ebxml-regrep message


OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

Subject: RE: Security checkup


Scott,
I do also agree that some things have been lost from the earliest days of
usage.......
Registry SSs seem to be one of those things.

Scott Hinkelman, Senior Software Engineer
XML Industry Enablement
IBM e-business Standards Strategy
512-823-8097 (TL 793-8097) (Cell: 512-940-0519)
srh@us.ibm.com, Fax: 512-838-1074



"Nieman, Scott" <Scott.Nieman@NorstanConsulting.com> on 03/05/2001 04:54:19
PM

To:   Scott Hinkelman/Austin/IBM@IBMUS, ebxml-regrep@lists.ebxml.org
cc:
Subject:  RE: Security checkup



>>for all ebXML Registry Specification Schemas

I am assuming that you are referring to the BP Specification Schema (SS)
below, however, in what "context" are you applying this term.  I see two
views on this:
1) a business retrieving another business' SS from a registry,
2) a SS reflecting the collaboration between a registry client and the
registry service.

If #2, don't you think that this could be put in a separate document?  This
detail WAS targeted for the Part 2 document in the EARLIEST days of this
project team, focusing on use case realizations (collaborations) and the
dynamics (activity diagrams/ state machines) of the usage of a registry.
In
toyko, one team was editing the Business Domain (old-part1 document) and it
was suggested that these collaborations be detailed in this specification
for a future revision - perhaps AFTER the 18 month project period.  The
thought of doing this in POC is intriguing though.

Scott



-----Original Message-----
From: Scott Hinkelman [mailto:srh@us.ibm.com]
Sent: Monday, March 05, 2001 2:39 PM
To: ebxml-regrep@lists.ebxml.org
Subject: Security checkup


Hi,
Section 9 of Registry Services .85 outlines security. From what I read, I
have this comment:

Section 9.2.1 could be renamed to "Payload Signature" and condensed to
simply indicate that the payload will be signed for all ebXML Registry
Specification Schemas, and the appropriate course-grained indicator will be
asigned within each Specification Schema. This could then be referenced to
the (new ?) section that defines the Registry Specification Schemas.

Are there any other open issues from the Registry team concerning Security?
I believe it best to identify any, get closure, and let the Security team
review section 9.

Scott Hinkelman, Senior Software Engineer
XML Industry Enablement
IBM e-business Standards Strategy
512-823-8097 (TL 793-8097) (Cell: 512-940-0519)
srh@us.ibm.com, Fax: 512-838-1074




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Search: Match: Sort by:
Words: | Help

Powered by eList eXpress LLC