ebxml-regrep message

OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

Subject: RE: Meeting Notes 02/15/2001

Meeting Notes for 02/15/2001

Joe Dalman- TIE Commerce			Sally Fuger- AIAG
Farrukh Najmi- Sun				Kunio Mizoguchi- ECOM	
Bruno Fifs- CSTB				Jim Martin- Data-Tronics
Scott Hinkelman- IBM			Ken Tamura- Infoteria
Mike Yatchman- Avaya			Kathryn Breininger- Boeing
Lisa Carnahan- NIST				Eugene Van Roessel- WTCM
Chaemee Kim- KTNET			Brian Young- Boeing

Yutaka Yoshida- Sun				Nic-La Stojanovic- Excoda

George Weng- FISC				JP Morgenthal- XML Solutions
Paul Jan Chiang- ICBC			Prasaad Yendluri- Webmethods
Gary Crough- Cyclone			Al Boseman- ATPCO

Meeting started at 9:00 am
Farrukh started by discussing RIM model and the security view on page 33 of
the version 0.55 with the security workgroup.  The security group stated it
is trying to help the different groups identified any risks around security
in their specifications.  Yutaka went on to explain that the repository and
registry are separate and there isn't security defined between the two.  The
discussion went on to look at how we are focusing on authorization in the
registry specifications.

Next we went through the specification on how an object is submitted and how
security is defined in the specification.  Once the object is in a
discussion was about what type of roles are there for access to the object.
Scott Hinkelman raised a concern that current specification forces the user
of the registry to do an authorization request for each request and it
should be more like a session authorization. 

Farrukh went to page 39 of the Registry Service Specification to discus
role-based AcessControlPolicy.   The summary was that the specification took
the minimal requirements with security with the thoughts that additional
security can be added in additional releases.

10:45 am
Looked at the requirements document and started to identify any changes that
maybe needed to the document that have change since it was created.

11:30 am
The group discussed the to do list and decided to focus on the following:
*Object versioning
*Keyword search
*Custom security policy
*Audit trail(P1) 
*Publish subscribe
*CPA negotiation service
*Distributed Registry
*Link to external coding mechanism(P1) 

1:00 pm
Group worked on Glossary for TA group

3:00 pm
Group started to review the Registry Services Specification.  The discussion
was around a use case that JP defined and how it would be handled based on
the current specification.  It was decided after finding some errors in the
dtd that JP and Farrukh would look at the dtd off line.  It was also
identified that we need an example on how to submit Content.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Search: Match: Sort by:
Words: | Help

Powered by eList eXpress LLC