[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: EDITING HELP needed.....
Maryann,
The general message of section 8.2 is that more work is needed on security
in CPP/CPA for post-Vienna. I fully agree. Perhaps we can start the
discussions in Vienna.
There appear to be some contradictions in the discussions of where the
SecurityPolicy element should go in the CPP/CPA. The second paragraph
(lines 465-472) proposes putting it under the ServiceBinding element as
preferable to putting it under DeliveryChannel. Since both approaches
associate SecurityPolicy with a single DeliveryChannel element, I have no
preference and can accept the recommendation that making it a sibling of
Packaging is preferred. However the fourth paragrpah states that
SecurityPolicy should be a SIBLING of DeliveryChannel. That would put it
directly under PartyInfo and would eliminate any connection to a specific
DeliveryChannel except through an IDREF that would have to be added to
SecurityPolicy. I suggest eliminating line 483 ("and should appear...as a
sibling of that element" (i.e. DeliveryChannel)) and letting paragraph 2
stand as suggesting the location.
Last bullet in section: It is probably best to perform that review and
either remove lines 510-519 or replace them by a discussion of needed
improvements.
Regards,
Marty
*************************************************************************************
Martin W. Sachs
IBM T. J. Watson Research Center
P. O. B. 704
Yorktown Hts, NY 10598
914-784-7287; IBM tie line 863-7287
Notes address: Martin W Sachs/Watson/IBM
Internet address: mwsachs @ us.ibm.com
*************************************************************************************
Maryann Hondo/Austin/IBM@IBMUS on 03/15/2001 12:13:45 PM
To: ebxml-ta-security@lists.ebxml.org
cc: stuart.campbell@tieglobal.com, Martin W Sachs/Watson/IBM@IBMUS
Subject: EDITING HELP needed.....
Folks,
this is where i've gotten to with updates.
I could use some help in general on readability but with some
additional text as noted below:
Igor and Allen,
could you review section 7 on the Business process layer
Rich and Mark,
section 8 ....
I've included Mark's text on PKI issues please make sure my
integration makes sense to you both
Rich,
I'm really struggling with the "profile" .....I've thrown a bunch
of things into Appendix B but I can't quite figure out whether we
should actually try to include ds: SignatureMethod Algorithm level
detail
to illustrate the recommendations or if we just want to capture the
text in
a "policy profile".
Chris & Marty
could you look at section 8.3 ?
Allen,
I would also like to capture some of your comments about schema in
relation to how we could use schema typing more effectively....do you
think you could look at Section 8.2?
Also section 10.1 includes your Manifest text.
And.....section 20.3 ....VERY rough attempt to capture thie processing
rules
issue
Dale,
I edited some of your comments and included them in secion 10.2....it
still needs some work to make it readable.
I also tried to include your "profiles" in Appendix B....any thoughts
on how
you saw that being integrated with the policy profile?
I'm going to continue working on the Registry section, including something
on authorization
and in general trying to figure out what to do with the appendix.
COMMENTS PLEASE!!!!
Maryann
(See attached file: ebXML_sec_v0.3.3.doc)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC