Tag Archives: AS2

Tips For A Successful EDI Implementation

Our guest wanted to ask (this  EDI Group), if anyone had a contact at Home Depot who could assist me in getting connected to Home Depot via either AS2 or FTP.
Since moving their EDI Support to India, the “support” portion seems to have been lost. It is next to impossible to get anything resolved and.  Our company has been trading with Home Depot for years, but our volume has exploded and the VAN costs are through the roof.  It is my understanding that while there EDI support was still here in the good ol’ USA, Home Depot did AS2.  However, when I try to communicate to HD India about switching to AS2 or FTP, I am told that because we are a “new supplier” we cannot.  I have tried to explain on several occasions that we are a long established supplier.  Then I get the reply “well, you are new to AS2” therefore you cannot do AS2.  How is that?  You can only do AS2 if you do AS2, but you cannot do AS2 if you are not doing AS2.  How does one break into this “elite club”?
One member of the support group responded as follows:
I think at this point you need to “think outside the IT/Tech Support box” and contact someone at Home Depot headquarters.

You surely have a sales rep who surely has at least one buyer/purchasing agent contact. You could start there.

But my favorite technique is to call the main switchboard and press whatever number you need to press to reach a live human.
Explain your problem (in English, not in Geek!) and in your case you might use words like “unresponsive” or “unavailable” or even
“complaint” somewhere in your explanation. (These are good sympathy/action words).

The switchboard person will get you to someone, but be prepared to explain your problem again because that first transfer may not
be the exact person you need.

You will eventually get connected to the party you need, or that party’s boss. Either works for you, except if you get the boss,
it’s going to be your party calling YOU after a brief “discussion” with that boss.

Another member responded as follows:
Email b2b_testing @ homedepot.com subject line should be something like this “VENDOR #### Ready for AS2 Testing” in the email body put in your vendor number and your AS2 information (AS2 ID, URL and etc)
Tell them you are ready to start on-boarding / testing (playing dumb as worked for me in the past as well)
Then follow up with a phone call contact the B2B/EDI help desk at 770-433-8211 x10036, option 3,3.
If you get a rejection – send the rejection to your sales rep have him forwarded it to the buyer – sales reps are sometimes afraid to contact their buyers and ask them questions, but your sales rep can complain about the cost of EDI and use it as leverage to negotiate prices or something —- this has also worked for me in the past.

Improved AS2


Like VANs, AS2 gets complex if there are more than a couple of nodes involved. It is an excellent protocol with strong encryption and digital signatures, positive sender identification and proof of receipt. It is the implementation that can be weak, not the application.

AS2 (Applicability Statement 2) is a specification for Electronic Data Interchange (EDI) between businesses using the Internet’s Web page protocol, the Hypertext Transfer Protocol (HTTP). The AS2 standard provides Secure Multi-Purpose Internet Mail Extensions (S/MIME) and uses HTTP or its more secure version, HTTPS, to transmit data over the Internet. Security, authentication, message integrity, and privacy are assured by the use of encryption and digital signatures.

Another important feature, nonrepudiation, makes it impossible for the intended recipient of a message to deny having received it. A Web server, an EDI transfer engine, and digital certificates are all that are required for data exchange using AS2.

All this sounds very well developed, but AS2 has no “directory” function. What would e-mail be like if it had no directory function? E-Mail has its DNS & MX records which automatically make the rounds of other e-mail systems.

Much of the management of AS2 is still manual. That means it is time to automate! URLs and Public Certificates change. Most every AS2 package allows you to generate and sign your own certificate. The process will generate both a private and public key for a length of time selected by you. The private key will automatically be securely stored where the AS2 software can access it, and the public certificate will be placed in a location where you can send copies to your trading partners.

What is AS2? A Common Search Landing on ECGridOS.com


What is AS2? It stands for Applicability Standard #2, an RFC, via the W3C, that came into being in the mid 2000′s. AS2 is a way to transfer EDI (or any) files securely from point to Point, with acknowledgement. AS2 is different than FTP or the secure FTP variants, because it is not interactive, like FTP, and does not allow access to host system directories – which FTP does allow unless you lock it down in any number of ways.

AS2 is attractive because it defines a strict state based transfer – certain things have to happen in a order, before an MDN acknowledgement is generated synchronously (right away) or asynchronously (not right away). As2 rides on top of http, or secure http, and the EDI MIME  file is PKI encrypted with certificates. All of this is standardized; what is not standardized are the sender and receiver port numbers to use (a glaring omission) and other conventions that should have been spelled out as best practices, which Todd has started delving into in his As2 Best Practices Articles (see link below).

See Todd’s excellent post on AS2 for an explanation. We are catching a ton of AS2 keyword traffic, so check out http://www.ld.com/as2-part-1-what-is-it/    as it never hurts to review.

Todd Gould fields a question about VANs and AS2


Question to Todd

Why we should opt for VAN rather than AS2 connection though VAN charges per KB files to transfer? What are the services provided by a VAN provided other than just transferring files?
Todd Responded:
Todd Gould It really depends on what competencies you have in house and what “value added” services you require. Since your question only seems to include the actual transport of the data, then I will assume you are looking at plain VAN Mailboxing vs. AS2. The VAN as a message broker: With a VAN you set up a single communications channel to the VAN for uploading and downloading your data. All the routing both to other trading partners on the same VAN and to others over Interconnects are handled for you by the VAN. Additionally, you would likely need a VAN that can also hand AS2 on your behalf since these days there are a number of major trading partners that only have AS2 connectivity. Every communication channel with your trading partners is handled by someone else, just like your phone service and your Internet service. You pay for your connection and have the expectation that your provider, the VAN will respond to your needs and issues since you are paying them. In practice, the VANs never cooperated very well with each other. There is no shared routing table, no concept of DNS and no automation or standard for migrations. It mostly works, but not nearly as well as it could. This lack of cooperation and standardization contributes to the high cost of VAN services. A modernized VAN architecture could greatly reduce the costs of delivering the services while maintaining profit margins. AS2 requires more in-sourcing: With AS2 you become the message broker and the communications expert. You have to manage every one of your trading partner communications channels, make certificate changes whenever they dictate and deal with any outages, incompatibilities, etc. You manage your own routing tables in order to tell the AS2 system where to send each interchange. Depending on the AS2 software license you may have to keep paying for more trading partner licenses as you expand in addition to annual support agreements. There are implementation issues, test configurations, production configurations and various data gymnastics that must be performed in order to get your data to route to the right AS2 configuration. Every time I think I’ve seen it all, someone creates something new and very special. There are also firewall issues. For whatever reason, the writers of the AS2 RFC did not see a need to specify a commonly used port, so it seems that ever implementation of AS2 is set up on a different port. Depending on your firewall administrator, you may be in for a number of “discussions.” There is no central AS2 directory service, so you will need to manual enter and configure every single one of your trading partner profiles and manually update them as they change. Changes tend to be hard cutovers, so be prepared to show up at any hour on any day of the week to change your system exactly the same time your trading partner changes theirs. For each organization there is this magic number of AS2 trading partners where the system becomes a burden. For some it may be 10, for others it may be 50, 100 and certainly by 500 AS2 trading partners, this has become a full time support position that must be monitored 24x7x365. While I think that AS2 is actually a pretty nifty communications protocol with encryption, digital signatures, and delivery notices (MDNs), I think the current options for software are only adequate. A global registry for AS2 configuration information, along with an API, that software packages could use to automatically update trading partner configurations would go a long way to making AS2 a vastly superior choice for B2B communications than it is today. With all this said, I would think that any company that is handling its own EDI mapping and translation would tend to run its largest EDI trading partners over AS2 and then outsource to a VAN to handle the smaller trading partners and those not AS2-enabled, getting the best of both worlds…until something better comes along.