Re: Priorities for Vancouver POC

[Farrukh Najmi <Farrukh.Najmi@east.sun.com>]

Excellent point Scott. One cannot do Authentication and Authorization without
the ability to send a signed message as well as signed payload, for example.

--

Regards,
Farrukh

Scott Hinkelman wrote:

> I believe the security issue for the next POC needs to be demonstrated in
> context of the transport not Registry. Demonstrating security at the
> Registry is similar to
> the application layer and less needed at this point.
>
> We need to demonstrate to the press that a secure messaging layer is
> emerging.
>
> Scott Hinkelman, Senior Software Engineer
> XML Industry Enablement
> IBM e-business Standards Strategy
> 512-823-8097 (TL 793-8097) (Cell: 512-940-0519)
> srh@us.ibm.com, Fax: 512-838-1074
>
> Farrukh Najmi <Farrukh.Najmi@east.sun.com> on 12/01/2000 12:04:27 PM
>
> To:   "Munter, Joel D" <joel.d.munter@intel.com>
> cc:   "'Prasad Yendluri'" <pyendluri@webmethods.com>,
>       ebxml-regrep@lists.ebxml.org
> Subject:  Re: Priorities for Vancouver POC
>
> I strongly agree with Prasad. Ad hoc queries will make our Registry really
> capable.
>
> My priority is:
>
> 1. Ad hoc query.
> 2. Basic Authentication and Authorization
>
> --
>
> Regards,
> Farrukh
>
> "Munter, Joel D" wrote:
>
> > reply:
> >
> > I strongly disagree. I believe that there are many issues yet to be dealt
> > with that are heavily dependent upon a well designed and specified
> security
> > model.  e.g., We have yet to address the security aspects of
> "distributed"
> > registry/repository.  Security must be specified and worked sooner rather
> > than later.
> >
> > In direct contrast, I believe that Ad Hoc query can easily be added
> later.
> >
> > Joel
> >
> > -----Original Message-----
> > From: Prasad Yendluri [mailto:pyendluri@webmethods.com]
> > Sent: Thursday, November 30, 2000 2:06 PM
> > To: ebxml-regrep@lists.ebxml.org
> > Subject: Re: Priorities for Vancouver POC
> >
> > Farrukh,
> >
> > IMHO security (authetication or authorization) is a well understood
> aspect
> > and will easily fall in place anytime.  Enriching the "registry"
> > capabilities should be a priority. Hence I would vote for ad hoc query
> > capability
> >
> > Thanks, Prasad
> >
> > Farrukh Najmi wrote:
> >
> > > In today's POC con call today I was asked to gather input from the
> > > Registry team on our priorities for Registry functionality that should
> > > be implemented and shown for Vancouver. The one guideline we must bear
> > > in mind is that any functionality that we suggest for POC must be
> > > speced.
> > >
> > > According to our phased delivery plan developed at Tokyo, we have the
> > > following new functionality planned for our specs for Release 1
> > > (Vancouver time frame):
> > >
> > > -Registry security (authentication and authorization)
> > > -Ad hoc query capability
> > >
> > > Please share your sense of priorities for what Registry functionality
> > > should be implemented and shown for the Vancouver POC. Please indicate
> > > priority (1 being highre priority than 2).
> > >
> > > --
> > > Regards,
> > > Farrukh
>
> --
> Regards,
> Farrukh

--
Regards,
Farrukh