FW Editor: What are your plans or objectives in the near future?
Sebastien MALOT: Some optimizations are planned about my API, mainly concerning logs system, and encryption algorithm compatibility.
My wish is to pass Drummond Certification ...
FW Editor: How and when did you start writing the code for AS2Secure? What inspired you the most? Do you plan to develop new software, or are you more focused on optimizing the current ones?
Sebastien MALOT: I'm currently working on a new library (Opensource) concerning EDI. AS2 is a transfer protocol which is generally used for EDI files. So it can be considered as continuity. Features like 'read' / 'write' / 'conversion to xml' and 'check integrity' will be available.
FW Editor: AS2Secure is one of the best message encryption software from the market. What is the secret?
Sebastien MALOT: A lot of work and a lot of documentation concerning RFC and other API such as Mendelson. A partnership with developpers of APIs under other languages such as Babel AS2.
FW Editor: Can you tell us more about the encryption algorithms used by AS2Secure?
Sebastien MALOT: Encryption algorithms supported by AS2Secure are those supported by the 'Bouncy Castle' API. However, I mainly worked of the algo '3DES' which is the more secure and the more used of all. So I validate only the '3DES' algo with my API.
FW Editor: Why have you decided to use an RC2 128 encryption algorithm and not the more popular AES 128 or AES 256?
Sebastien MALOT: It's a mistake written into my documentation. In fact, initially I planned to use the OpenSSL library of PHP. But I faced issues manipulating binary files. OpenSSL is not able to read or write mime parts with binary bytes. So I've been oblige to change this API by a more powerful one.
FW Editor: What are the advantages of using AS2Secure over any other similar product?
Sebastien MALOT: The most advantage that it is written into PHP. So it can easily interfaced with existing front office application or back office. You can chain storage into database, archive files, and so as you wish.
FW Editor: How safe is AS2Secure?
Sebastien MALOT: The security module hosted by AS2Secure is build around a third part API : 'Bouncy Castle'. This API is know as one of the best secure API written in Java. It's used by Mendelson AS2 Opensource Project, and surely by many others, which demonstrate the very powerful of this library.
FW Editor: What is your favorite AS2Secure option and why?
Sebastien MALOT: One very interesting option is the possibility to personalize action when you receive a message. An adaptor can trigger events and to handle the files received.
FW Editor: Now, to end our small interview, is there any message you would like to send to AS2Secure users?
Sebastien MALOT: I'll be very happy to be informed about any implementation of my API. It's very important for me to have any feedback (good or bad, limitation encountered, ...).
That's why I made this project under LGPL.
About this interview