AS2 and EDI Glossary - Terms and Definitions

AS2 (Applicability Statement 2)

A specification for secure, reliable electronic data interchange (EDI) over the Internet. AS2 uses HTTP/HTTPS for transport and provides encryption, digital signatures, and delivery receipts (MDN). It was developed by the IETF and is defined in RFC 4130.

Example: "We need to set up AS2 to exchange purchase orders with Amazon."

AS2 ID

A unique identifier for an organization in AS2 communications. Each party in an AS2 exchange has their own AS2 ID, which is included in message headers to identify the sender and receiver. AS2 IDs are case-sensitive and typically contain the company name or a unique code.

Example: "AMAZON" or "MYCOMPANY-PROD"

Asynchronous MDN

A Message Disposition Notification that is returned separately from the original HTTP response, via a new HTTP request to the sender's MDN URL. Used when the receiver needs more time to process the message before confirming receipt.

Certificate

A digital certificate (X.509) used for encryption and signing in AS2. Each party typically has a certificate pair: a public certificate shared with trading partners for encryption, and a private key kept secret for decryption and signing.

Digital Signature

A cryptographic signature attached to an AS2 message that verifies the sender's identity and ensures the message hasn't been tampered with. Created using the sender's private key and verified using their public certificate.

EDI (Electronic Data Interchange)

The electronic exchange of business documents between organizations in a standardized format. Common EDI document types include purchase orders (850), invoices (810), and advance ship notices (856). AS2 is a transport protocol for EDI.

Example: "We use EDI to automate order processing with our retail partners."

Encryption

The process of encoding AS2 message content so only the intended recipient can read it. AS2 supports various encryption algorithms including AES-128, AES-256, and 3DES. Messages are encrypted using the recipient's public certificate.

MDN (Message Disposition Notification)

A signed receipt that confirms successful delivery and processing of an AS2 message. MDNs provide non-repudiation - cryptographic proof that your trading partner received the message. Can be synchronous (immediate) or asynchronous (delayed).

Example: "The MDN confirmed that Amazon received our invoice."

MIC (Message Integrity Check)

A hash value calculated from the message content, included in the MDN to verify message integrity. The sender compares the MIC in the MDN with their original calculation to confirm the message wasn't modified in transit.

Non-repudiation

The assurance that someone cannot deny the validity of something. In AS2, signed MDN receipts provide non-repudiation of message delivery - the receiver cannot claim they didn't receive a message if they returned a signed MDN.

Partnership

A configured connection between your AS2 instance and a trading partner. A partnership includes the partner's AS2 ID, AS2 URL, certificates, and encryption/signing preferences. Also called an "agreement" or "channel" in some systems.

Payload

The actual business document (e.g., EDI file, XML, JSON) being transmitted within an AS2 message. The payload is encrypted and signed according to the partnership settings.

S/MIME (Secure/Multipurpose Internet Mail Extensions)

A standard for public key encryption and signing of MIME data. AS2 uses S/MIME to secure message content, providing confidentiality through encryption and authenticity through digital signatures.

Synchronous MDN

A Message Disposition Notification returned immediately in the HTTP response to the original AS2 message. This is the most common MDN type and provides instant confirmation of delivery.

Trading Partner

A business entity with whom you exchange AS2 messages. Trading partners can be retailers (Amazon, Target), marketplaces (Mirakl), logistics providers, or any organization that supports AS2. Each trading partner relationship requires a partnership configuration.

Example: "Amazon and Rithum are our main trading partners."

X.509 Certificate

The standard format for public key certificates used in AS2. X.509 certificates contain the public key, identity information (subject), issuer details, validity period, and digital signature. Can be self-signed or issued by a Certificate Authority (CA).