Subject: RE: Self Service UML Model changes posted
Trust itself is a challenging proposition. I have been involved in some debates regarding the "trust" issue. Some people disagree who can be trusted, without defining what the criteria is for trust. I strongly believe that in the ideal world, there can be a level of tranparency of WHO the submittor is, and judge them only on the quality of their content. That is why the Quality Assurance Service was introduced in the Business Requirements document. I believe that if you implement in software a check against the metamodel for the types of information that you require in a submission, this can be achieved. The definition of this metamodel is our dependency from the Business Process project team. However, that only works well if there is a requirement on the format of the submissions, which contradicts the "submit anything in any form" business requirement. I think what you looking for is a "prescreen of registrations" use case which is currently missing from the model (thanks). This could be a detailed background check or a simple profile review before they allowed to submit their content. Yes, we must prevent garbage submissions (spam and the usual sorts popular on the Net). I think we should go the route of requiring a detailed profile to be set up first, a list of potential contributing individuals, and background / intent statement of their use of the "system". Finally, I don't think we have much choice in the BSR topic. There are recommendations in the Core Components project team on the use of the BSR for naming as a requirement. It is going to hit us like a brick wall sooner or later. I prefer to have a stance on it ahead of time. I have prepared a two page document that I can post detailing the changes needed to bring parts of the specification into the "modern world". :-). Perhaps we can post the document, vote, and table the subject forever. It will likely come up in Brussels since it "close to home" if you know what I mean. SCott -----Original Message----- From: Terry Allen [mailto:tallen@sonic.net] Sent: Sunday, March 12, 2000 11:08 AM To: ebxml-regrep@lists.oasis-open.org Subject: RE: Self Service UML Model changes posted Scott wrote: | Self Service implies that the end user is able to add their company | information, pick their username and password, add their content to the | registry and repository, and classify it themselves. The more that the end | user is able to do for themselves, the total cost for administration is | reduced. | | The fundamental reason why I am being explicit in this statement, is that | ISO 11179 seems to indicate that the registration authority is responsible | for that work effort. Also "traditional" standards processes typically have | a secretariat (registration authority) that is responsible for adding | information to the standards database (repository). This has come up in connection with the proposed XML.org implementation. It seems to me that the user has to be approved by the RA before actually adding anything. After approval, for some registries and repositories, the user could be trusted to input content. Certainly an initial classification by the user would be useful (although the RA may want to override it - not everyone understands a given classification scheme the same way). As for choosing username and password, there has to be some loop whereby the registry interface can say "that's already taken". Mostly, it depends on what the purpose of the registry and repository is, and who the approved users are. If we went completely self- service we'd have a load of hackers using the repository for virii in no time. For ebxml purposes, a layer of RA screening of users could be enough to allow almost everything else to be self-service, I agree. ... | In addition, I had the opportunity to read the recent ISO Basic Semantic | Register (BSR) documents at the TMWG meeting, and their BSR concept included | a highly bureaucratic process with this god-like registration authority | adding and rejecting submissions at their discretion. (I won't even go down | the path of how pathetic the current BSU specification is constructed.) It | must be clearly communicated that we do NOT want a rigid process. Yeah, let's not get into the BSR at all ... regards, Terry
Powered by
eList eXpress LLC