[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: EDITING HELP needed.....
Maryann, The general message of section 8.2 is that more work is needed on security in CPP/CPA for post-Vienna. I fully agree. Perhaps we can start the discussions in Vienna. There appear to be some contradictions in the discussions of where the SecurityPolicy element should go in the CPP/CPA. The second paragraph (lines 465-472) proposes putting it under the ServiceBinding element as preferable to putting it under DeliveryChannel. Since both approaches associate SecurityPolicy with a single DeliveryChannel element, I have no preference and can accept the recommendation that making it a sibling of Packaging is preferred. However the fourth paragrpah states that SecurityPolicy should be a SIBLING of DeliveryChannel. That would put it directly under PartyInfo and would eliminate any connection to a specific DeliveryChannel except through an IDREF that would have to be added to SecurityPolicy. I suggest eliminating line 483 ("and should appear...as a sibling of that element" (i.e. DeliveryChannel)) and letting paragraph 2 stand as suggesting the location. Last bullet in section: It is probably best to perform that review and either remove lines 510-519 or replace them by a discussion of needed improvements. Regards, Marty ************************************************************************************* Martin W. Sachs IBM T. J. Watson Research Center P. O. B. 704 Yorktown Hts, NY 10598 914-784-7287; IBM tie line 863-7287 Notes address: Martin W Sachs/Watson/IBM Internet address: mwsachs @ us.ibm.com ************************************************************************************* Maryann Hondo/Austin/IBM@IBMUS on 03/15/2001 12:13:45 PM To: ebxml-ta-security@lists.ebxml.org cc: stuart.campbell@tieglobal.com, Martin W Sachs/Watson/IBM@IBMUS Subject: EDITING HELP needed..... Folks, this is where i've gotten to with updates. I could use some help in general on readability but with some additional text as noted below: Igor and Allen, could you review section 7 on the Business process layer Rich and Mark, section 8 .... I've included Mark's text on PKI issues please make sure my integration makes sense to you both Rich, I'm really struggling with the "profile" .....I've thrown a bunch of things into Appendix B but I can't quite figure out whether we should actually try to include ds: SignatureMethod Algorithm level detail to illustrate the recommendations or if we just want to capture the text in a "policy profile". Chris & Marty could you look at section 8.3 ? Allen, I would also like to capture some of your comments about schema in relation to how we could use schema typing more effectively....do you think you could look at Section 8.2? Also section 10.1 includes your Manifest text. And.....section 20.3 ....VERY rough attempt to capture thie processing rules issue Dale, I edited some of your comments and included them in secion 10.2....it still needs some work to make it readable. I also tried to include your "profiles" in Appendix B....any thoughts on how you saw that being integrated with the policy profile? I'm going to continue working on the Registry section, including something on authorization and in general trying to figure out what to do with the appendix. COMMENTS PLEASE!!!! Maryann (See attached file: ebXML_sec_v0.3.3.doc)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC