Logic Apps AS2 Decode: MIC algorithm is required for signed MDN


We noted in our service telemetry a few failures from AS2 Decoding with an message disposition notification (MDN aka receipt) request for signed receipt but no specification of the MIC algorithm. As a reminder it is required for the sender of the message to specify the MIC algorithm when they request a signed receipt. Here is the matching extract from the AS2 specifying RFC:

      Both the "signed-receipt-protocol" and the "signed- receipt-
      micalg" option parameters are REQUIRED when requesting a signed
      receipt.

https://www.ietf.org/rfc/rfc4130.txt

When the MIC algorithm is not present in the Disposition-Notification-Options but signed receipt is requested, our service will in the future respond to the decode request with 400 Bad Request error as the payload is wrong. Specifically...

If the request had for instance HTTP headers:

{ "Disposition-Notification-To", "http://locallhost" },
{ "Receipt-Delivery-Option", "https://helloWorld.com/MicrosoftMdns" },
{ "Disposition-Notification-Options", "signed-receipt-protocol=required,pkcs7-signature" }

Our response will be:

StatusCode = HttpStatusCode.BadRequest,
ErrorMessage = "Disposition-Notification-Option value: \"signed-receipt-protocol=required,pkcs7-signature\" is invalid. Disposition-Notification-Options",
ErrorCode = "EdiIntException_18"

Comments (2)
  1. David Burg says:

    A small fix for responding with 400 Bad Request is now rolling out.

  2. David Burg says:

    This blog has been moved off the MSDN platform. Find further content and update at https://www.linkedin.com/today/author/daviburg

    Comments are locked as part of the blog migration, so please reach out to your customer support contact for assistance with Microsoft products and services.

Comments are closed.

Skip to main content