from Wikipedia, the free encyclopedia

Applicability Statement 2 ( AS2 ) is a standard for secure message transport over the Internet . It is detailed in RFC 4130 .

Most messages for Electronic Data Interchange (EDI) are transmitted with AS2 .

AS2 specifies how to connect and how to validate, send and acknowledge messages. It creates an envelope for a message, which is then sent securely over the Internet. The authorship (non-deniable message) is guaranteed by digital signatures and data security by encryption . The sender receives a digital receipt from the AS2 protocol, referred to in AS language as Message Disposition Notification (MDN), with which the sender can prove that delivery has been made on time.

Flow diagram of AS2

AS2 is a transmission standard that was specially developed for e-commerce . In contrast to other transmission standards such as e-mail , X.400 , ISDN - FTP etc., which are also, but not exclusively, used in a business context, AS2 is designed from the ground up for business use only. A characteristic difference to other transmission standards is that the user does not have to rely on technical protocols to prove revision security (which, for example, network specialists first have to get out of the systems), but has the proof in message form with the MDN.


AS2 was standardized by the Internet Engineering Task Force (IETF) in the Electronic Data Interchange-Internet Integration (EDIINT) working group. The first name of AS2 in 1997 was "HTTP Transport for Secure EDI". In the course of the standardization, the name changed to AS2 in 2002 because other communication channels for secure EDI message exchange have been standardized in a similar logic with the MDN as AS2. The approved version of AS2 came out in 2005 as RFC 4130 .

In addition to AS2, there are also AS1 and AS3 , which have hardly found widespread use because most business messages are either time-critical and this can be better guaranteed via HTTP than via mail (= AS1) or the connection should be made easier with HTTP instead of FTP ( = AS3).

Norms and standards

  • RFC 4130 - MIME-Based Secure Peer-to-Peer Business Data Interchange Using HTTP, Applicability Statement 2 (AS2) , July 2005

Web links

Individual evidence

  1. Cf. - ( Memento of the original dated November 30, 2009 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot /
  2. See
  3. See
  4. See