Subject: Re: TP EDI Enabled ?
David RR Webber wrote: > That I believe would violate the current TA spec's - where all content in > the registry is public domain - and where companies are expected to > keep trading partner and confidential agreement information anywhere > they like EXCEPT in the Registry! >>>>>>> David: I recall that this implementation detail was removed from the TA spec with an implicit understanding that this would be left to individual implementations of Registry Services. Our discussion, as I recall it, was centered around the fact that only SO's can determine whether or not the information they wish to place in a Repository is considered confidential business information. Therefore, the onus was left to them to determine if it is desireable or represents a risk to place such info in a Registry Index. I think that we did stipulate that the RA shall publish its' security details and policies. I guess the ball for this is in the RegRep groups hands now. Duane Nickull > There are obviously severe legal and liability issues if this is not the > case. > > While the security server mechanisms may be part of ebXML > implementation I'm seeing this as a separate component to > ensure clear legal separation. > > The registry may interact with the security server, and vice versa, > and of course individual organizations will host their own security > server - and therein lies the implementation key - if it is on your > system its your responsiblity. > > Thanks, DW.
Powered by eList eXpress LLC