Interfacing with online bank
Mon, 24 Jul 2000 11:18:28 -0400
Dave Peticolas wrote:
> I think you are right, except that OFX is SGML.
The 2.0 proposal mandates XML (and HTTPS). I'm under the impression the
DTD's for earlier versions are "close-enough" to XML. Unfortunately my
copies of the docs are at home. Will verify later tonight.
> There are existing tools (OpenSSL, Curl) that we could use instead of
> writing our own to do the communication.
I'm under the, possible mistaken, assumption that most https servers, at
least those most likely to be used by a financial institution, use
SSLv2. SSLv2 is dependent on RSA which has licensing issues in the USA.
The general US crypto laws also apply/applied to plugin or stub
architectures that allow dropin crypto modules. I am aware that US
Crypto restrictions are easing and that financial/banking software has
some further dispensation.
I have some hazy idea that the OFX interface can be coded as a GNOME
(CORBA) component data source independent of a specific client. I
believe this sidesteps the plugin restrictions, but IANAL.