Like any other ASx file transfer, AS3 file transfers typically require both sides of the exchange to trade SSL certificates and specific "trading partner" names before any transfers can take place. AS3 trading partner names can be any valid phrase.
You encrypt a data file with the public key on your partner's SSL certificate and sign it with the private key of your organization's SSL certificate as you bundle everything into an AS3 message. (Both the encryption and signing steps are optional, but should be used when possible.)
You send the AS3 message to an FTP server. This could be your FTP server, your partner's FTP server or a hosted FTP server somewhere else. (Credentials and cleartext message headers may be protected with SSL transport in this step.)
Your partner will retrieve your AS3 message off the same FTP server. (Credentials and cleartext message headers may be protected with SSL transport in this step.)
If the message is encrypted, your partner will decrypt it using the private key on his/her SSL certificate. If the message is signed, your partner will validate your signature using the public key on your SSL certificate. Your partner will also use the contents of the AS3 message to verify that the data file they now have is identical to the data file you sent them.
If you requested an MDN delivery receipt for your data file, your partner will calculate a cryptographic hash from the data file they received, sign the hash (and some other information) with the private key on their SSL certificate and create an MDN delivery receipt message. (The signing step is optional and controlled by the original message sender.)
Your partner will send his/her MDN delivery receipt message back to the same FTP server the original AS3 message traveled through, though perhaps in a different folder or bearing a different file name. (Credentials and the cleartext MDN delivery receipt message may be protected with SSL transport in this step.)
You will retrieve your partner's MDN delivery receipt message off the same FTP server. (Credentials and the cleartext MDN delivery receipt message may be protected with SSL transport in this step.)
You will inspect your partner's MDN delivery receipt message, making sure that you can verify his/her signature using the public key on your partner's SSL certificate and that the cryptographic hash calculated from your partner's copy of your data file matches the same hash calculation from your original data file.
Variations
FTP Server Location - The FTP server used in an AS3 transfer could be your FTP server, your partner's FTP server or a hosted FTP server somewhere else. If you have control over the FTP server, we recommend deploying/using a MOVEit Transfer FTP server.