1.
General information
This page has to be filled in for establishing an OFTP V1.x connection as well as for an OFTP2 connection.
Partner A
Our parameters
Partner B
Your parameters
Company address
(name and address)
Contact
Data exchange(Name, phone no., fax, email address)
Odette parameter
SSID SFID PasswordSupported OFTP versions
(OFTP2 supports OFTP V1.x also)
OFTP/OFTP2 system in use
OFTP V1.x OFTP2 OFTP V1.x OFTP2
ENX parameters
1)ENX Solution indenture number ENX IP address
Used port port (default port is: 3305 for OFTP V1.x, 6619 for OFTP2) ENX responsible person
(Name, phone no., fax, email address)
Internet parameters
1) Internet IP addressUsed port (default port is 6619) Internet person responsible
(Name, phone no., fax, email address)
ISDN parameters
1) Call numberFixed line IP address
Comments
1)Only the communication option where both partners have agreed in advance is to be entered. Specifications in the following table on page 2 are only necessary if OFTP2 is used by both partners.
2.
Specifications for the encrypted data exchange via OFTP2
This page is to be filled out only if OFTP2 shall be employed. Both partners should specify the
transport medium agreed upon in advance.
Please tick where applicable
Partner A
Supported by us
Partner B
Supported by you
Agreed transport medium
ENX
Internet
ISDN
ENX
Internet
ISDN
Encryption necessary
Yes
No
Yes
No
Applied encryption options
Note: When using ENX, the OFTP2 encryption does only provide for extra security if applied close to applications in place of the DMZ.
Supported Cipher Suites
TLS encryption
(transport layer encryption)
Data file encryption Data file signature
TLS encryption
(transport layer encryption)
Data file encryption Data file signature Certificate used for encryption
Key usage verification
Automated certificate exchange
Yes No Self signed certificates Mutual signed certificate
CA signed certificate (signed by Certificates Authority)
Provider:
Yes No
Yes No Self signed certificates
Mutual signed certificate
CA signed certificate (signed by Certificates Authority) Provider:
Yes No
Data compression
Yes No Yes NoOdette parameter
3.
Explanations
3.1 General information
The data and parameter sheet serves as documentation of the data and parameters of both partners for establishing an OFTP connection . Therefore, the partners have to clarify in advance, which OFTP version and what kind of transport medium shall be employed.
3.2 Application flow description
- Partner A assumes the active part for establishing the connection, discussing open questions with the partner, arranging the exchange of the required certificates for the encrypted data transfer and initiating a test data exchange, after the connection has been established.
- Partner A begins to fill out the sheet und sends it to partner B, who returns it back again to partner A according to his own specifications. Afterwards, the connection is being established, possibly under exchanging certificates between both partners and with confirmation of completion, respectively to each other.
Note:
It might become a common practice, especially for OEMs, that a partner sends a pre-filled sheet as standard to his data exchange partners.
3.3
Further explanatory notes
On page 1 (general Information)This page is always to be filled out for both, the installation of OFTP V1.x and the OFTP2 connection.
- The option “EERP signing” on page 2 means signing the “hash” of the received file, providing for extra transfer security of the files; however, being relevant only when using OFTP2. An additional YES or NO flag for the SFID ID requires a signed EERP.
On page 2 (specifications for the encrypted data exchange) This page is to be filled out only if both partners want to use OFTP2.
- A transport medium specified by partner A is to be chosen respectively by partner B and to be filled out accordingly. If not possible, partner A and B have to agree upon another transport medium.
- As a rule for using ENX, the OFTP2 software can do without encryption and data compression, being operated by the ENX router by default. However, encryption in the OFTP2 software could provide for extra security unless employed at the DMZ (location of the ENX router), but close to application in the internal company network, or if the data transfer shall be signed.
- The identical selection of the encryption option isn’t mandatory for both partners. In particular, it is possible to make use of different certificate-generating services. Odette International offers especially for the data exchange with OFTP2 the issue of certificates. This ensures a high security for the data exchange partners by examination the authenticity of the certificate applicant by the national car organizations (https://www.odetteca.com).
- It is important to rule out data manipulation and misusage when using OFTP2 connections via the Internet, by accurate verification and confirmation of the partner with the implementation of the connection via phone or fax. - The data compression option is part of the OFTP2 data transfer, being operated very efficiently, along with the
encryption within the OFTP2 software. Further data compression beyond OFTP2 with zip, tar, etc. will remain unaffected; however, the need is to be taken into consideration.
Further detailed information can be obtained from the following documents: VDA: OFTP 2 Secure Data Exchange via the Internet –
Guideline for the practical application, Version 1.1 (German and English) Odette: OFTP2 Implementation Guidelines (Englisch)
Example: Parameter specifications for the OFTP2 data exchange via the
Internet
1. General information
This page has to be filled in for establishing an OFTP V1.x connection as well as for an OFTP2 connection.
Partner A
Our parameters
Partner B
Your parameters
Company address
(name and address)
Automotive Company AG Postfach 999 71057 Stuttgart Germany Supplier Company SA Rue de la Republique Paris France
Contact
Data exchange(Name, phone no., fax, email address)
Hans Maier Phone: +49-711-33 44 55-66 Fax: +49-711-33 44 55-10 Email: [email protected] Paul Belmondo Phone : +33-3-12 34 45 67 Fax +33-3-89 12 34 56 Email: [email protected]
Odette Parameter
SSID SFID PasswordEERP signing (only when using OFTP2)
O00xx000yyy AUTOzzzzABCD Hugo Yes No 000aaa000bbb AutoccccEFGH Juliett Yes No
Supported OFTP versions
(OFTP2 supports OFTP V1.x also)
OFTP/OFTP2 in use
OFTP V1.x OFTP2
System A, Version x.y
OFTP V1.x OFTP2
System B, Version x
ENX parameters
ENX Solution indenture number ENX IP address
Used port port (default port is: 3305 for OFTP V1.x, 6619 for OFTP2) ENX responsible person
(Name, phone no., fax, email address)
- -
Internet parameters
Internet IP addressUsed port (default port is 6619) Internet responsible person
(Name, phone no., fax, email address)
53.111.222.33 Port 6619
Paul Mueller, phone. +49-711-11-12 Fax +49-711-11-5678
eMail:[email protected]
53.444.555.66 Port 6619
Francis Dupont, phone +33-3-12 34 46
Email : [email protected]
ISDN parameters
Call numberFixed line IP address
2. Specifications for the encrypted data exchange via OFTP2
Please
tick where applicablePartner A
Supported by us
Partner B
Supported by you
Agreed transport medium
ENX
Internet
ISDN
ENX
Internet
ISDN
Encryption necessary
Yes
No
Yes
No
Applied encryption options
Note: When using ENX, the OFTP2 encryption does only provide for extra security if applied close to applications in place of the DMZ.
Supported Cipher Suites
TLS encryption
(transport layer encryption)
3DES
Data file encryption Data file signature
TLS encryption
(transport layer encryption)
3DES
Data file encryption Data file signature Certificate used for encryption
Key usage verification
Automated certificate exchange
Yes No Self signed certificates
Mutual signed certificate
CA signed certificate
(signed by Certificates Authority) Provider: Odette
Yes No
Yes No Self signed certificates
Mutual signed certificate
CA signed certificate
(signed by Certificates Authority) Provider: Verysecure
Yes No
