Subject: RE: approval in Vienna
Maryann, Thanks for the response. Please let me know when and if we want to initiate a security group. Re the paper, no problems. It is good that we have papers bringing in the behind-the-scenes discussions as well. But I do want to revise it a little. I would contact Karl and would revise it. All, if you have any suggestions on the paper, pl let me know. cheers and once again congratulations on good work > -----Original Message----- > From: Maryann Hondo [mailto:mhondo@us.ibm.com] > Sent: Monday, May 14, 2001 6:18 AM > To: Krishna Sankar > Cc: Maryann Hondo; ebxml-ta-security@lists.ebxml.org; > eva.cy.cheng@email.chinatrust.com.tw; per.myrseth@pki.no; > aboseman2@aol.com > Subject: RE: approval in Vienna > > > Krishna, > What a TA group will do is what I'm concerned about and why I didn't push > for anything initially. > It looks like the TA group will "continue to develop specifications". So, > I think they should > be required to address the "big" security issues and then if we need a > specific group, > these could be started ( I would prefer just referencing the work in the > W3C and Oasis). > > The registry proposal WILL be published on the oasis web site as a white > paper, meaning > that it is background material relevant to the security technical report, > so if you don't think > this is a good idea or if you want to clean it up you should contact Karl > Best at Oasis... > he's now responsible for publishing the docs. I asked the group at the F2F > for approval and > also ran the idea by the registry group in Vienna. Everyone thought it was > an ok thing to do, > understanding that its just capturing discussion rather than > representing a > way forward. > Hope this is ok. > > > Maryann > > "Krishna Sankar" <ksankar@cisco.com> on 05/12/2001 09:40:06 PM > > To: "Maryann Hondo" <mhondo@us.ibm.com>, > <ebxml-ta-security@lists.ebxml.org> > cc: <eva.cy.cheng@email.chinatrust.com.tw>, <per.myrseth@pki.no>, > <aboseman2@aol.com> > Subject: RE: approval in Vienna > > > MH, > > Couple of observations : > > 1. We are OASIS member and I could support the security > group for OASIS. > The question is what are we trying to do. As such there are many security > groups in OASIS. We need to have a clear charter - may be it will be clear > when we look at all the groups formed out of ebXML. > > 2. You are right - security should be part of > the TA. But > is TA a separate > group ? If so, what does it do ? > > 3. The security white paper needs cleanup - now > is a good > time. Are you > going to publish it as an ebXML security artifact ? If so, I will collect > everybody's ideas and clean it up. > > cheers > > > -----Original Message----- > > From: Maryann Hondo [mailto:mhondo@us.ibm.com] > > Sent: Saturday, May 12, 2001 3:30 PM > > To: ebxml-ta-security@lists.ebxml.org > > Cc: eva.cy.cheng@email.chinatrust.com.tw; per.myrseth@pki.no; > > aboseman2@aol.com > > Subject: approval in Vienna > > > > > > Well team, we did it. We were accepted as a technical report at the > > plenary in Vienna on Friday. > > I also published the security & registry paper by Farrukh as a > > white paper, > > so that there was some > > sense of the discussions we had with the registry group. Part of the > > information made it into the R&R specs, > > but part of the discussion did not. > > > > Check out the web site for details and "official postings" of the pdf. > > Below are the word documents and the change log. > > > > Just as an FYI .....regarding ongoing activities...... > > the steering committee is still working on where security should go... > > > > I sent mail last week in which I proposed (with the support of the > > participants at the f2f) that > > security be considered part of technical architecture which will > > be a joint > > UN/Oasis group. > > I have tried to emphasize to the STC that if security is NOT part of the > > TA, then its an > > enormous burden to have to run around and herd the cats. We'll see. In > > the current MOU > > security is a separate group under Oasis. Now, the plan was to have the > > working groups create > > charters for the Oasis teams, but since I was the only Oasis member at > the > > f2f :) > > I could not start a committee of one......we need 3 people to make a > > proposal to the Oasis group. > > I think we should wait for now, but any of you who want to move > > forward are > > able to collect the > > 3 votes and proceed. > > > > We did talk about maybe trying to form a group to define the XML > > schema for > > PKI....kind of > > a security/CPP type group. Anyone think this is a good idea and > > want to try > > to take this on? > > (Rich?????) > > > > By the way we(ebXML) made the weekend edition of the Wall > Street Journal. > > > > Thanks everyone for your help, in person and by mail. It was great to > work > > with you all and I'm > > sure our paths will cross again. > > > > > > Maryann > > > > (See attached file: secdocs.zip) > > > > > > >
Powered by
eList eXpress LLC