Subject: RE: approval in Vienna
Krishna,
What a TA group will do is what I'm concerned about and why I didn't push
for anything initially.
It looks like the TA group will "continue to develop specifications". So,
I think they should
be required to address the "big" security issues and then if we need a
specific group,
these could be started ( I would prefer just referencing the work in the
W3C and Oasis).
The registry proposal WILL be published on the oasis web site as a white
paper, meaning
that it is background material relevant to the security technical report,
so if you don't think
this is a good idea or if you want to clean it up you should contact Karl
Best at Oasis...
he's now responsible for publishing the docs. I asked the group at the F2F
for approval and
also ran the idea by the registry group in Vienna. Everyone thought it was
an ok thing to do,
understanding that its just capturing discussion rather than representing a
way forward.
Hope this is ok.
Maryann
"Krishna Sankar" <ksankar@cisco.com> on 05/12/2001 09:40:06 PM
To: "Maryann Hondo" <mhondo@us.ibm.com>,
<ebxml-ta-security@lists.ebxml.org>
cc: <eva.cy.cheng@email.chinatrust.com.tw>, <per.myrseth@pki.no>,
<aboseman2@aol.com>
Subject: RE: approval in Vienna
MH,
Couple of observations :
1. We are OASIS member and I could support the security
group for OASIS.
The question is what are we trying to do. As such there are many security
groups in OASIS. We need to have a clear charter - may be it will be clear
when we look at all the groups formed out of ebXML.
2. You are right - security should be part of the TA. But
is TA a separate
group ? If so, what does it do ?
3. The security white paper needs cleanup - now is a good
time. Are you
going to publish it as an ebXML security artifact ? If so, I will collect
everybody's ideas and clean it up.
cheers
> -----Original Message-----
> From: Maryann Hondo [mailto:mhondo@us.ibm.com]
> Sent: Saturday, May 12, 2001 3:30 PM
> To: ebxml-ta-security@lists.ebxml.org
> Cc: eva.cy.cheng@email.chinatrust.com.tw; per.myrseth@pki.no;
> aboseman2@aol.com
> Subject: approval in Vienna
>
>
> Well team, we did it. We were accepted as a technical report at the
> plenary in Vienna on Friday.
> I also published the security & registry paper by Farrukh as a
> white paper,
> so that there was some
> sense of the discussions we had with the registry group. Part of the
> information made it into the R&R specs,
> but part of the discussion did not.
>
> Check out the web site for details and "official postings" of the pdf.
> Below are the word documents and the change log.
>
> Just as an FYI .....regarding ongoing activities......
> the steering committee is still working on where security should go...
>
> I sent mail last week in which I proposed (with the support of the
> participants at the f2f) that
> security be considered part of technical architecture which will
> be a joint
> UN/Oasis group.
> I have tried to emphasize to the STC that if security is NOT part of the
> TA, then its an
> enormous burden to have to run around and herd the cats. We'll see. In
> the current MOU
> security is a separate group under Oasis. Now, the plan was to have the
> working groups create
> charters for the Oasis teams, but since I was the only Oasis member at
the
> f2f :)
> I could not start a committee of one......we need 3 people to make a
> proposal to the Oasis group.
> I think we should wait for now, but any of you who want to move
> forward are
> able to collect the
> 3 votes and proceed.
>
> We did talk about maybe trying to form a group to define the XML
> schema for
> PKI....kind of
> a security/CPP type group. Anyone think this is a good idea and
> want to try
> to take this on?
> (Rich?????)
>
> By the way we(ebXML) made the weekend edition of the Wall Street Journal.
>
> Thanks everyone for your help, in person and by mail. It was great to
work
> with you all and I'm
> sure our paths will cross again.
>
>
> Maryann
>
> (See attached file: secdocs.zip)
>
Powered by
eList eXpress LLC