Logic Apps AS2 Decode: MIC algorithm is required for signed MDN


We noted in our service telemetry a few failures from AS2 Decoding with an message disposition notification (MDN aka receipt) request for signed receipt but no specification of the MIC algorithm. As a reminder it is required for the sender of the message to specify the MIC algorithm when they request a signed receipt. Here is the matching extract from the AS2 specifying RFC:

      Both the "signed-receipt-protocol" and the "signed- receipt-
      micalg" option parameters are REQUIRED when requesting a signed
      receipt.

https://www.ietf.org/rfc/rfc4130.txt

When the MIC algorithm is not present in the Disposition-Notification-Options but signed receipt is requested, our service will in the future respond to the decode request with 400 Bad Request error as the payload is wrong. Specifically...

If the request had for instance HTTP headers:

{ "Disposition-Notification-To", "http://locallhost" },
{ "Receipt-Delivery-Option", "https://helloWorld.com/MicrosoftMdns" },
{ "Disposition-Notification-Options", "signed-receipt-protocol=required,pkcs7-signature" }

Our response will be:

StatusCode = HttpStatusCode.BadRequest,
ErrorMessage = "Disposition-Notification-Option value: \"signed-receipt-protocol=required,pkcs7-signature\" is invalid. Disposition-Notification-Options",
ErrorCode = "EdiIntException_18"

Comments (0)

Skip to main content