1. General information This page has to be filled in for establishing an connection as well as for an connection. Company address (name and address) Contact Data exchange SSID SFID Password Supported OFTP versions ( supports also) OFTP/ system in use parameters 1) Solution indenture number IP address Used port port (default port is: 3305 for, 6619 for ) responsible person parameters 1) IP address Used port (default port is 6619) person responsible parameters 1) Call number Fixed line IP address Comments Our parameters Your parameters 1) Only the communication option where both partners have agreed in advance is to be entered. Specifications in the following table on page 2 are only necessary if is used by both partners. - 1 -
2. Specifications for the encrypted data exchange via This page is to be filled out only if shall be employed. Both partners should specify the transport medium agreed upon in advance. Agreed transport medium Supported by us Please tick where applicable Supported by you Encryption necessary Applied encryption options te: When using, the encryption does only provide for extra security if applied close to applications in place of the DMZ. Supported Cipher Suites Certificate used for encryption Key usage verification Provider: Provider: Automated certificate exchange Data compression EERP signing (only when using ) - 2 -
3. Explanations 3.1 General information The data and parameter sheet serves as documentation of the data and parameters of both partners for establishing an OFTP connection. Therefore, the partners have to clarify in advance, which OFTP version and what kind of transport medium shall be employed. 3.2 Application flow description - assumes the active part for establishing the connection, discussing open questions with the partner, arranging the exchange of the required certificates for the encrypted data transfer and initiating a test data exchange, after the connection has been established. - begins to fill out the sheet und sends it to partner B, who returns it back again to partner A according to his own specifications. Afterwards, the connection is being established, possibly under exchanging certificates between both partners and with confirmation of completion, respectively to each other. te: It might become a common practice, especially for OEMs, that a partner sends a pre-filled sheet as standard to his data exchange partners. 3.3 Further explanatory notes On page 1 (general Information) This page is always to be filled out for both, the installation of and the connection. - The option EERP signing on page 2 means signing the hash of the received file, providing for extra transfer security of the files; however, being relevant only when using. An additional YES or NO flag for the SFID ID requires a signed EERP. On page 2 (specifications for the encrypted data exchange) This page is to be filled out only if both partners want to use. - A transport medium specified by partner A is to be chosen respectively by partner B and to be filled out accordingly. If not possible, partner A and B have to agree upon another transport medium. - As a rule for using, the software can do without encryption and data compression, being operated by the router by default. However, encryption in the software could provide for extra security unless employed at the DMZ (location of the router), but close to application in the internal company network, or if the data transfer shall be signed. - The identical selection of the encryption option isn t mandatory for both partners. In particular, it is possible to make use of different certificate-generating services. Odette International offers especially for the data exchange with the issue of certificates. This ensures a high security for the data exchange partners by examination the authenticity of the certificate applicant by the national car organizations (https://www.odetteca.com). - It is important to rule out data manipulation and misusage when using connections via the, by accurate verification and confirmation of the partner with the implementation of the connection via phone or fax. - The data compression option is part of the data transfer, being operated very efficiently, along with the encryption within the software. Further data compression beyond with zip, tar, etc. will remain unaffected; however, the need is to be taken into consideration. Further detailed information can be obtained from the following documents: VDA: OFTP 2 Secure Data Exchange via the Guideline for the practical application, Version 1.1 (German and English) Odette: Implementation Guidelines (Englisch) - 3 -
Example: Parameter specifications for the data exchange via the 1. General information This page has to be filled in for establishing an connection as well as for an connection. Company address (name and address) Contact Data exchange Odette Parameter SSID SFID Password EERP signing (only when using ) Supported OFTP versions ( supports also) OFTP/ in use Our parameters Automotive Company AG Postfach 999 71057 Stuttgart Germany Hans Maier Phone: +49-711-33 44 55-66 Fax: +49-711-33 44 55-10 Email: hans.maier@automotiv.de O00xx000yyy AUTOzzzzABCD Hugo System A, Version x.y Your parameters Supplier Company SA Rue de la Republique Paris France Paul Belmondo Phone : +33-3-12 34 45 67 Fax +33-3-89 12 34 56 Email: Paul.belmondo@supplier.fr 000aaa000bbb AutoccccEFGH Juliett System B, Version x parameters Solution indenture number IP address Used port port (default port is: 3305 for, 6619 for ) responsible person - - parameters IP address Used port (default port is 6619) responsible person 53.111.222.33 Port 6619 Paul Mueller, phone. +49-711-11-12 Fax +49-711-11-5678 email:paul.mueller@automotiv.com 53.444.555.66 Port 6619 Francis Dupont, phone +33-3- 12 34 46 Email : F.dupont@supplier.fr parameters Call number Fixed line IP address - - Comments Please announce the completion of the connection by fax We support ENGDAT V3-4 -
2. Specifications for the encrypted data exchange via Agreed transport medium Supported by us Please tick where applicable Supported by you Encryption necessary Applied encryption options te: When using, the encryption does only provide for extra security if applied close to applications in place of the DMZ. Supported Cipher Suites Certificate used for encryption Key usage verification 3DES 3DES Provider: Odette Provider: Verysecure Automated certificate exchange Data compression EERP signing (only when using ) - 5 -