[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Trading Partner Logical Identification based on EDIFACT or X12qualifiers
Today, the bank is satisfied that I am keeping my PIN secure and it has all
the information to authenticate me locally. ATM cards and PINs may not be
as secure as one would like, but I believe that a service will always
locally cache the information to authenticate me so it won't have to go to
a third party on every message exchange.
Regards,
Marty
*************************************************************************************
IBM T. J. Watson Research Center
P. O. B. 704
Yorktown Hts, NY 10598
914-784-7287; IBM tie line 863-7287
Notes address: Martin W Sachs/Watson/IBM
Internet address: mwsachs @ us.ibm.com
*************************************************************************************
David RR Webber <Gnosis_@compuserve.com>@compuserve.com> on 08/16/2000
12:19:08 PM
To: "INTERNET:ian.c.jones@bt.com" <ian.c.jones@bt.com>
cc: ebxml-transport@lists.ebxml.org
Subject: RE: Trading Partner Logical Identification based on EDIFACT or X1
2qualifiers
Message text written by INTERNET:ian.c.jones@bt.com
>David,
We CAN NOT mandate the regrep lookup at run time. What if the
partners are using a non internet based connection or they want a closed or
private TPA? Why would you want to validate the identifier each time, do
you do call information every time before you make a telephone call? <
>>>>>>>>>>>>>>>>>>>
I certainly would if the caller was transferring money out of my bank
account
forinstance - I'd have caller ID for sure then....
Of course people are going to bend the rules for certain weird setups,
nothing is ever 100% - but I believe we should set the pace by making
the RegRep lookup part of the interchange, and by making the statement
that ebXML transport can be Plug-n-Play. That's a powerful message of
interoperability. Frankly if someone wants to use ebXML transport to
send messages to their basement from their loft - whatever works, but
the vast majority of users are going to be across the internet and are
going to want to plug straight into a reliable and secure global trading
network.
Remember what you learned in kindergarten 'don't take things
from strangers, and don't talk to strangers'. You have to be able to
authenticate and understand why and how you are sending or
receiving something. As Dick says - we agree on the what, its the
how that's an open question.
Here's an assertion I just made recently in some product
promotional materials:
"Ten years from now using a wet signature will seem as odd-ball
as using hot wax and a seal would seem today".
We have to build for the future and not be locked into the past.
The ebXML systems should set the standard, not trail behind it.
DW.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC