CONTENTS Page Recommendation X.402 - Message handling systems: overall architecture ................................. 1 Recommendation X.403 - Message handling systems: conformance testing ...................................... 1 Recommendation X.407 - Message handling systems: abstract service definition conventions ....................... 1 Recommendation X.402 MESSAGE HANDLING SYSTEMS OVERALL ARCHITECTURE The establishment in various countries of telematic services and computer-based store-and-forward message services in association with public data networks creates a need to produce standards to facilitate international message exchange between subscribers to such services. The CCITT, considering (a) the need for Message Handling Systems; (b) the need to transfer and store messages of different types; (c) that Recommendation X.200 defines the Reference Model of Open Systems Interconnection for CCITT applications; (d) that Recommendations X.208, X.217, X.218, and X.219 provide the foundation for CCITT applications; (e) that the X.500-series Recommendations define Directory Systems; (f) that Message Handling Systems are defined in a series of Recommendations: X.400, X.402, X.403, X.407, X.408, X.411, X.413, and X.419; (g) that Interpersonal Messaging is defined in Recommendations X.420 and T.330, unanimously declares (1) that the abstract models of a Message Handling System are defined in section two; (2) that the configurations of a Message Handling System are defined in section three; (3) that naming, addressing, and routing within Message Handling Systems are defined in section four. (4) that the use of the Directory by Message Handling Systems is defined in section five. (5) that the OSI realization of a Message Handling System is specified in section six. Table of Contents Section One - Introduction 0. Introduction 1. Scope 1 2. References 2.1 Open Systems Interconnection 2.2 Directory Systems 3 2.3 Message Handling Systems 3. Definitions 4 3.1 Open Systems Interconnection 3.2 Directory Systems 6 3.3 Message Handling Systems 4. Abbreviations 5. Conventions 5.1 ASN.1 5.2 Grade 5.3 Terms Section Two - Abstract Models 6. Overview 8 7. Functional Model 7.1 Primary Functional Objects 7.1.1 The Message Handling System 7.1.2 Users 7.1.3 Distribution Lists 7.2 Secondary Functional Objects 7.2.1 The Message Transfer System 7.2.2 User Agents 7.2.3 Message Stores 7.2.4 Access Units 7.3 Tertiary Functional Objects 7.3.1 Message Transfer Agents 7.4 Selected AU Types 7.4.1 Physical Delivery 7.4.2 Telematic 7.4.3 Telex 8. Information Model 8.1 Messages 8.2 Probes 8.3 Reports 9. Operational Model 9.1 Transmittal 9.2 Transmittal Roles 9.3 Transmittal Steps 9.3.1 Origination 9.3.2 Submission 9.3.3 Import 9.3.4 Transfer 9.3.5 Export 9.3.6 Delivery 9.3.7 Retrieva 9.3.8 Receipt 9.4 Transmittal Events 9.4.1 Splitting 9.4.2 Joining 9.4.3 Name Resolution 9.4.4 DL Expansion 9.4.5 Redirection 9.4.6 Conversion 9.4.7 Non-delivery 9.4.8 Non-affirmation 9.4.9 Affirmation 9.4.10 Routing 10. Security Model 10.1 Security Policies 10.2 Security Services 10.2.1 Origin Authentication Security Services 10.2.2 Secure Access Management Security Service 10.2.3 Data Confidentiality Security Services 10.2.4 Data Integrity Security Services 10.2.5 Non-Repudiation Security Services 10.2.6 Message Security Labelling Security Service 10.2.7 Security Management Services 10.3 Security Elements 10.3.1 Authentication Security Elements 10.3.2 Secure Access Management Security Elements 10.3.3 Data Confidentiality Security Elements 10.3.4 Data Integrity Security Elements 10.3.5 Non-repudiation Security Elements 10.3.6 Security Label Security Elements 10.3.7 Security Management Security Elements 10.3.8 Double Enveloping Technique Section Three - Configurations 11. Overview 33 12. Functional Configurations 12.1 Regarding the Directory 12.2 Regarding the Message Store 13. Physical Configurations 13.1 Messaging Systems 13.1.1 Access Systems 13.1.2 Storage Systems 13.1.3 Access and Storage Systems 13.1.4 Transfer Systems 13.1.5 Access and Transfer Systems 13.1.6 Storage and Transfer Systems 13.1.7 Access, Storage, and Transfer Systems 13.2 Representative Configurations 13.2.1 Fully Centralized 13.2.2 Centralized Message Transfer and Storage 13.2.3 Centralized Message Transfer 13.2.4 Fully Distributed 14. Organizational Configurations 14.1 Management Domains 14.1.1 Administration Management Domains 14.1.2 Private Management Domains 14.2 Representative Configurations 14.2.1 Fully Centralized 14.2.2 Directly Connected 14.2.3 Indirectly Connected 15. The Global MHS Section Four - Naming, Addressing, and Routing 16. Overview 17. Naming 17.1 Directory Names 17.2 O/R Names 18. Addressing 18.1 Attribute Lists 18.2 Character Sets 18.3 Standard Attributes 18.3.1 Administration-domain-name 18.3.2 Common-name 18.3.3 Country-name 18.3.4 Extension-postal-O/R-address-components 18.3.5 Extension-physical-delivery-address-components 18.3.6 Local-postal-attributes 18.3.7 Network-address 18.3.8 Numeric-user-identifier 18.3.9 Organization-name 18.3.10 Organizational-unit-names 18.3.11 Physical-delivery-service-name 18.3.12 Personal-name 18.3.13 Physical-delivery-country-name 18.3.14 Physical-delivery-office-name 18.3.15 Physical-delivery-office-number 18.3.16 Physical-delivery-organization-name 18.3.17 Physical-delivery-personal-name 18.3.18 Post-office-box-address 18.3.19 Postal-code 18.3.20 Poste-restante-address 18.3.21 Private-domain-name 18.3.22 Street-address 18.3.23 Terminal-identifier 18.3.24 Terminal-type 18.3.25 Unformatted-postal-address 18.3.26 Unique-postal-name 18.4 Attribute List Equivalence 18.5 O/R Address Forms 18.5.1 Mnemonic O/R Address 18.5.2 Numeric O/R Address 18.5.3 Postal O/R Address 18.5.4 Terminal O/R Address 18.6 Conditional Attributes 19. Routing Section Five - Use of the Directory 20. Overview 21. Authentication 22. Name Resolution 23. DL Expansion 24. Capability Assessment Section Six - OSI Realization 25. Overview 26. Application Service Elements 26.1 The ASE Concept 26.2 Symmetric and Asymmetric ASEs 26.3 Message Handling ASEs 26.3.1 Message Transfer 26.3.2 Message Submission 26.3.3 Message Delivery 26.3.4 Message Retrieval 26.3.5 Message Administration 26.4 Supporting ASEs 26.4.1 Remote Operations 26.4.2 Reliable Transfer 26.4.3 Association Control 27. Application Contexts Annexes A Directory Object Classes and Attributes A.1 Object Classes A.1.1 MHS Distribution List A.1.2 MHS Message Store A.1.3 MHS Message Transfer Agent A.1.4 MHS Organizational User A.1.5 MHS Residential User A.1.6 MHS User Agent A.2 Attributes A.2.1 MHS Deliverable Content Length A.2.2 MHS Deliverable Content Types A.2.3 MHS Deliverable EITs A.2.4 MHS DL Members A.2.5 MHS DL Submit Permissions A.2.6 MHS Message Store A.2.7 MHS O/R Addresses A.2.8 MHS Preferred Delivery Methods A.2.9 MHS Supported Automatic Actions A.2.10 MHS Supported Content Types A.2.11 MHS Supported Optional Attributes A.3 Attribute Syntaxes A.3.1 MHS DL Submit Permission A.3.2 MHS O/R Address A.3.3 MHS O/R Name B Reference Definition of Object Identifiers C Reference Definition of Directory Object Classes and Attributes D Security Threats D.1 Masquerade D.2 Message Sequencing D.3 Modification of Information D.4 Denial of Service D.5 Repudiation D.6 Leakage of Information D.7 Other Threats E Provision of Security Services in Recommendation X.411 F Differences Between CCITT Recommendation and ISO Standard G Index Section One - Introduction 0. Introduction This Recommendation is one of a set of Recommendations for Message Handling. The entire set provides a comprehensive blueprint for a Message Handling System (MHS) realized by any number of cooperating open systems. The purpose of an MHS is to enable users to exchange messages on a store-and-forward basis. A message submitted on behalf of one user, the originator, is conveyed by the Message Transfer System (MTS) and subsequently delivered to the agents of one or more additional users, the recipients. Access units (AUs) link the MTS to communication systems of other kinds (e.g., postal systems). A user is assisted in the preparation, storage, and display of messages by a user agent (UA). Optionally, he is assisted in the storage of messages by a message store (MS). The MTS comprises a number of message transfer agents (MTAs) which collectively perform the store-and-forward message transfer function. This Recommendation specifies the overall architecture of the MHS and serves as a technical introduction to it. The text of this Recommendation is the subject of joint CCITT-ISO agreement. The corresponding ISO specification is ISO 10021-2. 1. Scope This Recommendation defines the overall architecture of the MHS and serves as a technical introduction to it. Other aspects of Message Handling are specified in other Recommendations. A non-technical overview of Message Handling is provided by Recommendation X.400. The conformance testing of MHS components is described in Recommendation X.403. The conventions used in the definition of the abstract services provided by MHS components are defined in Recommendation X.407. The detailed rules by which the MTS converts the contents of messages from one EIT to another are defined in Recommendation X.408. The abstract service the MTS provides and the procedures that govern its distributed operation are defined in Recommendation X.411. The abstract service the MS provides is defined in Recommendation X.413. The application protocols that govern the interactions of MHS components are specified in Recommendation X.419. The Interpersonal Messaging System, an application of Message Handling, is defined in Recommendation X.420. Telematic access to the Interpersonal Messaging System is specified in Recommendation T.330. The CCITT Recommendations and ISO International Standards on Message Handling are summarized in Table 1/X.402. Table .T.:1/X.402 Specifications for Message Handling Systems +-------+--------+-------------------------------------------+ | CCITT | ISO | SUBJECT MATT R | +- Introduction -+-------------------------- ------------------+ | X.400 | 8505-1 | Service and system overview | | X.402 | 8505 2 | Overall architecture | +- Various Aspects ------ -------------------------------------+ | X.403 | - | Conformance testing | | X.407 | 8883-2 | Abstract service definition conventions | | X.408 | - | Encoded information type conversion rules | +- Abstract Services -------- ---------------------------------+ | X.411 | 8883-1 | MTS Abstract Service definition and | | procedures for distributed operation | | X.413 | TBS-1 | MS Abstract Service definition | +- Protocols ----+--------------- -----------------------------+ | X.419 | 8505-2 | Protocol specifications | +- Interpersonal Messaging System ---------------------------+ | X.420 | 9065 | Interpersonal Messaging System | | T.330 | - | Telematic access t IPMS | +-------+--------+------------------------------------------ --+ The Directory, the principal means for disseminating communication-related information among MHS components, is defined in the X.500-series Recommendations, as summarized in Table 2/X.402. Table .T.:2/X.402 Specifications for Directories +-------+--------+--------------------------------------+ | CCITT | ISO | SUBJECT MATTE | +- Model --------+------------------------------------- --+ | X.2 0 | 7498 | OSI Reference Model | +-------+--------+------ ---------------------------------+ | X.500 | 9594-1 | Overview | | X.501 | 9594-2 | Models | | X.509 | 9594-8 | Authentication framework | | X.511 | 9594-3 | Abstract service definition | | X.518 | 9594-4 | Procedures for distributed operation | | X.519 | 9594-5 | Protocol specifications | | X.520 | 9594-6 | Selected attribute types | | X.521 | 9594-7 | Selected object classes | +-------+------ ---+--------------------------------------+ The architectural foundation for Message Handling is provided by still other Recommendations. The OSI Reference Model is defined in Recommendation X.200. The notation for specifying the data structures of abstract services and application protocols, ASN.1, and the associated encoding rules are defined in Recommendations X.208 and X.209. The means for establishing and releasing associations, the ACSE, is defined in Recommendations X.217 and X.227. The means for reliably conveying APDUs over associations, the RTSE, is defined in Recommendations X.218 and X.228. The means for making requests of other open systems, the ROSE, is defined in Recommendations X.219 and X.229. The CCITT Recommendations and ISO International Standards foundational to Message Handling are summarized in Table 3/X.402. Table .T.:3/X.402 Specifications for MHS Foundations +-------+--------+--------------------------------------+ | CCITT | ISO | SUBJECT MATTE | +- Model --------+------------------------------------- --+ | X.200 | 74 8 | OSI Reference Model | +- ASN.1 --------+------ ---------------------------------+ | X.208 | 8824 | Abstract syntax notation | | X.209 | 8825 | Basic encoding rules | +- Association Control ---------------------------------+ | X.217 | 8649 | Service definition | | X.227 | 8650 | Protocol specification | +- Reliable Transfer -----------------------------------+ | X.218 | 9066/1 | Service definition | | X.228 | 9066/2 | Protocol specification | +- Remote Operations -----------------------------------+ | X.219 | 9072/1 | Service definition | | X.229 | 9072/2 | Protocol specification | +-------+--- ------+--------------------------------------+ This Recommendation is structured as follows. Section one is this introduction. Section two presents abstract models of Message Handling. Section three specifies how one can configure the MHS to satisfy any of a variety of functional, physical, and organizational requirements. Section four describes the naming and addressing of users and distribution lists and the routing of information objects to them. Section five describes the uses the MHS may make of the Directory. Section six describes how the MHS is realized by means of OSI. Annexes provide important supplemental information. No requirements for conformance to this Recommendation are imposed. 2. References This Recommendation and others in the set cite the documents below. 2.1 Open Systems Interconnection This Recommendation and others in the set cite the following OSI specifications: X.200 Basic reference model.(see also ISO 7498). X.208 Specification of abstract syntax notation one (ASN.1) (see also ISO 8824). X.209 Specification of basic encoding rules for abstract syntax notation one (ASN.1) (see also ISO 8825). X.217 Association control: Service definition (see also ISO 8649). X.218 Reliable transfer: Model and service definition (see also ISO 9066-1). X.219 Remote operations: Model, notation and service definition (see also ISO 9072-1). X.227 Association control: Protocol specification (see also ISO 8650). X.228 Reliable transfer: Protocol specification (see also ISO 9066-2). X.229 Remote operations: Protocol specification (see also ISO 9072-2). 2.2 Directory Systems This Recommendation and others in the set cite the following Directory System specifications: of concepts, models, and service.) X.500 The directory Overview (see also ISO 9594-1). X.501 The directory Models (see also ISO 9594-2). X.509 The directory Authentication framework (see also ISO 9594-8). X.511 The directory Abstract service definition (see also ISO 9594-3). X.518 The directory Procedures for distributed operation (see also ISO 9594-4). X.519 The directory Protocol specifications (see also ISO 9495-5). X.520 The directory Selected attribute types (see also ISO 9495-6). X.521 The directory Selected object classes (see also ISO 9495-7). 2.3 Message Handling Systems This Recommendation and others in the set cite the following Message Handling System specifications: T.330 Telematic access to IPMS. X.400 Message handling: Service and system overview (see also ISO 10021-1). X.403 Message handling systems: Conformance testing. X.407 Message handling systems: Abstract service definition conventions (see also ISO 10021-3). X.408 Message handling systems: Encoded information type conversion rules. X.411 Message handling systems: Message transfer system: Abstract service definition and procedures (see also ISO 10021-4). X.413 Message handling systems: Message store: Abstract service definition (see also ISO 1002105). X.419 Message handling systems: Protocol specifications (see also ISO 10021-6). X.420 Message handling systems: Interpersonal messaging system (see also ISO 10021-7). 3. Definitions For the purposes of this Recommendation and others in the set, the definitions below apply. 3.1 Open Systems Interconnection This Recommendation and others in the set use the following terms defined in Recommendation X.200, as well as the names of the seven layers of the Reference Model: a) abstract syntax; b) application entity (.I.ab:AE;); c) application process; d) application protocol data unit (.I.ab:APDU;); e) application service element (.I.ab:ASE;); f) distributed information processing task; g) layer; h) open system; i) Open Systems Interconnection (.I.ab:OSI;); j) peer; k) presentation context; l) protocol; m) Reference Model; n) transfer syntax; and o) user element (.I.ab:UE;). This Recommendation and others in the set use the following terms defined in Recommendations X.208 and X.209, as well as the names of ASN.1 data types and values: a) Abstract Syntax Notation One (.I.ab:ASN.1;); b) Basic Encoding Rules; c) explicit; d) export; e) implicit; f) import; g) macro; h) module; i) tag; j) type; and k) value. This Recommendation and others in the set use the following terms defined in Recommendation X.217: a) application association; association; b) application context (.I.ab:AC;); c) Association Control Service Element (.I.ab:ACSE;); d) initiator; and e) responder. This Recommendation and others in the set use the following terms defined in Recommendation X.218: a) Reliable Transfer (.I.ab:RT;); and b) Reliable Transfer Service Element (.I.ab:RTSE;). This Recommendation and others in the set use the following terms defined in Recommendation X.219: a) argument; b) asynchronous; c) bind; d) parameter; e) remote error; f) remote operation; g) Remote Operations (.I.ab:RO;); h) Remote Operations Service Element (.I.ab:ROSE;); i) result; j) synchronous; and k) unbind. 3.2 Directory Systems This Recommendation and others in the set use the following terms defined in the X.500-series Recommendations: a) attribute; b) certificate; c) certification authority; d) certification path; e) directory entry; entry; f) directory system agent (.I.ab:DSA;); g) Directory; h) hash function; i) name; j) object class; k) object; l) simple authentication; and m) strong authentication. 3.3 Message Handling Systems For the purposes of this Recommendation and others in the set, the definitions indexed in annex G apply. 4. Abbreviations For the purposes of this Recommendation and others in the set, the abbreviations indexed in annex G apply. 5. Conventions This Recommendation uses the descriptive conventions identified below. 5.1 ASN.1 This Recommendation uses several ASN.1-based descriptive conventions in annexes A and C to define the Message Handling-specific information the Directory may hold. In particular, it uses the OBJECT-CLASS, ATTRIBUTE, and ATTRIBUTE-SYNTAX macros of Recommendation X.501 to define Message Handling-specific object classes, attributes, and attribute syntaxes. ASN.1 appears both in annex A to aid the exposition, and again, largely redundantly, in annex C for reference. If differences are found between the two, a specification error is indicated. Note that ASN.1 tags are implicit throughout the ASN.1 module that annex C defines; the module is definitive in that respect. 5.2 Grade Whenever this Recommendation describes a class of data structure (e.g., O/R addresses) having components (e.g., attributes), each component is assigned one of the following .I.gl:grade;s: a) .I.gl:mandatory; (.I.ab:M;): A mandatory component shall be present in every instance of the class. b) .I.gl:optional; (.I.ab:O;): An optional component shall be present in an instance of the class at the discretion of the object (e.g., user) supplying that instance. There is no default value. c) .I.gl:defaultable; (.I.ab:D;): A defaultable component shall be present in an instance of the class at the discretion of the object (e.g., user) supplying that instance. In its absence a default value, specified by this Recommendation, applies. d) .I.gl:conditional; (.I.ab:C;): A conditional component shall be present in an instance of the class as dictated by this Recommendation. 5.3 Terms Throughout the remainder of this Recommendation, terms are rendered in bold when defined, in italic when referenced prior to their definitions, without emphasis upon other occasions. Terms that are proper nouns are capitalized, generic terms are not.