What Is OFTP2?
The ODETTE File Transfer Protocol 2 (short: OFTP2) evolved 2007 from the earlier OFTP1 and serves for the exchange of Electronic Data Interchange (EDI) messages. It is based on the TCP/IP protocol and is mainly used in the automotive industry.
Characteristics of OFTP2
- Multifunctional: supports transmission of technical data as well as commercial information
- Network independent: works over any IP-based network (including the public Internet)
- Traceability: has traceability, receipt and non-repudiation functions
- Cost-effective: Implementation and use does not require high effort or usage fees
- Large file size: The transfer of large amounts of data is possible by file compression (e.g. with CAD data)
- OFTP2 in CAD/CAx & product data exchange
Comparison OFTP1 and OFTP2
OFTP1 is based on an ISDN- or an unencrypted TCP/IP connection, therefore telephone charges are incurred for the communication or the confidentiality of the transmission is not ensured. In comparison, OFTP2 is encrypted via the TCP/IP protocol, so there are no telephone charges, as the exchange of messages is handled via the Internet and security is accordingly higher.
OFTP1 over ISDN was widely used. In the course of the ISDN switch-off by Deutsche Telekom, most OFTP1 connections will be switched to OFTP2 by the end of 2018.
Certifications
Digital certificates are used when exchanging secure electronic messages over the Internet. These are primarily used to ensure the authenticity and integrity of the data and to protect the content by means of encryption. There are several issuers of certificates that must be listed in a special list (TSL: Trust Service Status List). This list signals that they can ensure the defined IT standards. OFTP2 offers three mechanisms for certificate generation:
- Self issued certificates: generated by the partner itself
- Certificates from an authorized body: Partner receives the signed certificate from an authorized body
- Jointly created certificates: Partner sends a certificate that is checked and returned by the recipient
Typically certificates signed by an authorized authority are used.
Areas of use of OFTP2
OFTP2 is mainly used by the automotive industry for Electronic Data Interchange (EDI) in Europe. These include BMW, Audi, Daimler, Ford, Opel, Volkswagen and Skoda.
OFTP2 security
OFTP2 is considered to be a secure protocol:
- safety of the transport layer
- data encryption
- partner authentication
- non-repudiation
Addressing is done via the Odette-ID SSID (Start Session ID) and the SSID (Start File ID). The protocol is regularly checked and improved by the Odette OFTP2 expert group to ensure that OFTP2 is always up to date with the latest security standard.