RE: approval in Vienna

[Krishna Sankar <ksankar@cisco.com>]

Maryann,

	Thanks for the response. Please let me know when and if we want to initiate
a security group.

	Re the paper, no problems. It is good that we have papers bringing in the
behind-the-scenes discussions as well. But I do want to revise it a little.
I would contact Karl and would revise it.

	All, if you have any suggestions on the paper, pl let me know.

	cheers and once again congratulations on good work

> -----Original Message-----
> From: Maryann Hondo [mailto:mhondo@us.ibm.com]
> Sent: Monday, May 14, 2001 6:18 AM
> To: Krishna Sankar
> Cc: Maryann Hondo; ebxml-ta-security@lists.ebxml.org;
> eva.cy.cheng@email.chinatrust.com.tw; per.myrseth@pki.no;
> aboseman2@aol.com
> Subject: RE: approval in Vienna
>
>
> Krishna,
>  What a TA group will do is what I'm concerned about and why I didn't push
> for anything initially.
> It looks like the TA group will "continue to develop specifications".  So,
> I think they should
> be required to address the "big" security issues and then if we need a
> specific group,
> these could be started ( I would prefer just referencing the work in the
> W3C and Oasis).
>
> The registry proposal WILL be published on the oasis web site as a white
> paper, meaning
> that it is background material relevant to the security technical report,
> so if you don't think
> this is a good idea or if you want to clean it up you should contact Karl
> Best at Oasis...
> he's now responsible for publishing the docs. I asked the group at the F2F
> for approval and
> also ran the idea by the registry group in Vienna. Everyone thought it was
> an ok thing to do,
> understanding that its just capturing discussion rather than
> representing a
> way forward.
> Hope this is ok.
>
>
> Maryann
>
> "Krishna Sankar" <ksankar@cisco.com> on 05/12/2001 09:40:06 PM
>
> To:   "Maryann Hondo" <mhondo@us.ibm.com>,
>       <ebxml-ta-security@lists.ebxml.org>
> cc:   <eva.cy.cheng@email.chinatrust.com.tw>, <per.myrseth@pki.no>,
>       <aboseman2@aol.com>
> Subject:  RE: approval in Vienna
>
>
> MH,
>
>            Couple of observations :
>
>            1.        We are OASIS member and I could support the security
> group for OASIS.
> The question is what are we trying to do. As such there are many security
> groups in OASIS. We need to have a clear charter - may be it will be clear
> when we look at all the groups formed out of ebXML.
>
>            2.        You are right - security should be part of
> the TA. But
> is TA a separate
> group ? If so, what does it do ?
>
>            3.        The security white paper needs cleanup - now
> is a good
> time. Are you
> going to publish it as an ebXML security artifact ? If so, I will collect
> everybody's ideas and clean it up.
>
>            cheers
>
> > -----Original Message-----
> > From: Maryann Hondo [mailto:mhondo@us.ibm.com]
> > Sent: Saturday, May 12, 2001 3:30 PM
> > To: ebxml-ta-security@lists.ebxml.org
> > Cc: eva.cy.cheng@email.chinatrust.com.tw; per.myrseth@pki.no;
> > aboseman2@aol.com
> > Subject: approval in Vienna
> >
> >
> > Well team, we did it.  We were accepted as a technical report at the
> > plenary in Vienna on Friday.
> > I also published the security & registry paper by Farrukh as a
> > white paper,
> > so that there was some
> > sense of the discussions we had with the registry group. Part of the
> > information made it into the R&R specs,
> > but part of the discussion did not.
> >
> > Check out the web site for details and "official postings" of the pdf.
> > Below are the word documents and the change log.
> >
> > Just as an FYI .....regarding ongoing activities......
> > the steering committee is still working on where security should go...
> >
> > I sent mail last week in which I proposed (with the support of the
> > participants at the f2f) that
> > security be considered part of technical architecture which will
> > be a joint
> > UN/Oasis group.
> > I have tried to emphasize to the STC that if security is NOT part of the
> > TA, then its an
> > enormous burden to have to run around and herd the cats.  We'll see.  In
> > the current MOU
> > security is a separate group under Oasis.  Now, the plan was to have the
> > working groups create
> > charters for the Oasis teams, but since I was the only Oasis member at
> the
> > f2f  :)
> > I could not start a committee of one......we need 3 people to make a
> > proposal to the Oasis group.
> > I think we should wait for now, but any of you who want to move
> > forward are
> > able to collect the
> > 3 votes and proceed.
> >
> > We did talk about maybe trying to form a group to define the XML
> > schema for
> > PKI....kind of
> > a security/CPP type group. Anyone think this is a good idea and
> > want to try
> > to take this on?
> > (Rich?????)
> >
> > By the way we(ebXML) made the weekend edition of the Wall
> Street Journal.
> >
> > Thanks everyone for your help, in person and by mail. It was great to
> work
> > with you all and I'm
> > sure our paths will cross again.
> >
> >
> > Maryann
> >
> > (See attached file: secdocs.zip)
> >
>
>
>
>
>