YES 2. Speaker -- SFID ------------> Listener Start File <------------ SFNA -- Answer NO Go To 1 Note: The User Monitor should take steps to prevent a loop situation occurring. 2. Speaker -- CD --------------> Listener Change Direction Listener <------------ EERP -- Speaker End to End Response -- RTR -------------> Ready to Receive <------------ NERP -- Negative End Response -- RTR -------------> Ready to Receive <------------ SFID -- Start File

4.3.3. Restart Facilities

The Start File command includes a count allowing the restart of an interrupted transmission to be negotiated. If restart facilities are not available, the restart count must be set to zero. The sender will start with the lowest record count + 1.

4.3.4. Broadcast Facilities

The destination in a Start File command can be specified as follows. 1. An explicitly defined destination. 2. A group destination that allows an intermediate location to broadcast the Virtual File to multiple destinations.
Top   ToC   RFC5024 - Page 31
   The Listener will send a negative answer to the Speaker when the
   destination is not known.

4.3.5. Priority

The prioritisation of files for transmission is left to the local implementation. To allow some flexibility, a change direction mechanism is available in the End File phase.

4.3.6. End to End Response (EERP)

The End to End Response (EERP) command notifies the originator of a Virtual File that the Virtual File has been successfully delivered to its final destination. This allows the originator to perform house keeping tasks such as deleting copies of the delivered data. If the originator of the Virtual File requested a signed EERP in the SFID, the EERP must be signed. Signing allows the originator of the file to prove that the EERP was generated by the final destination. If the final destination is unable to sign the EERP, it may send back an unsigned EERP. It is an implementation issue to allow the acceptance of an unsigned EERP if a signed EERP is requested. A Response Command must be sent from the location performing the final processing or distribution of the data to the originator. The Response is mandatory and may be sent in the same or in any subsequent session. When an intermediate location broadcasts or distributes a Virtual File, it must receive a Response command from all the locations to which it forwarded the data before sending its own Response. This ensures that the Response received by the Virtual File's originator accounts for all the destination locations. An intermediate location therefore needs to track the status of files it processes over time. The requesting of a signed EERP is incompatible with the use of broadcast facilities because an EERP can be signed by only one destination. If this scenario occurs, the intermediate broadcast location may continue and ignore the request for a signed EERP or send back a NERP. Example: Point to Point Location A sends file Ba to location B, which will send an EERP to location A after it successfully receives the file.
Top   ToC   RFC5024 - Page 32
         o----------o                          o-----------o
         | Loc. A   |----------- S1 ---------->| Loc. B    |
         |          |                          |           |
         | [Ba]     |<---------- R2 -----------| [Ba]      |
         +----------o                          o-----------o

                     Key:   S - File Transfer
                            R - Response EERP
                         [Ba] - File for B from A

   Example: Data distribution

      Location A sends a Virtual File containing data for distribution
      to locations B and C via clearing centres E1 and E2.  Clearing
      centre E1 must wait for a response from E2 (for file Ba) and
      location C before it sends its response, R8, to location A.
      Clearing centre E2 can only send response R7 to E1 when location B
      acknowledges file Ba with response R6.

   o---------o        o---------o        o---------o        o---------o
   | Loc. A  |-- S1 ->| Loc. E1 |-- S2 ->| Loc. E2 |-- S5 ->| Loc. B  |
   |         |        |         |        |         |        |         |
   | [Ba,Ca] |<- R8 --| [Ba,Ca] |<- R7 --| [Ba]    |<- R6 --| [Ba]    |
   o---------o        o---------o        o---------o        o---------o
                         A   |
                         |   |           o---------o
                         |   +----- S3 ->| Loc. C  |
                         |               |         |
                         +--------- R4 --| [Ca]    |
                                         o---------o

   Example: Data collection

      Locations A and B send files Ca and Cb to clearing centre E1,
      which forwards both files to location C in a single Virtual File.
      When it receives response R4 from C, clearing centre E1 sends
      response R5 to location A and R6 to location B.
Top   ToC   RFC5024 - Page 33
         o---------o        o---------o        o---------o
         | Loc. A  |-- S1 ->| Loc. E1 |-- S3 ->| Loc. C  |
         |         |        |         |        |         |
         | [Ca]    |<- R5 --| [Ca,Cb] |<- R4 --| [Ca,Cb] |
         o---------o        o---------o        o---------o
                               A   |
         o---------o           |   |
         | Loc. B  |-- S2 -----+   |
         |         |               |
         | [Cb]    |<- R6 ---------+
         o---------o

4.3.7. Negative End Response (NERP)

In addition to the EERP, which allows control over successful transmission of a file, a Negative End Response signals that a file could not be delivered to the final destination or that the final destination could not process the received file. It may be created by an intermediate node that could not transmit the file any further because the next node refuses to accept the file. The cause of the refusal has to be non-temporary, otherwise the intermediate node has to try the transmission again. It may also be created by the final node that is unable to process the file because of non-recoverable syntax or semantic errors in the file, or because of the failure of any other processing performed on the file. The NERP will be sent back to the originator of the file. The parameters are equal to the ones of the EERP, but with additional information about the creator of the NERP and the abort reason. Where the NERP is created due to a failure to transmit, the abort reason is taken from the refusal reason that was sent by the node refusing the file. Because of the NERP, it is possible for the intermediate node to stop trying to send the non-deliverable file and to delete the file. The NERP allows the originator of the file to react to the unsuccessful transmission or processing, depending on the reason code and the creator of the NERP. If the originator of the Virtual File requested a signed EERP in the SFID, the NERP must be signed. Signing allows the originator of the file to prove by whom the NERP was generated. If the location
Top   ToC   RFC5024 - Page 34
   generating the NERP is unable to sign the NERP, it may send back an
   unsigned NERP.  It is an implementation issue to allow the acceptance
   of an unsigned EERP if a signed NERP is requested.

4.3.8. Ready To Receive Command (RTR)

In order to avoid congestion between two adjacent nodes caused by a continuous flow of EERPs and NERPs, a Ready To Receive (RTR) command is provided. The RTR acts as an EERP/NERP acknowledgement for flow control but has no end-to-end significance. Speaker -- EERP ------------> Listener End to End Response <------------- RTR -- Ready to Receive -- EERP ------------> End to End Response <------------- RTR -- Ready to Receive -- NERP ------------> Negative End Response <------------- RTR -- Ready to Receive -- SFID ------------> Start File or -- CD --------------> Exchange the turn After sending an EERP or NERP, the Speaker must wait for an RTR before sending any other commands. The only acceptable commands to follow are: EERP NERP SFID or CD (if there are no more EERPs or NERPs to be sent)

4.4. Data Transfer Phase

Virtual File data flows from the Speaker to the Listener during the Data Transfer phase, which is entered after the Start File phase.

4.4.1. Protocol Sequence

To avoid congestion at the protocol level, a flow control mechanism is provided via the Set Credit (CDT) command. A Credit limit is negotiated in the Start Session phase; this represents the number of Data Exchange Buffers that the Speaker may send before it is obliged to wait for a Credit command from the Listener. The available credit is initially set to the negotiated value by the Start File positive answer, which acts as an implicit Credit command. The Speaker decreases the available credit count by one for each data buffer sent to the Listener.
Top   ToC   RFC5024 - Page 35
   When the available credit is exhausted, the Speaker must wait for a
   Credit command from the Listener; otherwise, a protocol error will
   occur and the session will be aborted.

   The Listener should endeavour to send the Credit command without
   delay to prevent the Speaker blocking.

   1. Speaker  -- SFID ------------> Listener   Start File
               <------------ SFPA --            Answer YES

   2. If the credit value is set to 2

      Speaker  -- Data ------------> Listener   Start File
               -- Data ------------>
               <------------- CDT --            Set Credit
               -- Data ------------>
               -- EFID ------------>            End File

4.5. End File Phase

4.5.1. Protocol Sequence

The Speaker notifies the Listener that it has finished sending a Virtual File by sending an End File (EFID) command. The Listener replies with a positive or negative End File command and has the option to request a Change Direction command from the Speaker. 1. Speaker -- EFID ------------> Listener End File <------------ EFPA -- Answer YES 2. Speaker -- EFID ------------> Listener End File <------------ EFPA -- Answer YES + CD -- CD --------------> Change Direction Listener <------------ EERP -- Speaker End to End Response -------------- RTR -> Ready to Receive Listener <------------ NERP -- Speaker Negative End Response -------------- RTR -> Ready to Receive Go to Start File Phase 3. Speaker -- EFID ------------> Listener End File <------------ EFNA -- Answer NO
Top   ToC   RFC5024 - Page 36

4.6. End Session Phase

4.6.1. Protocol Sequence

The Speaker terminates the session by sending an End Session (ESID) command. The Speaker may only do this if the Listener has just relinquished its role as speaker. 1. Speaker -- EFID ------------> Listener End File <------------ EFPA -- Answer YES -- CD --------------> Change Direction Listener <------------ ESID -- Speaker End Session

4.7. Problem Handling

Error detection and handling should be done as close as possible to the problem. This aids problem determination and correction. Each layer of the reference model is responsible for its own error handling. ODETTE-FTP can detect protocol errors by virtue of its state machine and uses activity timers to detect session hang conditions. These mechanisms are separate from the End to End controls.

4.7.1. Protocol Errors

If a protocol error occurs, the session will be terminated and application activity aborted. Both locations enter the IDLE state.

4.7.2. Timers

To protect against application and network hang conditions, ODETTE- FTP uses activity timers for all situations where a response is required. The timers and actions to be taken if they expire are described in Section 9, "Protocol State Machine".

4.7.3. Clearing Centres

The use of clearing centres introduces the possibility of errors occurring as a result of data processing activities within the centre. Such errors are not directly related to ODETTE-FTP or the communication network and are therefore outside the scope of this specification.
Top   ToC   RFC5024 - Page 37

5. Commands and Formats

ODETTE-FTP entities communicate via Exchange Buffers. The Command Exchange Buffers are described below. Virtual File data is carried in Data Exchange Buffers, which are described in Section 7.

5.1. Conventions

5.1.1. Representation Unit

The basic unit of information is an octet, containing 8 bits.

5.1.2. Values and Characters

The ISO 646 IRV 7-bit coded character set [ISO-646], according to Appendix B, is used to encode constants and strings within Command Exchange Buffers except where [UTF-8] is explicitly indicated against a field.

5.2. Commands

A Command Exchange Buffer contains a single command starting at the beginning of the buffer. Commands and data are never mixed within an Exchange Buffer. Commands cannot be compressed. Variable-length parameters may be omitted entirely if not required and the associated length indicator field set to zero. Components: 1. Command identifier: The first octet of an Exchange Buffer is the Command Identifier and defines the format of the buffer. 2. Parameter(s): Command parameters are stored in fields within a Command Exchange Buffer. Where variable-length fields are used, they are preceded with a header field indicating the length. All values are required except where explicitly indicated.

5.3. Command Formats

The ODETTE-FTP commands are described below using the following definitions.
Top   ToC   RFC5024 - Page 38
   Position (Pos)

      Field offset within the Command Exchange Buffer, relative to a
      zero origin.

   Field

      The name of the field.

   Description

      A description of the field.

   Format

      F    - A field containing fixed values.  All allowable values for
             the field are enumerated in the command definition.

      V    - A field with variable values within a defined range.  For
             example, the SFIDLRECL field may contain any integer value
             between 00000 and 99999.

      X(n) - An alphanumeric field of length n octets.

        A String contains alphanumeric characters from the following
        set:

         The numerals:               0 to 9
         The upper case letters:     A to Z
         The following special set:  / - . & ( ) space.

        Space is not allowed as an embedded character.

      9(n) - A numeric field of length n octets.

      U(n) - A binary field of length n octets.

             Numbers encoded as binary are always unsigned and in
             network byte order.

      T(n) - An field of length n octets, encoded using [UTF-8].

      String and alphanumeric fields are always left justified and right
      padded with spaces where needed.

      Numeric fields are always right justified and left padded with
      zeros where needed.
Top   ToC   RFC5024 - Page 39
      Reserved fields should be padded with spaces.

5.3.1. SSRM - Start Session Ready Message

o-------------------------------------------------------------------o | SSRM Start Session Ready Message | | | | Start Session Phase Initiator <---- Responder | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | SSRMCMD | SSRM Command, 'I' | F X(1) | | 1 | SSRMMSG | Ready Message, 'ODETTE FTP READY ' | F X(17) | | 18 | SSRMCR | Carriage Return | F X(1) | o-------------------------------------------------------------------o SSRMCMD Command Code Character Value: 'I' SSRM Command identifier. SSRMMSG Ready Message String(17) Value: 'ODETTE FTP READY ' SSRMCR Carriage Return Character Value: Character with hex value '0D' or '8D'.
Top   ToC   RFC5024 - Page 40

5.3.2. SSID - Start Session

o-------------------------------------------------------------------o | SSID Start Session | | | | Start Session Phase Initiator <---> Responder | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | SSIDCMD | SSID Command 'X' | F X(1) | | 1 | SSIDLEV | Protocol Release Level | F 9(1) | | 2 | SSIDCODE | Initiator's Identification Code | V X(25) | | 27 | SSIDPSWD | Initiator's Password | V X(8) | | 35 | SSIDSDEB | Data Exchange Buffer Size | V 9(5) | | 40 | SSIDSR | Send / Receive Capabilities (S/R/B) | F X(1) | | 41 | SSIDCMPR | Buffer Compression Indicator (Y/N) | F X(1) | | 42 | SSIDREST | Restart Indicator (Y/N) | F X(1) | | 43 | SSIDSPEC | Special Logic Indicator (Y/N) | F X(1) | | 44 | SSIDCRED | Credit | V 9(3) | | 47 | SSIDAUTH | Secure Authentication (Y/N) | F X(1) | | 48 | SSIDRSV1 | Reserved | F X(4) | | 52 | SSIDUSER | User Data | V X(8) | | 60 | SSIDCR | Carriage Return | F X(1) | o-------------------------------------------------------------------o SSIDCMD Command Code Character Value: 'X' SSID Command identifier. SSIDLEV Protocol Release Level Numeric(1) Used to specify the level of the ODETTE-FTP protocol Value: '1' for Revision 1.2 '2' for Revision 1.3 '4' for Revision 1.4 '5' for Revision 2.0 Future release levels will have higher numbers. The protocol release level is negotiable, with the lowest level being selected. Note: ODETTE File Transfer Protocol 1.3 (RFC 2204) specifies '1' for the release level, despite adhering to revision 1.3.
Top   ToC   RFC5024 - Page 41
   SSIDCODE  Initiator's Identification Code                  String(25)

    Format:  See Identification Code (Section 5.4)

             Uniquely identifies the Initiator (sender) participating in
             the ODETTE-FTP session.

             It is an application implementation issue to link the
             expected [X.509] certificate to the SSIDCODE provided.

   SSIDPSWD  Initiator's Password                              String(8)

             Key to authenticate the sender.  Assigned by bilateral
             agreement.

   SSIDSDEB  Data Exchange Buffer Size                        Numeric(5)

    Minimum: 128
    Maximum: 99999

             The length, in octets, of the largest Data Exchange Buffer
             that can be accepted by the location.  The length includes
             the command octet but does not include the Stream
             Transmission Header.

             After negotiation, the smallest size will be selected.

   SSIDSR    Send / Receive Capabilities                       Character

      Value: 'S'  Location can only send files.
             'R'  Location can only receive files.
             'B'  Location can both send and receive files.

             Sending and receiving will be serialised during the
             session, so parallel transmissions will not take place in
             the same session.

             An error occurs if adjacent locations both specify the send
             or receive capability.
Top   ToC   RFC5024 - Page 42
   SSIDCMPR  Buffer Compression Indicator                      Character

      Value: 'Y'  The location can handle OFTP data buffer compression
             'N'  The location cannot handle OFTP buffer compression

             Compression is only used if supported by both locations.

             The compression mechanism referred to here applies to each
             individual OFTP data buffer.  This is different from the
             file compression mechanism in OFTP, which involves the
             compression of whole files.

   SSIDREST  Restart Indicator                                 Character

      Value: 'Y'  The location can handle the restart of a partially
                  transmitted file.
             'N'  The location cannot restart a file.

   SSIDSPEC  Special Logic Indicator                           Character

      Value: 'Y'  Location can handle Special Logic
             'N'  Location cannot handle Special Logic

             Special Logic is only used if supported by both locations.

             The Special Logic extensions are only useful to access an
             X.25 network via an asynchronous entry and are not
             supported for TCP/IP connections.

   SSIDCRED  Credit                                           Numeric(3)

    Maximum: 999

             The number of consecutive Data Exchange Buffers sent by the
             Speaker before it must wait for a Credit (CDT) command from
             the Listener.

             The credit value is only applied to Data flow in the Data
             Transfer phase.

             The Speaker's available credit is initialised to SSIDCRED
             when it receives a Start File Positive Answer (SFPA)
             command from the Listener.  It is zeroed by the End File
             (EFID) command.

             After negotiation, the smallest size must be selected in
             the answer of the Responder, otherwise a protocol error
             will abort the session.
Top   ToC   RFC5024 - Page 43
             Negotiation of the "credit-window-size" parameter.

             Window Size m  -- SSID ------------>
                            <------------ SSID --  Window Size n
                                                  (n less than or
                                                   equal to m)
             Note: negotiated value will be "n".

   SSIDAUTH  Secure Authentication                             Character

      Value: 'Y'  The location requires secure authentication.  'N'  The
             location does not require secure authentication.

             Secure authentication is only used if agreed by both
             locations.

             If the answer of the Responder does not match with the
             authentication requirements of the Initiator, then the
             Initiator must abort the session.

             No negotiation of authentication is allowed.

             authentication p  -- SSID ------------>
                               <------------ SSID --  authentication q

             p == q -> continue.
             p != q -> abort.

   SSIDRSV1  Reserved                                          String(4)

             This field is reserved for future use.

   SSIDUSER  User Data                                         String(8)

             May be used by ODETTE-FTP in any way.  If unused, it should
             be initialised to spaces.  It is expected that a bilateral
             agreement exists as to the meaning of the data.

   SSIDCR    Carriage Return                                   Character

      Value: Character with hex value '0D' or '8D'.
Top   ToC   RFC5024 - Page 44

5.3.3. SFID - Start File

o-------------------------------------------------------------------o | SFID Start File | | | | Start File Phase Speaker ----> Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | SFIDCMD | SFID Command, 'H' | F X(1) | | 1 | SFIDDSN | Virtual File Dataset Name | V X(26) | | 27 | SFIDRSV1 | Reserved | F X(3) | | 30 | SFIDDATE | Virtual File Date stamp, (CCYYMMDD) | V 9(8) | | 38 | SFIDTIME | Virtual File Time stamp, (HHMMSScccc) | V 9(10) | | 48 | SFIDUSER | User Data | V X(8) | | 56 | SFIDDEST | Destination | V X(25) | | 81 | SFIDORIG | Originator | V X(25) | | 106 | SFIDFMT | File Format (F/V/U/T) | F X(1) | | 107 | SFIDLRECL | Maximum Record Size | V 9(5) | | 112 | SFIDFSIZ | File Size, 1K blocks | V 9(13) | | 125 | SFIDOSIZ | Original File Size, 1K blocks | V 9(13) | | 138 | SFIDREST | Restart Position | V 9(17) | | 155 | SFIDSEC | Security Level | F 9(2) | | 157 | SFIDCIPH | Cipher suite selection | F 9(2) | | 159 | SFIDCOMP | File compression algorithm | F 9(1) | | 160 | SFIDENV | File enveloping format | F 9(1) | | 161 | SFIDSIGN | Signed EERP request | F X(1) | | 162 | SFIDDESCL | Virtual File Description length | V 9(3) | | 165 | SFIDDESC | Virtual File Description | V T(n) | o-------------------------------------------------------------------o SFIDCMD Command Code Character Value: 'H' SFID Command identifier. SFIDDSN Virtual File Dataset Name String(26) Dataset name of the Virtual File being transferred, assigned by bilateral agreement. No general structure is defined for this attribute. See Virtual Files - Identification (Section 1.5.2) SFIDRSV1 Reserved String(3) This field is reserved for future use.
Top   ToC   RFC5024 - Page 45
   SFIDDATE  Virtual File Date stamp                          Numeric(8)

     Format: 'CCYYMMDD'  8 decimal digits representing the century,
             year, month, and day.

             Date stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   SFIDTIME  Virtual File Time stamp                         Numeric(10)

     Format: 'HHMMSScccc'  10 decimal digits representing hours,
             minutes, seconds, and a counter (0001-9999), which gives
             higher resolution.

             Time stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   SFIDUSER  User Data                                         String(8)

             May be used by ODETTE-FTP in any way.  If unused, it should
             be initialised to spaces.  It is expected that a bilateral
             agreement exists as to the meaning of the data.

   SFIDDEST  Destination                                      String(25)

     Format: See Identification Code (Section 5.4)

             The Final Recipient of the Virtual File.

             This is the location that will look into the Virtual File
             content and perform mapping functions.  It is also the
             location that creates the End to End Response (EERP)
             command for the received file.

   SFIDORIG  Originator                                       String(25)

     Format: See Identification Code (Section 5.4)

             Originator of the Virtual File.

             It is the location that created (mapped) the data for
             transmission.
Top   ToC   RFC5024 - Page 46
   SFIDFMT   File Format                                       Character

      Value: 'F'  Fixed format binary file
             'V'  Variable format binary file
             'U'  Unstructured binary file
             'T'  Text

             Virtual File format.  Used to calculate the restart
             position (Section 1.5.4).

             Once a file has been signed, compressed, and/or encrypted,
             in file format terms it becomes unstructured, format U.
             The record boundaries are no longer discernable until the
             file is decrypted, decompressed, and/or verified.  SFID
             File Format Field in this scenario indicates the format of
             the original file, and the transmitted file must be treated
             as U format.

   SFIDLRECL Maximum Record Size                              Numeric(5)

    Maximum: 99999

             Length in octets of the longest logical record that may be
             transferred to a location.  Only user data is included.

             If SFIDFMT is 'T' or 'U', then this attribute must be set
             to '00000'.

             If SFIDFMT is 'V' and the file is compressed, encrypted, or
             signed, then the maximum value of SFIDRECL is '65536'.

   SFIDFSIZ  Transmitted File Size                           Numeric(13)

    Maximum: 9999999999999

             Space in 1K (1024 octet) blocks required at the Originator
             location to store the actual Virtual File that is to be
             transmitted.

             For example, if a file is compressed before sending, then
             this is the space required to store the compressed file.

             This parameter is intended to provide only a good estimate
             of the Virtual File size.

             Using 13 digits allows for a maximum file size of
             approximately 9.3 PB (petabytes) to be transmitted.
Top   ToC   RFC5024 - Page 47
   SFIDOSIZ  Original File Size                              Numeric(13)

    Maximum: 9999999999999

             Space in 1K (1024 octet) blocks required at the Originator
             location to store the original before it was signed,
             compressed, and/or encrypted.

             If no security or compression services have been used,
             SFIDOSIZ should contain the same value as SFIDFSIZ.

             If the original file size is not known, the value zero
             should be used.

             This parameter is intended to provide only a good estimate
             of the original file size.

             The sequence of events in file exchange are:

              (a) raw data file ready to be sent
                   SFIDOSIZ = Original File Size

              (b) signing/compression/encryption

              (c) transmission
                   SFIDFSIZ = Transmitted File Size

              (d) decryption/decompression/verification

              (e) received raw data file for in-house applications
                   SFIDOSIZ = Original File Size

             The Transmitted File Size at (c) indicates to the receiver
             how much storage space is needed to receive the file.

             The Original File Size at (e) indicates to the in-house
             application how much storage space is needed to process the
             file.
Top   ToC   RFC5024 - Page 48
   SFIDREST  Restart Position                                Numeric(17)

    Maximum: 99999999999999999

             Virtual File restart position.

             The count represents the:
                - Record Number if SSIDFMT is 'F' or 'V'.
                - File offset in 1K (1024 octet) blocks if SFIDFMT is
                  'U' or 'T'.

             The count will express the transmitted user data (i.e.,
             before ODETTE-FTP buffer compression, header not included).

             After negotiation between adjacent locations,
             retransmission will start at the lowest value.

             Once a file has been signed, compressed, and/or encrypted,
             in file format terms, it has become unstructured, like
             format U.  The file should be treated as format U for the
             purposes of restart, regardless of the actual value in
             SFIDFMT.

   SFIDSEC   Security Level                                   Numeric(2)

      Value: '00'  No security services
             '01'  Encrypted
             '02'  Signed
             '03'  Encrypted and signed

             Indicates whether the file has been signed and/or encrypted
             before transmission. (See Section 6.2.)

   SFIDCIPH  Cipher suite selection                           Numeric(2)

      Value: '00'  No security services
             '01'  See Section 10.2

             Indicates the cipher suite used to sign and/or encrypt the
             file and also to indicate the cipher suite that should be
             used when a signed EERP or NERP is requested.
Top   ToC   RFC5024 - Page 49
   SFIDCOMP  File compression algorithm                       Numeric(1)

      Value: '0'  No compression
             '1'  Compressed with [ZLIB] algorithm

             Indicates the algorithm used to compress the file.
             (See Section 6.4.)

   SFIDENV   File enveloping format                           Numeric(1)

      Value: '0'  No envelope
             '1'  File is enveloped using [CMS]

             Indicates the enveloping format used in the file.

             If the file is encrypted/signed/compressed or is an
             enveloped file for the exchange and revocation of
             certificates, this field must be set accordingly.

   SFIDSIGN  Signed EERP request                               Character

      Value: 'Y'  The EERP returned in acknowledgement of the file
                  must be signed
             'N'  The EERP must not be signed

             Requests whether the EERP returned for the file must be
             signed.

   SFIDDESCL Virtual File Description length                  Numeric(3)

             Length in octets of the field SFIDDESC.

             A value of 0 indicates that no description is present.

   SFIDDESC  Virtual File Description                         [UTF-8](n)

             May be used by ODETTE-FTP in any way.  If not used,
             SFIDDESCL should be set to zero.

             No general structure is defined for this attribute, but it
             is expected that a bilateral agreement exists as to the
             meaning of the data.

             It is encoded using [UTF-8] to support a range of national
             languages.

             Maximum length of the encoded value is 999 octets.
Top   ToC   RFC5024 - Page 50

5.3.4. SFPA - Start File Positive Answer

o-------------------------------------------------------------------o | SFPA Start File Positive Answer | | | | Start File Phase Speaker <---- Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | SFPACMD | SFPA Command, '2' | F X(1) | | 1 | SFPAACNT | Answer Count | V 9(17) | o-------------------------------------------------------------------o SFPACMD Command Code Character Value: '2' SFPA Command identifier. SFPAACNT Answer Count Numeric(17) The Listener must enter a count lower than or equal to the restart count specified by the Speaker in the Start File (SFID) command. The count expresses the received user data. If restart facilities are not available, a count of zero must be specified.

5.3.5. SFNA - Start File Negative Answer

o-------------------------------------------------------------------o | SFNA Start File Negative Answer | | | | Start File Phase Speaker <---- Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | SFNACMD | SFNA Command, '3' | F X(1) | | 1 | SFNAREAS | Answer Reason | F 9(2) | | 3 | SFNARRTR | Retry Indicator, (Y/N) | F X(1) | | 4 | SFNAREASL | Answer Reason Text Length | V 9(3) | | 7 | SFNAREAST | Answer Reason Text | V T(n) | o-------------------------------------------------------------------o SFNACMD Command Code Character Value: '3' SFNA Command identifier.
Top   ToC   RFC5024 - Page 51
   SFNAREAS  Answer Reason                                    Numeric(2)

      Value: '01'  Invalid filename.
             '02'  Invalid destination.
             '03'  Invalid origin.
             '04'  Storage record format not supported.
             '05'  Maximum record length not supported.
             '06'  File size is too big.
             '10'  Invalid record count.
             '11'  Invalid byte count.
             '12'  Access method failure.
             '13'  Duplicate file.
             '14'  File direction refused.
             '15'  Cipher suite not supported.
             '16'  Encrypted file not allowed.
             '17'  Unencrypted file not allowed.
             '18'  Compression not allowed.
             '19'  Signed file not allowed.
             '20'  Unsigned file not allowed.
             '99'  Unspecified reason.

             Reason why transmission cannot proceed.

   SFNARRTR  Retry Indicator                                   Character

      Value: 'N'  Transmission should not be retried.
             'Y'  The transmission may be retried later.

             This parameter is used to advise the Speaker if it should
             retry at a later time due to a temporary condition at the
             Listener site, such as a lack of storage space.  It should
             be used in conjunction with the Answer Reason code
             (SFNAREAS).

             An invalid file name error code may be the consequence of a
             problem in the mapping of the Virtual File on to a real
             file.  Such problems cannot always be resolved immediately.
             It is therefore recommended that when an SFNA with Retry =
             Y is received the User Monitor attempts to retransmit the
             relevant file in a subsequent session.

   SFNAREASL Answer Reason Text Length                        Numeric(3)

             Length in octets of the field SFNAREAST.

             0 indicates that no SFNAREAST field follows.
Top   ToC   RFC5024 - Page 52
   SFNAREAST Answer Reason Text                               [UTF-8](n)

             Reason why transmission cannot proceed in plain text.

             It is encoded using [UTF-8].

             Maximum length of the encoded reason is 999 octets.

             No general structure is defined for this attribute.

5.3.6. DATA - Data Exchange Buffer

o-------------------------------------------------------------------o | DATA Data Exchange Buffer | | | | Data Transfer Phase Speaker ----> Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | DATACMD | DATA Command, 'D' | F X(1) | | 1 | DATABUF | Data Exchange Buffer payload | V U(n) | o-------------------------------------------------------------------o DATACMD Command Code Character Value: 'D' DATA Command identifier. DATABUF Data Exchange Buffer payload Binary(n) Variable-length buffer containing the data payload. The Data Exchange Buffer is described in Section 7.

5.3.7. CDT - Set Credit

o-------------------------------------------------------------------o | CDT Set Credit | | | | Data Transfer Phase Speaker <---- Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | CDTCMD | CDT Command, 'C' | F X(1) | | 1 | CDTRSV1 | Reserved | F X(2) | o-------------------------------------------------------------------o CDTCMD Command Code Character Value: 'C' CDT Command identifier.
Top   ToC   RFC5024 - Page 53
   CDTRSV1   Reserved                                          String(2)

             This field is reserved for future use.

5.3.8. EFID - End File

o-------------------------------------------------------------------o | EFID End File | | | | End File Phase Speaker ----> Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | EFIDCMD | EFID Command, 'T' | F X(1) | | 1 | EFIDRCNT | Record Count | V 9(17) | | 18 | EFIDUCNT | Unit Count | V 9(17) | o-------------------------------------------------------------------o EFIDCMD Command Code Character Value: 'T' EFID Command identifier. EFIDRCNT Record Count Numeric(17) Maximum: 99999999999999999 For SSIDFMT 'F' or 'V', the exact record count. For SSIDFMT 'U' or 'T', zeros. The count will express the real size of the file (before buffer compression, header not included). The total count is always used, even during restart processing. EFIDUCNT Unit Count Numeric(17) Maximum: 99999999999999999 Exact number of units (octets) transmitted. The count will express the real size of the file. The total count is always used, even during restart processing.
Top   ToC   RFC5024 - Page 54

5.3.9. EFPA - End File Positive Answer

o-------------------------------------------------------------------o | EFPA End File Positive Answer | | | | End File Phase Speaker <---- Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | EFPACMD | EFPA Command, '4' | F X(1) | | 1 | EFPACD | Change Direction Indicator, (Y/N) | F X(1) | o-------------------------------------------------------------------o EFPACMD Command Code Character Value: '4' EFPA Command identifier. EFPACD Change Direction Indicator Character Value: 'N' Change direction not requested. 'Y' Change direction requested. This parameter allows the Listener to request a Change Direction (CD) command from the Speaker.

5.3.10. EFNA - End File Negative Answer

o-------------------------------------------------------------------o | EFNA End File Negative Answer | | | | End File Phase Speaker <---- Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | EFNACMD | EFNA Command, '5' | F X(1) | | 1 | EFNAREAS | Answer Reason | F 9(2) | | 3 | EFNAREASL | Answer Reason Text Length | V 9(3) | | 6 | EFNAREAST | Answer Reason Text | V T(n) | o-------------------------------------------------------------------o EFNACMD Command Code Character Value: '5' EFNA Command identifier.
Top   ToC   RFC5024 - Page 55
   EFNAREAS  Answer Reason                                    Numeric(2)

      Value: '01'  Invalid filename.
             '02'  Invalid destination.
             '03'  Invalid origin.
             '04'  Storage record format not supported.
             '05'  Maximum record length not supported.
             '06'  File size is too big.
             '10'  Invalid record count.
             '11'  Invalid byte count.
             '12'  Access method failure.
             '13'  Duplicate file.
             '14'  File direction refused.
             '15'  Cipher suite not supported.
             '16'  Encrypted file not allowed.
             '17'  Unencrypted file not allowed.
             '18'  Compression not allowed.
             '19'  Signed file not allowed.
             '20'  Unsigned file not allowed.
             '21'  Invalid file signature.
             '22'  File decryption failure.
             '23'  File decompression failure.
             '99'  Unspecified reason.

             Reason why transmission failed.

   EFNAREASL Answer Reason Text Length                        Numeric(3)

             Length in octets of the field EFNAREAST.

             0 indicates that no EFNAREAST field follows.

   EFNAREAST Answer Reason Text                               [UTF-8](n)

             Reason why transmission failed in plain text.

             It is encoded using [UTF-8].

             Maximum length of the encoded reason is 999 octets.

             No general structure is defined for this attribute.
Top   ToC   RFC5024 - Page 56

5.3.11. ESID - End Session

o-------------------------------------------------------------------o | ESID End Session | | | | End Session Phase Speaker ----> Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | ESIDCMD | ESID Command, 'F' | F X(1) | | 1 | ESIDREAS | Reason Code | F 9(2) | | 3 | ESIDREASL | Reason Text Length | V 9(3) | | 6 | ESIDREAST | Reason Text | V T(n) | | | ESIDCR | Carriage Return | F X(1) | o-------------------------------------------------------------------o ESIDCMD Command Code Character Value: 'F' ESID Command identifier. ESIDREAS Reason Code Numeric(2) Value: '00' Normal session termination '01' Command not recognised An Exchange Buffer contains an invalid command code (1st octet of the buffer). '02' Protocol violation An Exchange Buffer contains an invalid command for the current state of the receiver. '03' User code not known A Start Session (SSID) command contains an unknown or invalid Identification Code. '04' Invalid password A Start Session (SSID) command contained an invalid password. '05' Local site emergency close down The local site has entered an emergency close down mode. Communications are being forcibly terminated.
Top   ToC   RFC5024 - Page 57
             '06'  Command contained invalid data

                   A field within a Command Exchange Buffer contains
                   invalid data.

             '07'  Exchange Buffer size error

                   The length of the Exchange Buffer as determined by
                   the Stream Transmission Header differs from the
                   length implied by the Command Code.

             '08'  Resources not available

                   The request for connection has been denied due to a
                   resource shortage.  The connection attempt should be
                   retried later.

             '09'  Time out

             '10'  Mode or capabilities incompatible

             '11'  Invalid challenge response

             '12'  Secure authentication requirements incompatible

             '99'  Unspecified Abort code

                   An error was detected for which no specific code is
                   defined.

   ESIDREASL Reason Text Length                               Numeric(3)

             Length in octets of the field ESIDREAST.

             0 indicates that no ESIDREAST field is present.

   ESIDREAST Reason Text                                      [UTF-8](n)

             Reason why session ended in plain text.

             It is encoded using [UTF-8].

             Maximum length of the encoded reason is 999 octets.

             No general structure is defined for this attribute.
Top   ToC   RFC5024 - Page 58
   ESIDCR    Carriage Return                                   Character

      Value: Character with hex value '0D' or '8D'.

5.3.12. CD - Change Direction

o-------------------------------------------------------------------o | CD Change Direction | | | | Start File Phase Speaker ----> Listener | | End File Phase Speaker ----> Listener | | End Session Phase Initiator <---> Responder | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | CDCMD | CD Command, 'R' | F X(1) | o-------------------------------------------------------------------o CDCMD Command Code Character Value: 'R' CD Command identifier.

5.3.13. EERP - End to End Response

o-------------------------------------------------------------------o | EERP End to End Response | | | | Start File Phase Speaker ----> Listener | | End File Phase Speaker ----> Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | EERPCMD | EERP Command, 'E' | F X(1) | | 1 | EERPDSN | Virtual File Dataset Name | V X(26) | | 27 | EERPRSV1 | Reserved | F X(3) | | 30 | EERPDATE | Virtual File Date stamp, (CCYYMMDD) | V 9(8) | | 38 | EERPTIME | Virtual File Time stamp, (HHMMSScccc) | V 9(10) | | 48 | EERPUSER | User Data | V X(8) | | 56 | EERPDEST | Destination | V X(25) | | 81 | EERPORIG | Originator | V X(25) | | 106 | EERPHSHL | Virtual File hash length | V U(2) | | 108 | EERPHSH | Virtual File hash | V U(n) | | | EERPSIGL | EERP signature length | V U(2) | | | EERPSIG | EERP signature | V U(n) | o-------------------------------------------------------------------o
Top   ToC   RFC5024 - Page 59
   EERPCMD   Command Code                                      Character

      Value: 'E'  EERP Command identifier.

   EERPDSN   Virtual File Dataset Name                        String(26)

             Dataset name of the Virtual File being transferred,
             assigned by bilateral agreement.

             No general structure is defined for this attribute.

             See Virtual Files - Identification (Section 1.5.2)

   EERPRSV1  Reserved                                          String(3)

             This field is reserved for future use.

   EERPDATE  Virtual File Date stamp                          Numeric(8)

     Format: 'CCYYMMDD'  8 decimal digits representing the century,
             year, month, and day, respectively.

             Date stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   EERPTIME  Virtual File Time stamp                         Numeric(10)

     Format: 'HHMMSScccc'  10 decimal digits representing hours,
             minutes, seconds, and a counter (0001-9999), which gives
             higher resolution.

             Time stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   EERPUSER  User Data                                         String(8)

             May be used by ODETTE-FTP in any way.  If unused, it should
             be initialised to spaces.  It is expected that a bilateral
             agreement exists as to the meaning of the data.
Top   ToC   RFC5024 - Page 60
   EERPDEST  Destination                                      String(25)

     Format: See Identification Code (Section 5.4)

             Originator of the Virtual File.

             This is the location that created the data for
             transmission.

   EERPORIG  Originator                                       String(25)

     Format: See Identification Code (Section 5.4)

             Final Recipient of the Virtual File.

             This is the location that will look into the Virtual File
             content and process it accordingly.  It is also the
             location that creates the EERP for the received file.

   EERPHSHL  Virtual File hash length                          Binary(2)

             Length in octets of the field EERPHSH.

             A binary value of 0 indicates that no hash is present.
             This is always the case if the EERP is not signed.

   EERPHSH   Virtual File hash                                 Binary(n)

             Hash of the transmitted Virtual File, i.e., not the hash of
             the original file.

             The algorithm used is determined by the bilaterally agreed
             cipher suite specified in the SFIDCIPH.

             It is an application implementation issue to validate the
             EERPHSH to ensure that the EERP is acknowledging the exact
             same file as was originally transmitted.

   EERPSIGL  EERP signature length                             Binary(2)

             0 indicates that this EERP has not been signed.

             Any other value indicates the length of EERPSIG in octets
             and indicates that this EERP has been signed.
Top   ToC   RFC5024 - Page 61
   EERPSIG   EERP signature                                    Binary(n)

             Contains the [CMS] enveloped signature of the EERP.

             Signature = Sign{EERPDSN
                              EERPDATE
                              EERPTIME
                              EERPDEST
                              EERPORIG
                              EERPHSH}

             Each field is taken in its entirety, including any padding.
             The envelope must contain the original data, not just the
             signature.

             The [CMS] content type used is SignedData.

             The encapsulated content type used is id-data.

             It is an application issue to validate the signature with
             the contents of the EERP.

5.3.14. NERP - Negative End Response

o-------------------------------------------------------------------o | NERP Negative End Response | | | | Start File Phase Speaker ----> Listener | | End File Phase Speaker ----> Listener | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | NERPCMD | NERP Command, 'N' | F X(1) | | 1 | NERPDSN | Virtual File Dataset Name | V X(26) | | 27 | NERPRSV1 | Reserved | F X(6) | | 33 | NERPDATE | Virtual File Date stamp, (CCYYMMDD) | V 9(8) | | 41 | NERPTIME | Virtual File Time stamp, (HHMMSScccc) | V 9(10) | | 51 | NERPDEST | Destination | V X(25) | | 76 | NERPORIG | Originator | V X(25) | | 101 | NERPCREA | Creator of NERP | V X(25) | | 126 | NERPREAS | Reason code | F 9(2) | | 128 | NERPREASL | Reason text length | V 9(3) | | 131 | NERPREAST | Reason text | V T(n) | | | NERPHSHL | Virtual File hash length | V U(2) | | | NERPHSH | Virtual File hash | V U(n) | | | NERPSIGL | NERP signature length | V U(2) | | | NERPSIG | NERP signature | V U(n) | o-------------------------------------------------------------------o
Top   ToC   RFC5024 - Page 62
   NERPCMD   Command Code                                      Character

      Value: 'N'  NERP Command identifier.

   NERPDSN   Virtual File Dataset Name                        String(26)

             Dataset name of the Virtual File being transferred,
             assigned by bilateral agreement.

             No general structure is defined for this attribute.

             See Virtual Files - Identification (Section 1.5.2)

   NERPRSV1  Reserved                                          String(6)

             This field is reserved for future use.

   NERPDATE  Virtual File Date stamp                          Numeric(8)

     Format: 'CCYYMMDD'  8 decimal digits representing the century,
             year, month, and day, respectively.

             Date stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   NERPTIME  Virtual File Time stamp                         Numeric(10)

     Format: 'HHMMSScccc'  10 decimal digits representing hours,
             minutes, seconds, and a counter (0001-9999), which gives
             higher resolution.

             Time stamp assigned by the Virtual File's Originator
             indicating when the file was made available for
             transmission.

             See Virtual Files - Identification (Section 1.5.2)

   NERPDEST  Destination                                      String(25)

     Format: See Identification Code (Section 5.4)

             Originator of the Virtual File.

             This is the location that created the data for
             transmission.
Top   ToC   RFC5024 - Page 63
   NERPORIG  Originator                                       String(25)

     Format: See Identification Code (Section 5.4)

             The Final Recipient of the Virtual File.

             This is the location that will look into the Virtual File
             content and perform mapping functions.

   NERPCREA  Creator of the NERP                              String(25)

     Format: See Identification Code (Section 5.4)

             It is the location that created the NERP.

   NERPREAS  Reason code                                      Numeric(2)

             This attribute will specify why transmission cannot proceed
             or why processing of the file failed.

             "SFNA(RETRY=N)" below should be interpreted as "EFNA or
             SFNA(RETRY=N)" where appropriate.

      Value  '03'  ESID received with reason code '03'
                    (user code not known)
             '04'  ESID received with reason code '04'
                    (invalid password)
             '09'  ESID received with reason code '99'
                    (unspecified reason)
             '11'  SFNA(RETRY=N) received with reason code '01'
                    (invalid file name)
             '12'  SFNA(RETRY=N) received with reason code '02'
                    (invalid destination)
             '13'  SFNA(RETRY=N) received with reason code '03'
                    (invalid origin)
             '14'  SFNA(RETRY=N) received with reason code '04'
                    (invalid storage record format)
             '15'  SFNA(RETRY=N) received with reason code '05'
                    (maximum record length not supported)
             '16'  SFNA(RETRY=N) received with reason code '06'
                    (file size too big)
             '20'  SFNA(RETRY=N) received with reason code '10'
                    (invalid record count)
             '21'  SFNA(RETRY=N) received with reason code '11'
                    (invalid byte count)
             '22'  SFNA(RETRY=N) received with reason code '12'
                    (access method failure)
Top   ToC   RFC5024 - Page 64
             '23'  SFNA(RETRY=N) received with reason code '13'
                    (duplicate file)
             '24'  SFNA(RETRY=N) received with reason code '14'
                    (file direction refused)
             '25'  SFNA(RETRY=N) received with reason code '15'
                    (cipher suite not supported)
             '26'  SFNA(RETRY=N) received with reason code '16'
                    (encrypted file not allowed)
             '27'  SFNA(RETRY=N) received with reason code '17'
                    (unencrypted file not allowed)
             '28'  SFNA(RETRY=N) received with reason code '18'
                    (compression not allowed)
             '29'  SFNA(RETRY=N) received with reason code '19'
                    (signed file not allowed)
             '30'  SFNA(RETRY=N) received with reason code '20'
                    (unsigned file not allowed)
             '31'  File signature not valid.
             '32'  File decompression failed.
             '33'  File decryption failed.
             '34'  File processing failed.
             '35'  Not delivered to recipient.
             '36'  Not acknowledged by recipient.
             '50'  Transmission stopped by the operator.
             '90'  File size incompatible with recipient's
                    protocol version.
             '99'  Unspecified reason.

   NERPREASL Reason Text Length                              Numeric(3)

             Length in octets of the field NERPREAST.

             0 indicates that no NERPREAST field follows.

   NERPREAST Reason Text                                     [UTF-8](n)

             Reason why transmission cannot proceed in plain text.

             It is encoded using [UTF-8].

             Maximum length of the encoded reason is 999 octets.

             No general structure is defined for this attribute.
Top   ToC   RFC5024 - Page 65
   NERPHSHL  Virtual File hash length                          Binary(2)

             Length in octets of the field NERPHSH.

             A binary value of 0 indicates that no hash is present.
             This is always the case if the NERP is not signed.

   NERPHSH   Virtual File hash                                 Binary(n)

             Hash of the Virtual File being transmitted.

             The algorithm used is determined by the bilaterally agreed
             cipher suite specified in the SFIDCIPH.

   NERPSIGL  NERP Signature length                             Binary(2)

             0 indicates that this NERP has not been signed.

             Any other value indicates the length of NERPSIG in octets
             and indicates that this NERP has been signed.

   NERPSIG   NERP Signature                                    Binary(n)

             Contains the [CMS] enveloped signature of the NERP.

             Signature = Sign{NERPDSN
                              NERPDATE
                              NERPTIME
                              NERPDEST
                              NERPORIG
                              NERPCREA
                              NERPHSH}

             Each field is taken in its entirety, including any padding.
             The envelope must contain the original data, not just the
             signature.

             The [CMS] content type used is SignedData.

             The encapsulated content type used is id-data.

             It is an application issue to validate the signature with
             the contents of the NERP.
Top   ToC   RFC5024 - Page 66

5.3.15. RTR - Ready To Receive

o-------------------------------------------------------------------o | RTR Ready To Receive | | | | Start File Phase Initiator <---- Responder | | End File Phase Initiator <---- Responder | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | RTRCMD | RTR Command, 'P' | F X(1) | o-------------------------------------------------------------------o RTRCMD Command Code Character Value: 'P' RTR Command identifier.

5.3.16. SECD - Security Change Direction

o-------------------------------------------------------------------o | SECD Security Change Direction | | | | Start Session Phase Initiator <---> Responder | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | SECDCMD | SECD Command, 'J' | F X(1) | o-------------------------------------------------------------------o SECDCMD Command Code Character Value: 'J' SECD Command identifier.

5.3.17. AUCH - Authentication Challenge

o-------------------------------------------------------------------o | AUCH Authentication Challenge | | | | Start Session Phase Initiator <---> Responder | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | AUCHCMD | AUCH Command, 'A' | F X(1) | | 1 | AUCHCHLL | Challenge Length | V U(2) | | 3 | AUCHCHAL | Challenge | V U(n) | o-------------------------------------------------------------------o
Top   ToC   RFC5024 - Page 67
   AUCHCMD   Command Code                                      Character

      Value: 'A'  AUCH Command identifier.

   AUCHCHLL  Challenge length                                  Binary(2)

             Indicates the length of AUCHCHAL in octets.

             The length is expressed as an unsigned binary number using
             network byte order.

   AUCHCHAL  Challenge                                         Binary(n)

             A [CMS] encrypted 20-byte random number uniquely generated
             each time an AUCH is sent.

   NOTE:

   Any encryption algorithm that is available through a defined cipher
   suite (Section 10.2) may be used.  See Section 10.1 regarding the
   choice of a cipher suite.

5.3.18. AURP - Authentication Response

o-------------------------------------------------------------------o | AURP Authentication Response | | | | Start Session Phase Initiator <---> Responder | |-------------------------------------------------------------------| | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | AURPCMD | AURP Command, 'S' | F X(1) | | 1 | AURPRSP | Response | V U(20) | o-------------------------------------------------------------------o AURPCMD Command Code Character Value: 'S' AURP Command identifier. AURPRSP Response Binary(20) Contains the decrypted challenge (AUCHCHAL).
Top   ToC   RFC5024 - Page 68
   IMPORTANT:

   It is an application implementation issue to validate a received AURP
   to ensure that the response matches the challenge.  This validation
   is extremely important to ensure that a party is correctly
   authenticated.

5.4. Identification Code

The Initiator (sender) and Responder (receiver) participating in an ODETTE-FTP session are uniquely identified by an Identification Code based on [ISO-6523], Structure for the Identification of Organisations (SIO). The locations are considered to be adjacent for the duration of the transmission. The SIO has the following format. o-------------------------------------------------------------------o | Pos | Field | Description | Format | |-----+-----------+---------------------------------------+---------| | 0 | SIOOID | ODETTE Identifier | F X(1) | | 1 | SIOICD | International Code Designator | V 9(4) | | 5 | SIOORG | Organisation Code | V X(14) | | 19 | SIOCSA | Computer Subaddress | V X(6) | o-------------------------------------------------------------------o SIOOID ODETTE Identifier Character Value: 'O' Indicates ODETTE assigned Organisation Identifier. Other values may be used for non-ODETTE codes. SIOICD International Code Designator String(4) A code forming part of the Organisation Identifier. SIOORG Organisation Code String(14) A code forming part of the Organisation Identifier. This field may contain the letters A to Z, the digits 0 to 9, and space and hyphen characters. SIOCSA Computer Subaddress String(6) A locally assigned address that uniquely identifies a system within an organisation (defined by an Organisation Identifier).


(next page on part 3)

Next Section