-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path32K.html
650 lines (537 loc) · 32 KB
/
32K.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
<html>
<head>
<!--<meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1"> -->
<title>Large HTML page with images</title>
<!-- The following link block and style block present methods how to load external CSS documents.
The link tag forces an immediate download of the CSS document whereas the import clause in
the style block has the document downloaded some random time later. -->
<link href="htmlparser/sections.css" rel="stylesheet" type="text/css">
<!--
<style type="text/css">
@import url(htmlparser/sections.css);
</style>
-->
</head>
<body>
<div align="center"><center>
<h1 class="fore">When to load CSS</h1>
<table border="0" cellspacing="5" width="100%" bgcolor="#F2F2FF">
<tr>
<td><p align="left"><font color="#000080" size="5" face="Tahoma"><strong>Large HTML page
with Images</strong></font></td>
</tr>
</table>
</center></div>
<hr>
<p><strong><small><font face="Verdana">This page shall test if the recorder generates
scripts with requests in correct order. It includes images in sequential order: stadyn_image1.gif
through stadyn_image10.gif</font></small></strong></p>
<hr>
<p><img src="stadyn_image1.gif" width="70" height="70" alt="stadyn_image1.gif (6512 bytes)"><br>
stadyn_image1</p>
<p><img src="stadyn_image2.gif" width="70" height="70" alt="stadyn_image2.gif (5983 bytes)"><br>
stadyn_image2</p>
<p align="center"><b><font SIZE="6">Open Financial Exchange<br>
Specification 1.0</font></b> </p>
<p align="center"><b><font SIZE="2">February 14, 1997<br>
</font></b></p>
<p align="center"><b><font SIZE="2">© 1997 CheckFree Corp., Intuit Inc., Microsoft Corp.
All rights reserved<br>
<br>
<br>
</font></b></p>
<p align="center"><i><b><font SIZE="5">Chapters 1 - 10<br>
<br>
<br>
<br>
<br>
</font></b></i></p>
<h1><img src="stadyn_image3.gif" width="70" height="70" alt="stadyn_image3.gif (6537 bytes)"><br>
<font SIZE="5">stadyn_image3</font></h1>
<h1><img src="stadyn_image4.gif" width="70" height="70" alt="stadyn_image4.gif (6028 bytes)"><br>
stadyn_image4</h1>
<p><img src="stadyn_image5.gif" width="70" height="70" alt="stadyn_image5.gif (4068 bytes)"><br>
stadyn_image5</p>
<p> </p>
<p> </p>
<h1><a NAME="_Toc371408167"><font SIZE="5">Contents</font></a></h1>
<p>1. Overview 51.1 Introduction 51.1.1 Design Principles 51.2 Open Financial Exchange at
a Glance 71.2.1 Data Transport 71.2.2 Request and Response Model 81.3 Conventions 92.
Structure 102.1 HTTP Headers 102.2 Open Financial Exchange Headers 112.2.1 The Meaning of
Version Numbers 122.3 SGML Details 122.3.1 Compliance 122.3.2 Special Characters 122.4
Open Financial Exchange SGML Structure 132.4.1 Overview 132.4.2 Top Level 132.4.3 Messages
132.4.4 Message Sets and Version Control 142.4.5 Transactions 152.5 The Signon Message Set
162.5.1 Signon <SONRQ> <SONRS> 162.5.2 PIN Change <PINCHRQ>
<PINCHRS> 192.5.3 Examples 202.6 External Data Support 202.7 Extensions to Open
Financial Exchange 213. Common Aggregates, Elements, and Data Types 223.1 Common
Aggregates 223.1.1 Identifying Financial Institutions and Accounts 223.1.2 Balance Records
<BAL> 223.1.3 Error Reporting <STATUS> 233.2 Common Elements 243.2.1 Financial
Institution Transaction ID <FITID> 243.2.2 Server-Assigned ID <SRVRTID>
243.2.3 Client-Assigned Transaction UID <TRNUID> 253.2.4 Token <TOKEN> 253.2.5
Transaction Amount <TRNAMT> 253.2.6 Memo <MEMO> 253.2.7 Date Start and Date
End <DTSTART> <DTEND> 263.3 Common data types 263.3.1 Dates and Times 263.3.2
Amounts, Prices, and Quantities 283.3.3 Language 283.3.4 Basic data types 284. Security
294.1 Security Solutions 294.1.1 Determining Security Levels <OFXSEC>
<TRANSPSEC> 294.2 Channel-Level Security 304.2.1 Security Requirements 304.2.2 Using
SSL 3.0 in Open Financial Exchange 304.3 Application-Level Security 314.3.1 Requirements
for Application-Layer Security 314.3.2 Using Application-level Encryption in Open
Financial Exchange 325. International Support 335.1 Language and Encoding 335.2 Currency
<CURDEF> <CURRENCY> <ORIGCURRENCY> 335.3 Country-Specific Tag Values
346. Data Synchronization 356.1 Overview 356.2 Background 356.3 Data Synchronization
Approach 366.4 Data Synchronization Specifics 376.5 Conflict Detection and Resolution
396.6 Synchronization vs. Refresh 406.7 Typical Server Architecture for Synchronization
416.8 Typical Client Processing of Synchronization Results 436.9 Simultaneous Connections
446.10 Synchronization Alternatives 446.10.1 Lite Synchronization 446.10.2 Relating
Synchronization and Error Recovery 456.11 Examples 467. FI Profile 487.1 Overview 487.1.1
Message Sets 487.1.2 Version Control 497.1.3 Batching and Routing 497.2 Profile Request
507.3 Profile Response 517.3.1 Message Set 527.3.2 Signon Realms 537.3.3 Status Codes
537.4 Profile Message Set Profile Information 548. Activation & Account Information
558.1 Overview 558.2 Approaches to User Sign-Up with Open Financial Exchange 558.3 Users
and Accounts 568.4 Enrollment and Password Acquisition <ENROLLRQ> <ENROLLRS>
568.4.1 User IDs 578.4.2 Enrollment Request 578.4.3 Enrollment Response 598.4.4 Enrollment
Status Codes 598.4.5 Examples 608.5 Account Information 608.5.1 Request <ACCTINFORQ>
618.5.2 Response <ACCTINFORS> 618.5.3 Account Information Aggregate <ACCTINFO>
628.5.4 Status Codes 628.5.5 Examples 638.6 Service Activation 638.6.1 Activation Request
and Response 648.6.2 Service Activation Synchronization 668.6.3 Examples 668.7 Name and
Address Changes <CHGUSERINFORQ> <CHGUSERINFORS> 678.7.1 <CHGUSERINFORQ>
678.7.2 <CHGUSERINFORS> 688.7.3 Status Codes 688.8 Signup Message Set Profile
Information 699. Customer to FI Communication 709.1 The E-Mail Message Set 709.2 E-Mail
Messages 709.2.1 Regular vs. Specialized E-Mail 719.2.2 Basic <MAIL> Aggregate
719.2.3 E-Mail <MAILRQ> <MAILRS> 719.2.4 E-Mail Synchronization
<MAILSYNCRQ> <MAILSYNCRS> 729.2.5 Example 739.3 Get HTML Page 749.3.1 MIME Get
Request and Response <GETMIMERQ> <GETMIMERS> 749.3.2 Example 759.4 E-Mail
Message Set Profile Information 7610. Recurring Transactions 7710.1 Creating a Recurring
Model 7710.2 Recurring Instructions <RECURRINST> 7710.2.1 Values for <FREQ>
7810.2.2 Examples 7910.3 Retrieving Transactions Generated by a Recurring Model 8010.4
Modifying and Canceling Individual Transactions 8010.5 Modifying and Canceling Recurring
Models 8010.5.1 Examples 81
<ol>
<li><a NAME="_Toc380493239"><font SIZE="6" FACE="Arial">Overview</font></a> </li>
<li><a NAME="_Toc380493240"><font SIZE="5" FACE="Arial">Introduction</font></a> </li>
</ol>
<p><font SIZE="2">Open Financial Exchange is a broad-based framework for exchanging
financial data and instructions between customers and their financial institutions. It
allows institutions to connect directly to their customers without requiring an
intermediary. <br>
<br>
</font></p>
<p><font SIZE="2">Open Financial Exchange is an open specification that anyone can
implement: any financial institution, transaction processor, software developer or other
party. It uses widely accepted open standards for data formatting (such as SGML),
connectivity (such as TCP/IP and HTTP), and security (such as SSL).</font> </p>
<p><font SIZE="2">Open Financial Exchange defines the request and response messages used
by each financial service as well as the common framework and infrastructure to support
the communication of those messages. This specification does not describe any specific
product implementation.</font>
<ol>
<li><a NAME="_Toc380493241"><font SIZE="4" FACE="Arial">Design Principles</font></a> </li>
</ol>
<p><font SIZE="2">The following principles were used in designing Open Financial Exchange:</font>
</p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><font SIZE="2"
FACE="Arial"><b>Broad</b> <b>Range of Financial Activities</b></font><font SIZE="2"> -
Open Financial Exchange provides support for a <i><b>broad</b></i> range of financial
activities. Open Financial Exchange 1.0 specifies the following services:</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Bank statement download</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Credit card statement download</font>
</p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Funds transfers including
recurring transfers</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Consumer payments, including
recurring payments</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Business payments, including
recurring payments</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Brokerage and mutual fund
statement download, including transaction history, current holdings and balances</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><font SIZE="2"
FACE="Arial"><b>Broad</b> <b>Range of Financial Institutions</b></font><font SIZE="2"> -
Open Financial Exchange supports communication with a <i><b>broad</b></i> range of
financial institutions (FIs), including:</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Banks</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Brokerage houses</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Merchants</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Processors</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Financial advisors</font> </p>
<p><font SIZE="1" FACE="Wingdings">n</font><font SIZE="2"> Government agencies</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><font SIZE="2"
FACE="Arial"><b>Broad</b> <b>Range of Front-End applications</b></font><font SIZE="2"> -
Open Financial Exchange supports a <i><b>broad </b></i>range of front-end applications
covering all types of financial activities running on all types of platforms, including
Web-based applications.</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><b><font SIZE="2"
FACE="Arial">Extensible</font></b><font SIZE="2"> - Open Financial Exchange has been
designed to allow the easy addition of new services. Future versions will include support
for many new services.</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><b><font SIZE="2"
FACE="Arial">Open</font></b><font SIZE="2"> - This specification is publicly available.
You can build client and server applications using the Open Financial Exchange protocols
independent of any specific technology, product, or company.</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><b><font SIZE="2"
FACE="Arial">Multiple Client Support</font></b><font SIZE="2"> - Open Financial Exchange
allows a user to use multiple client applications to access the same data at a financial
institution. With the popularity of the World Wide Web, customers are increasingly more
likely to use multiple applications-either desktop-based or Web-based-to perform financial
activities. For example, a customer can track personal finances at home with a desktop
application and occasionally pay bills while at work with a Web-based application. The use
of data synchronization to support multiple clients is a key innovation in Open Financial
Exchange.</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><b><font SIZE="2"
FACE="Arial">Robust</font></b><font SIZE="2"> - Open Financial Exchange will be used for
executing important financial transactions and for communicating important financial
information. Assuring users that transactions are executed and information is correct is
crucial. Open Financial Exchange provides robust protocols for error recovery.</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><b><font SIZE="2"
FACE="Arial">Secure</font></b><font SIZE="2"> - Open Financial Exchange provides a
framework for building secure online financial services. In Open Financial Exchange,
security encompasses authentication of the parties involved, as well as secrecy and
integrity of the information being exchanged.</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><b><font SIZE="2"
FACE="Arial">Batch & Interactive</font></b><font SIZE="2"> - The design of request and
response messages in Open Financial Exchange is for use in either batch or interactive
style of communication. Open Financial Exchange provides for applying a single
authentication context to multiple requests in order to reduce the overhead of user
authentication.</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><b><font SIZE="2"
FACE="Arial">International</font></b><font SIZE="2"> </font><b><font SIZE="2" FACE="Arial">Support</font></b><font
SIZE="2"> - Open Financial Exchange is designed to supply financial services throughout
the world. It supports multiple currencies, country-specific extensions, and different
forms of encoding such as UNICODE.</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><b><font SIZE="2"
FACE="Arial">Platform Independent</font></b><font SIZE="2"> -Open Financial Exchange can
be implemented on a wide variety of front-end client devices, including those running
Windows 3.1, Windows 95, Windows NT, Macintosh, or UNIX. It also supports a wide variety
of Web-based environments, including those using HTML, Java, JavaScript, or ActiveX.
Similarly on the back-end, Open Financial Exchange can be implemented on a wide variety of
server systems, including those running UNIX, Windows NT, or OS/2.</font> </p>
<p><font SIZE="1" FACE="Wingdings">l</font><font SIZE="2"> </font><b><font SIZE="2"
FACE="Arial">Transport Independent</font></b><font SIZE="2"> - Open Financial Exchange is
independent of the data communication protocol used to transport the messages between the
client and server computers. Open Financial Exchange 1.0 will use HTTP.</font>
<ol>
<li><font SIZE="5" FACE="Arial"><a NAME="_Toc380493242">Open Financial Exchange </a>at a
Glance</font> </li>
</ol>
<p><font SIZE="2">The design of Open Financial Exchange is as a client and server system.
An end-user uses a client application to communicate with a server at a financial
institution. The form of communication is requests from the client to the server and
responses from the server back to the client.</font> </p>
<p><font SIZE="2">Open Financial Exchange uses the Internet Protocol (IP) suite to provide
the communication channel between a client and a server. IP protocols are the foundation
of the public Internet and a private network can also use them.</font>
<ol>
<li><a NAME="_Toc380493243"><font SIZE="4" FACE="Arial">Data Transport</font></a> </li>
</ol>
<p><font SIZE="2">Clients use the HyperText Transport Protocol (HTTP) to communicate to an
Open Financial Exchange server. The World Wide Web throughout uses the same HTTP protocol.
In principle, a financial institution can use any off-the-shelf web server to implement
its support for Open Financial Exchange.</font> </p>
<p><font SIZE="2">To communicate by means of Open Financial Exchange over the Internet,
the client must establish an Internet connection. This connection can be a dial-up
Point-to-Point Protocol (PPP) connection to an Internet Service Provider (ISP) or a
connection over a local area network that has a gateway to the Internet.</font> </p>
<p><font SIZE="2">Clients use the HTTP POST command to send a request to the previously
acquired Uniform Resource Locator (URL) for the desired financial institution. The URL
presumably identifies a Common Gateway Interface (CGI) or other process on an FI server
that can accept Open Financial Exchange requests and produce a response.</font> </p>
<p><font SIZE="2">The POST identifies the data as being of type application/x-ofx. Use
application/x-ofx as the return type as well. Fill in other fields per the HTTP 1.0 spec.
Here is a typical request:</font> </p>
<pre>
<font SIZE="1">POST http://www.fi.com/ofx.cgi HTTP/1.0
User-Agent:MyApp 5.0
Content-Type: application/x-ofx
Content-Length: 1032
OFXHEADER:100
</font><font
SIZE="2">DATA:OFXSGML
VERSION:100
SECURITY:1
ENCODING:USASCII
<OFX>
... Open Financial Exchange requests ...
</OFX></font>
</pre>
<p><font SIZE="2">A blank line defines the separation between the HTTP headers and the
start of the actual Open Financial Exchange data. A blank line also separates the Open
Financial Exchange headers and the actual response. (See Chapter 2, for more information.)</font>
</p>
<p><font SIZE="2">The structure of a response is similar to the request, with the first
line containing the standard HTTP result, as shown next. The content length is given in
bytes.</font> </p>
<pre>
<font SIZE="1">HTTP 1.0 200 OK
Content-Type: application/x-ofx
Content-Length: 8732
OFXHEADER:100
</font><font
SIZE="2">DATA:OFXSGML
VERSION:100
SECURITY:1
ENCODING:USASCII
<OFX>
... Open Financial Exchange responses ...
</OFX></font>
</pre>
<ol>
<li><font SIZE="4" FACE="Arial"><a NAME="_Toc380493244">Request and Response</a> Model</font>
</li>
</ol>
<p><font SIZE="2">The basis for Open Financial Exchange is the request and response model.
One or more requests can be batched in a single file. This file typically includes a
signon request and one or more service-specific requests. An FI server will process all of
the requests and return a single response file. This batch model lends itself to Internet
transport as well as other off-line transports. Both requests and responses are plain text
files, formatted using a grammar based on Standard Generalized Markup Language (SGML).
Open Financial Exchange is syntactically similar to HyperText Markup Language (HTML),
featuring tags to identify and delimit the data. The use of a tagged data format allows
Open Financial Exchange to evolve over time while continuing to support older clients and
servers.</font> </p>
<p><font SIZE="2">Here is a simplified example of an Open Financial Exchange request file.
(This example does not show the Open Financial Exchange headers and the indentation is
only for readability.) For complete details, see the more complete examples throughout
this specification.</font> </p>
<p><OFX> <!-- Begin request data --> <SIGNONMSGSRQV1> <SONRQ>
<!-- Begin signon --> <DTCLIENT>19961029101000 <!-- Oct. 29, 1996, 10:10:00
am --> <USERID>123-45-6789 <!-- User ID (that is, SSN) -->
<USERPASS>MyPassword <!-- Password (SSL encrypts whole) -->
<LANGUAGE>ENG <!-- Language used for text --> <FI> <!-- ID of
receiving institution --> <ORG>NCH <!-- Name of ID owner -->
<FID>1001 <!-- Actual ID --> </FI> <APPID>MyApp <APPVER>0500
</SONRQ> <!-- End of signon --> </SIGNONMSGSRQV1> <BANKMSGSRQV1>
<STMTTRNRQ> <!-- First request in file --> <TRNUID>1001 <STMTRQ>
<!-- Begin statement request --> <BANKACCTFROM> <!-- Identify the account
--> <BANKID>121099999 <!-- Routing transit or other FI ID -->
<ACCTID>999988 <!-- Account number --> <ACCTTYPE>CHECKING <!--
Account type --> </BANKACCTFROM> <!-- End of account ID --> <INCTRAN>
<!-- Begin include transaction --> <INCLUDE>Y <!-- Include transactions
--> </INCTRAN> <!-- End of include transaction --> </STMTRQ> <!--
End of statement request --> </STMTTRNRQ> <!-- End of first request -->
</BANKMSGSRQV1></OFX> <!-- End of request data --><font SIZE="2">The
response format follows a similar structure. Although a response such as a statement
response contains all of the details of each transaction, each element is identified using
tags.</font> </p>
<p><font SIZE="2">The key rule of Open Financial Exchange syntax is that each tag is
either an element or an aggregate. Data follows its element tag. An aggregate tag begins a
compound tag sequence, which must end with a matching tag; for example, <AGGREGATE>
... </AGGREGATE>. </font></p>
<p><font SIZE="2">The actual file Open Financial Exchange sends is without any extra white
space between tags.</font>
<ol>
<li><a NAME="_Toc380493245"><font SIZE="5" FACE="Arial">Conventions</font></a> </li>
</ol>
<p><font SIZE="2">The conventions used in the detailed descriptions include: </font>
<ul>
<li><font SIZE="2">Required tags are in <b>bold</b>. Regular face indicates tags that are
optional. Required means that a client will always include a tag in a request, and a
server must always include a tag in a response.</font> </li>
<li><font SIZE="2"><i>Italic </i>shows a required or optional aggregate from a set of
possible aggregates. </font></li>
<li><font SIZE="2">Required tags occur once unless noted as one or more in the description,
in which case the specification allows multiple occurrences. </font></li>
<li><font SIZE="2">Optional tags occur once if present unless noted as zero or more in the
description, in which case the specification allows multiple occurrences.</font> </li>
<li><font SIZE="2">Allowable specific values are listed, where applicable.</font> </li>
<li><font SIZE="2">A-<i>n</i> or N-<i>n</i>, specify those values that take general
alphanumeric or pure numeric type values, where <i>n</i> indicates the maximum size. </font></li>
<li><font SIZE="2">References to certain common value types, such as a dollar amount, are by
name. Chapter 3 lists value types that can be referenced by name.</font> </li>
</ul>
<table BORDER="1">
<tr>
<td BGCOLOR="#000000" WIDTH="162"><i><font SIZE="1">Tag</font></i> </td>
<td BGCOLOR="#000000" WIDTH="336"><i><font SIZE="2">Description</font></i> </td>
</tr>
<tr>
<td WIDTH="162"><b><font SIZE="1"><REQUIREDTAG></font></b> </td>
<td WIDTH="336"><font SIZE="2">Required tag (1 or more)</font> </td>
</tr>
<tr>
<td WIDTH="162"><b><font SIZE="1"><REQUIREDTAG2></font></b> </td>
<td WIDTH="336"><font SIZE="2">Required tag that occurs only once </font></td>
</tr>
<tr>
<td WIDTH="162"><font SIZE="1"><OPTIONALTAG> </font></td>
<td WIDTH="336"><font SIZE="2">Optional tag; this particular one can occur multiple times
(0 or more) </font></td>
</tr>
<tr>
<td WIDTH="162"><font SIZE="1"><SPECIFIC></font></td>
<td WIDTH="336"><font SIZE="2">Values are A, B, and C</font> </td>
</tr>
<tr>
<td WIDTH="162"><font SIZE="1"><ALPHAVALUE></font></td>
<td WIDTH="336"><font SIZE="2">Takes an alphanumeric value up to 32 characters,<i> A-32</i></font>
</td>
</tr>
</table>
<ol>
<li><a NAME="_Toc380493246"><font SIZE="6" FACE="Arial">Structure</font></a> </li>
</ol>
<p><font SIZE="2">This chapter describes the basic structure of an Open Financial Exchange
request and response. Structure includes headers, basic syntax, and the Signon request and
response. This chapter also describes how Open Financial Exchange encodes external data,
such as bit maps.</font> </p>
<p><font SIZE="2">Open Financial Exchange data consists of some headers plus one or more
Open Financial Exchange data blocks. Each block consists of a signon message and zero or
more additional messages. When sent over the internet using HTTP, standard HTTP and
multi-part MIME headers and formats surround the Open Financial Exchange data. A simple
file that contained only Open Financial Exchange data would have the following form:</font>
</p>
<pre>
<font SIZE="1">HTTP headers
MIME type application/x-ofx
Open Financial Exchange headers
Open Financial Exchange SGML block 1</font>
</pre>
<p><font SIZE="2">A more complex file that contained multiple Open Financial Exchange data
blocks and additional Open Financial Exchange data would have this form:</font> </p>
<pre>
<font SIZE="1">HTTP headers
MIME type multipart/x-mixed-replace; boundary =--boundary-
---boundary---
MIME type application/x-ofx
</font><font
SIZE="2"> Open Financial Exchange headers
Open Financial Exchange SGML block 1
Open Financial Exchange SGML block 2
---boundary---
MIME type image/jpeg
FI logo</font>
</pre>
<ol>
<li><a NAME="_Toc380493247"><font SIZE="5" FACE="Arial">HTTP Headers</font></a> </li>
</ol>
<p><font SIZE="2">Data delivered by way of HTTP places the standard HTTP result code on
the first line. HTTP defines a number of status codes. Servers can return any standard
HTTP result. However, FIs should expect clients to collapse these codes into the following
three cases:</font> </p>
<table BORDER="1">
<tr>
<td BGCOLOR="#000000" WIDTH="84"><i><font SIZE="1">Code</font></i> </td>
<td BGCOLOR="#000000" WIDTH="96"><i><font SIZE="2">Meaning</font></i> </td>
<td BGCOLOR="#000000" WIDTH="312"><i><font SIZE="2">Action</font></i> </td>
</tr>
<tr>
<td WIDTH="84"><font SIZE="1">200</font></td>
<td WIDTH="96"><font SIZE="2">OK</font> </td>
<td WIDTH="312"><font SIZE="2">The request was processed and a valid Open Financial
Exchange result is returned.</font> </td>
</tr>
<tr>
<td WIDTH="84"><font SIZE="1">400s</font></td>
<td WIDTH="96"><font SIZE="2">Bad request</font> </td>
<td WIDTH="312"><font SIZE="2">The request was invalid and was not processed. Clients will
report an internal error to the user.</font> </td>
</tr>
<tr>
<td WIDTH="84"><font SIZE="1">500s</font></td>
<td WIDTH="96"><font SIZE="2">Server error</font> </td>
<td WIDTH="312"><font SIZE="2">The server is unavailable. Clients should advise the user
to retry shortly.</font> </td>
</tr>
</table>
<p><i><b>NOTE:</b> Open Financial Exchange returns a code 400 only if it cannot parse the
file. Open Financial Exchange handles content errors such as wrong PIN, or invalid
account, by returning a valid Open Financial Exchange response along with code 200.</i> </p>
<p>Open Financial Exchange requires the following HTTP standard headers: </p>
<table BORDER="1">
<tr>
<td BGCOLOR="#000000" WIDTH="84"><i><font SIZE="1">Code</font></i> </td>
<td BGCOLOR="#000000" WIDTH="96"><i><font SIZE="2">Value</font></i> </td>
<td BGCOLOR="#000000" WIDTH="312"><i><font SIZE="2">Explanation</font></i> </td>
</tr>
<tr>
<td WIDTH="84"><font SIZE="1">Content-type</font></td>
<td WIDTH="96"><font SIZE="2">application/x-ofx</font> </td>
<td WIDTH="312"><font SIZE="2">The MIME type for Open Financial Exchange</font> </td>
</tr>
<tr>
<td WIDTH="84"><font SIZE="1">Content-length</font></td>
<td WIDTH="96"><font SIZE="2">length</font> </td>
<td WIDTH="312"><font SIZE="2">Length of the data after removing HTTP headers</font> </td>
</tr>
</table>
<pre>
</pre>
<p><font SIZE="2">When responding with multi-part MIME, the main type will be
multi-part/x-mixed-replace; <br>
one of the parts will use application/x-ofx.</font>
<ol>
<li><a NAME="_Toc380493248"><font SIZE="5" FACE="Arial">Open Financial Exchange Headers</font></a>
</li>
</ol>
<p><font SIZE="2">The intent of Open Financial Exchange is for use with a variety of
transports and to provide sufficient version control capabilities for future expansion. To
support this goal, the contents of an Open Financial Exchange file consist of a simple set
of headers followed by contents defined by that header. "File format" means the
entire content after removal of any transport headers. The HTTP transport described in
this document, means without the HTTP and MIME headers.</font> </p>
<p><font SIZE="2">The Open Financial Exchange headers are in a simple <i>tag:value</i>
syntax and terminated by a blank line. Open Financial Exchange always sends headers
unencrypted, even if there is application-level encryption in use for the remaining
contents. The first entry will always be OFXHEADER with a version number. This entry will
help identify the contents as an Open Financial Exchange file, and provides the version of
the Open Financial Exchange headers that follow (not of the content itself). For example:</font>
</p>
<pre>
<font SIZE="1">OFXHEADER:100</font>
</pre>
<p><font SIZE="2">This document defines version 1.0 of the headers to contain at least the
following additional tags:</font> </p>
<pre>
<font SIZE="1">DATA:OFXSGML
VERSION:100
SECURITY:
ENCODING:
</font><font SIZE="2">CHARSET:
COMPRESSION:
OLDFILEUID:
NEWFILEUID:</font>
</pre>
<p><font SIZE="2">The data tag identifies the contents as being in OFX SGML form. VERSION
identifies the version type as OFXSGML data. In the case of OFXSGML, it translates to the
version of the Document Type Definition (DTD) that it uses for parsing. The ENCODING and
CHARSET tags define the interpretation of the character data. See Chapter 5,
"International Support" for more information on these tags. Chapter 4 describes
the security tag. A future version of this specification will define compression.</font> </p>
<p><font SIZE="2">Open Financial Exchange uses OLDFILEUID and NEWFILEUID to support error
recovery. They are not present when clients are not requesting error recovery. (See
Chapter 6, "Data Synchronization")</font> </p>
<p><font SIZE="2">A blank line follows the last tag. Then (for type OFXSGML), the
SGML-readable data begins with the <OFX> tag.</font> </p>
<p><font SIZE="2"><i><b>NOTE:</b> Here, VERSION provides the overall version of the DTD.
The <OFX> block describes the specific message set versions used, shown later in
this chapter.</i></font>
<ol>
<li><a NAME="_Toc380493249"><font SIZE="4" FACE="Arial">The Meaning of Version Numbers</font></a>
</li>
</ol>
<p><font SIZE="2">The OFXHEADER value should only change its major number if an existing
client is unable to process the new header. This can occur because of a complete syntax
change in a header, or a significant change in the semantics of an existing tag-not the
entire response. You can add new tags as long as clients can function without
understanding them.</font> </p>
<p><font SIZE="2">You should add new values for a data tag only when you introduce an
entirely new syntax. In the case of OFXSGML, a new syntax would have to be non-SGML
compliant to warrant a new data value. It is possible that there will be more than one
syntax in use at the same time to meet different needs.</font> </p>
<p><font SIZE="2">The intent of the header version tag is to identify syntactic changes.
In the case of OFXSGML, this corresponds to the DTD. Purely for identification purposes,
each change will increment the minor number of the version tag. If you introduce an
incompatible change so that an older DTD can not parse the file, the major number will
change. See the general discussion of message sets and version control, later in this
chapter.</font>
<ol>
<li><a NAME="_Toc380493250"><font SIZE="5" FACE="Arial">SGML Details</font></a> </li>
<li><a NAME="_Toc380493251"><font SIZE="4" FACE="Arial">Compliance</font></a> </li>
</ol>
<p><font SIZE="2">SGML is the basis for Open Financial Exchange. There is a DTD that
formally defines the SGML wire format. However, Open Financial Exchange is not completely
SGML-<i>compliant</i> because the specification allows unrecognized tags to be present. It
requires clients and servers to skip over the unrecognized material. That is, if
<XYZ>qqq</XYZ> appeared and a client or server cannot recognize <XYZ>,
the server should ignore that tag and its enclosed data. A fully-compliant SGML parser
would not <i>validate</i> an Open Financial Exchange document if it contained any tags
that the DTD does not define.</font> </p>
<p><font SIZE="2">Although SGML is the basis for the specification, and the specification
is largely compliant with SGML, do not assume Ope