Subject: RE: approval in Vienna
Krishna, What a TA group will do is what I'm concerned about and why I didn't push for anything initially. It looks like the TA group will "continue to develop specifications". So, I think they should be required to address the "big" security issues and then if we need a specific group, these could be started ( I would prefer just referencing the work in the W3C and Oasis). The registry proposal WILL be published on the oasis web site as a white paper, meaning that it is background material relevant to the security technical report, so if you don't think this is a good idea or if you want to clean it up you should contact Karl Best at Oasis... he's now responsible for publishing the docs. I asked the group at the F2F for approval and also ran the idea by the registry group in Vienna. Everyone thought it was an ok thing to do, understanding that its just capturing discussion rather than representing a way forward. Hope this is ok. Maryann "Krishna Sankar" <ksankar@cisco.com> on 05/12/2001 09:40:06 PM To: "Maryann Hondo" <mhondo@us.ibm.com>, <ebxml-ta-security@lists.ebxml.org> cc: <eva.cy.cheng@email.chinatrust.com.tw>, <per.myrseth@pki.no>, <aboseman2@aol.com> Subject: RE: approval in Vienna MH, Couple of observations : 1. We are OASIS member and I could support the security group for OASIS. The question is what are we trying to do. As such there are many security groups in OASIS. We need to have a clear charter - may be it will be clear when we look at all the groups formed out of ebXML. 2. You are right - security should be part of the TA. But is TA a separate group ? If so, what does it do ? 3. The security white paper needs cleanup - now is a good time. Are you going to publish it as an ebXML security artifact ? If so, I will collect everybody's ideas and clean it up. cheers > -----Original Message----- > From: Maryann Hondo [mailto:mhondo@us.ibm.com] > Sent: Saturday, May 12, 2001 3:30 PM > To: ebxml-ta-security@lists.ebxml.org > Cc: eva.cy.cheng@email.chinatrust.com.tw; per.myrseth@pki.no; > aboseman2@aol.com > Subject: approval in Vienna > > > Well team, we did it. We were accepted as a technical report at the > plenary in Vienna on Friday. > I also published the security & registry paper by Farrukh as a > white paper, > so that there was some > sense of the discussions we had with the registry group. Part of the > information made it into the R&R specs, > but part of the discussion did not. > > Check out the web site for details and "official postings" of the pdf. > Below are the word documents and the change log. > > Just as an FYI .....regarding ongoing activities...... > the steering committee is still working on where security should go... > > I sent mail last week in which I proposed (with the support of the > participants at the f2f) that > security be considered part of technical architecture which will > be a joint > UN/Oasis group. > I have tried to emphasize to the STC that if security is NOT part of the > TA, then its an > enormous burden to have to run around and herd the cats. We'll see. In > the current MOU > security is a separate group under Oasis. Now, the plan was to have the > working groups create > charters for the Oasis teams, but since I was the only Oasis member at the > f2f :) > I could not start a committee of one......we need 3 people to make a > proposal to the Oasis group. > I think we should wait for now, but any of you who want to move > forward are > able to collect the > 3 votes and proceed. > > We did talk about maybe trying to form a group to define the XML > schema for > PKI....kind of > a security/CPP type group. Anyone think this is a good idea and > want to try > to take this on? > (Rich?????) > > By the way we(ebXML) made the weekend edition of the Wall Street Journal. > > Thanks everyone for your help, in person and by mail. It was great to work > with you all and I'm > sure our paths will cross again. > > > Maryann > > (See attached file: secdocs.zip) >
Powered by
eList eXpress LLC