Subject: Re: [ebxml-dev] signed acknowledgement - BSI's role?
As this question has been raised, I want to add to the question.
I agree sending receipt acknowledgement is the responsibility of MSH but is it also true that creation of the ack automatically is MSH's responsibility. From what Patrick has asked I get a picture that Acknowledgements are 'traded' just between the MSH at both ends.
As a layer above MSH in the ebXML stack, a BSI may want to alter the ack before sending (say) to state the reason for negative ack. (the <FreeFormText> element in the standard ReceiptAcknowledgement dtd could be used). Similarly the BSI wants to receive the ack in order to (say) send a separate "Notification of failure" in case of a -ve ack which is treated as a business protocol exception by the BSI.
All in all, doesn't the BSI play a role in sending/receiving Acknowledgements - whether Receipt or Acceptance?
And if BSI does play a role, the key/passwd per appln need not necessarily be stored in MSH keystore.
Patrick Yee wrote:
Dear all, I have a question about messaging service. According to the specification, the sender of a message can request an acknowledgement from the receiver, and optionally, the sender can request that acknowledgement to be signed. Since the acknowledgement sending is done automatically by the MSH, does that imply the MSH should keep the application's private key and password to the keystore for signing automatically? Will that cause any vulnerability problem? Thanks in advance. Regards,-Patrick--
Powered by eList eXpress LLC