The NAS2 adapter is a nonblocking AS2 with improved
performance, connection management, and various other security features.
The NAS2 adapter provides extensive flexibility by exposing an
array of configurable parameters for the security providers, Message
Disposition Notification (MDN) handling, CRL checking, and so on.
x
The following section describes some of the features
that have been added as part of the improvement to the NAS2 adapter.
-
LDAP Certificate Support - Retrieval of partner certificates
from the LDAP system as part of the certificate store configuration
to complete the signature chain validation.
-
Signer Certificate Chain - Option to not include the
signer certificate when sending an AS2 message or replying with
an MDN. This allows the user to minimize the message size for enhanced
performance.
-
Certificate Revocation List Checking Option - Allows
the configuration of NAS2 to validate if the message being processed
is signed using a revoked certificate. If the option for CRL checking
is selected, it will require a configured certificate store on the
NAS2 component which can point either to a list of named keystore
providers, directory CertStore providers, and directory Providers
(LDAP) where the revoked certificates are located.
-
Key Alias Selection - On the S/MIME and SSL components,
new parameters are exposed, which allow the user to specify the
key alias with the keystore/truststore. This allows the user to
pick which key to use for various security operations such as signatures,
decryptions, and so on.
-
Persistent Connection Support - The NAS2 adapter supports
persistent connections, which allows improved connection handling
and management.
-
Ordering of Signature and Compression - A feature to
allow the selection of compression and signature ordering is available.
Now you can configure if the message should be signed and then compressed
or compressed then signed.
-
Delayed MDN - The NAS2 adapter also supports the feature
which is not typical to the standard AS2 processing, but allows
a great degree of flexibility when it comes to MDN processing. When
a message is received on the NAS2 listener, a user may configure
the MDN to be delayed until the business processing of the message
is completed. If the Delayed MDN option is selected, it is the user's
responsibility to invoke the corresponding "MDN send" service as
part of the business processing that will send the MDN as requested
by the originator of the message.
-
Safe Store for Messages - The Safe Store option on the
NAS2 component will safe store the message before performing any
further processing to the message. This will prevent any message
loss. After the message has been processed, it will be removed from
the safe store. In the event that the system goes down, all the
messages in the safe store will be processed after the system is
back on line.
-
Large File Limit - The NAS2 adapter contains various
internal improvements to handle large file sizes. An option exposed
on the NAS2 inbound processing that allows the user to limit the
message size accepted by the NAS2 adapter.