OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-tp message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [PartyId "type" negotiation]

Krishna Sankar said "In normal circumstances, the content would be
signed by the Submitting Organization and the registry would keep the
documents with the signature. When one receives a document from the
registry, one can determine if one wants to trust the document based on
the SO's signature."

Yes, that satisfies me (I think).  I made a slight misstep earlier when
I said "the CPA is signed by somebody I trust (the Comptroller of the
Currency, maybe?)."  Actually, I will trust my Bank's signature of the
CPA, assuming I trust its certificate -  which is a whole different
matter independent of the CPA, CPP or the registry.

So where's the problem?  In summary, I find the CPA based on a match on
any one of a number of <partyId> entries, validate the found CPA's
signature, and proceed from there.  Again, there's no need to "validate"
the <partyId> by Type - I don't have to go to the ABA for Routing
numbers, or Dun & Bradstreet for DUNS numbers, or the NMFTA for SCACs.
I usually have an ID in hand before I even went "shopping" for the CPA
in the registry.

I agree with Krishna that I don't need "full and implicit trust on a
Registry." But I do need to trust all information I find in the
registries, and hence it all must be signed.  There's no information I'm
willing to send into a rat hole I can't trust, nor am I willing to enter
into a CPA with anyone for whom I can't validate their CPP.

William J. Kammerer
4950 Blazer Pkwy.
Dublin, OH USA 43017-3305
+1 614 791-1600

Visit FORESIGHT Corp. at http://www.foresightcorp.com/
"accelerating time-to-trade"

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Search: Match: Sort by:
Words: | Help

Powered by eList eXpress LLC