ebxml-regrep message

OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

Subject: RE: Self Service UML Model changes posted

Trust itself is a challenging proposition.  I have been involved in some
debates regarding the "trust" issue.  Some people disagree who can be
trusted, without defining what the criteria is for trust.  I strongly
believe that in the ideal world, there can be a level of tranparency of WHO
the submittor is, and judge them only on the quality of their content.  That
is why the Quality Assurance Service was introduced in the Business
Requirements document.  I believe that if you implement in software a check
against the metamodel for the types of information that you require in a
submission, this can be achieved.  The definition of this metamodel is our
dependency from the Business Process project team.  However, that only works
well if there is a requirement on the format of the submissions, which
contradicts the "submit anything in any form" business requirement.

I think what you looking for is a "prescreen of registrations" use case
which is currently missing from the model (thanks).  This could be a
detailed background check or a simple profile review before they allowed to
submit their content.  Yes, we must prevent garbage submissions (spam and
the usual sorts popular on the Net).  I think we should go the route of
requiring a detailed profile to be set up first, a list of potential
contributing individuals, and background / intent statement of their use of
the "system".  

Finally, I don't think we have much choice in the BSR topic.  There are
recommendations in the Core Components project team on the use of the BSR
for naming as a requirement.  It is going to hit us like a brick wall sooner
or later.  I prefer to have a stance on it ahead of time.  I have  prepared
a two page document that I can post detailing the changes needed to bring
parts of the specification into the "modern world". :-).   Perhaps we can
post the document, vote, and table the subject forever.  It will likely come
up in Brussels since it "close to home" if you know what I mean.


-----Original Message-----
From: Terry Allen [mailto:tallen@sonic.net]
Sent: Sunday, March 12, 2000 11:08 AM
To: ebxml-regrep@lists.oasis-open.org
Subject: RE: Self Service UML Model changes posted

Scott wrote:
| Self Service implies that the end user is able to add their company
| information, pick their username and password, add their content to the
| registry and repository, and classify it themselves.  The more that the
| user is able to do for themselves, the total cost for administration is
| reduced.  
| The fundamental reason why I am being explicit in this statement, is that
| ISO 11179 seems to indicate that the registration authority is responsible
| for that work effort.  Also "traditional" standards processes typically
| a secretariat (registration authority) that is responsible for adding
| information to the standards database (repository).  

This has come up in connection with the proposed XML.org implementation.
It seems to me that the user has to be approved by the RA before actually
adding anything.  After approval, for some registries and repositories,
the user could be trusted to input content.  Certainly an initial
classification by the user would be useful (although the RA may want
to override it - not everyone understands a given classification 
scheme the same way).

As for choosing username and password, there has to be some loop
whereby the registry interface can say "that's already taken".

Mostly, it depends on what the purpose of the registry and repository
is, and who the approved users are.  If we went completely self-
service we'd have a load of hackers using the repository for virii
in no time.  For ebxml purposes, a layer of RA screening of users
could be enough to allow almost everything else to be self-service,
I agree.

| In addition, I had the opportunity to read the recent ISO Basic Semantic
| Register (BSR) documents at the TMWG meeting, and their BSR concept
| a highly bureaucratic process with this god-like registration authority
| adding and rejecting submissions at their discretion. (I won't even go
| the path of how pathetic the current BSU specification is constructed.)
| must be clearly communicated that we do NOT want a rigid process.

Yeah, let's not get into the BSR at all ...

regards, Terry

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Search: Match: Sort by:
Words: | Help

Powered by eList eXpress LLC