[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: Security Discussion: Changed Agenda: Teleconference : 12/21/200012:30-4pm CDT : RIM discussion follow-up
Scott, When the S2ML initiative was announced, people asked if it overlapped with the work being done at ebXML. The correct, IMHO, answer at that time was: S2ML defines security services for authentication and authorization that can be carried over any protocol (e.g. SOAP, XP, ebXML). The OASIS TC formed will be focused on this very set of services. Defining an ebXML Security Service(s) at this time would be, IMHO, doing exactly what S2ML was perceived (incorrectly) of doing... entering a space which is already being addressed by experts in the field in an OPEN forum (OASIS). Now, given that security IS important for RR and that it is currently being defined in TR&P, BP, TP and TA (as an overarching architectural view of the works of the other teams), I think that we should be taking a close look at what is being defined before launching into yet another specification initiative at this late date in the process. From my point of view, RR is simply a specialized business process. If the needs of RR are not being addressed by the BP, TP and TR&P specification offerings, then we need to think our work through more carefully and fill in any gaps that may exist. Please, let's not start up yet another splinter group to tackle an issue that MAY already be addressed within the groups already focused on security. If anything, the work MUST be tightly coordinated with the other efforts working on security. Please DO keep in mind that once you start down this path, the next phase you enter will be PKI, and I don't think you want to go there. My $0.02, Chris "Nieman, Scott" wrote: > > To follow-up regarding the StC conversation today, I would like to invite > Rik, Marty, Sid, Nick and anyone else to join the scheduled RR > teleconference tomorrow, to discuss a potential need for a separate ebXML > Security Service, specifically to handle authentication, encryption, and > decryption needs. Messages and payloads could be processed through this > service. > > RR is concerned about overlap, and general architectural issues. At this > time, RR is specifying this functionality, however, this functionality is > also required for normal B2B. Specifying a single Security Service would > enable RR to focus on role-based authorizations, integrity, etc. > > I would like this discussion to last no more than one hour, with that > discussion to be the first topic. > > Scott > > -----Original Message----- > From: Nieman, Scott [mailto:Scott.Nieman@NorstanConsulting.com] > Sent: Tuesday, December 19, 2000 4:35 PM > To: 'ebxml-regrep@lists.ebxml.org' > Subject: Teleconference : 12/21/2000 12:30-4pm CDT : RIM discussion > follo w-up > > Meeting Date: 12/21/2000 > Meeting Time: 12:30-4pm CDT (please note CDT) > > The dialup information is: > USA: 800.892.0357 > Sorry no toll-free for International callers: usa 612.352.7899 > Meeting ID #8186 > 25 locations setup > > Agenda: Review the RIM updates based on input from 12/19 telcon. > > Please read the document prior to the call. > > Regards, > > Scott
begin:vcard n:Ferris;Christopher tel;cell:508-667-0402 tel;work:781-442-3063 x-mozilla-html:FALSE org:Sun Microsystems, Inc;XTC Advanced Development adr:;;;;;; version:2.1 email;internet:chris.ferris@east.sun.com title:Sr. Staff Engineer fn:Christopher Ferris end:vcard
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC