OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-regrep message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Re: TP EDI Enabled ?




David RR Webber wrote:

> That I believe would violate the current TA spec's - where all content in
> the registry is public domain - and where companies are expected to
> keep trading partner and confidential agreement information anywhere
> they like EXCEPT in the Registry!
>>>>>>>
David:

I recall that this implementation detail was removed from the TA spec
with an implicit understanding that this would be left to individual
implementations of Registry Services.  Our discussion, as I recall it,
was centered around the fact that only SO's can determine whether or not
the information they wish to place in a Repository is considered
confidential business information.  Therefore,  the onus was left to
them to determine if it is desireable or represents a risk to place such
info in a Registry Index.

I think that we did stipulate that the RA shall publish its' security
details and policies.

I guess the ball for this is in the RegRep groups hands now.

Duane Nickull


 
> There are obviously severe legal and liability issues if this is not the
> case.
> 
> While the security server mechanisms may be part of ebXML
> implementation I'm seeing this as a separate component to
> ensure clear legal separation.
> 
> The registry may interact with the security server, and vice versa,
> and of course individual organizations will host their own security
> server - and therein lies the implementation key - if it is on your
> system its your responsiblity.
> 
> Thanks, DW.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Search: Match: Sort by:
Words: | Help


Powered by eList eXpress LLC