[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: revised draft of Message Services spec for comments - Flames ;-)
Hi all, One of my favorite specifications is the ebXML TRP and Chris/David, you have improved on it ! Great job. Here are some of my thoughts - mostly security related (Version 0.9a): 1. I assume the MSH has the access to the CPA (thru the CPAId tag) - which means we need to tie this with the CPA versions. An older TRP implementation might not be able to deal with a newer version of CPA. Possibly add an error code wrongCPAVersion in Section 8.8.6. 2. In many places you have mentioned CPA/CPP. I think the MSH should only handle CPA and should never be aware of CPPs. (Remember the DTDs of these two documents would be very different, may be even in different languages) 3. Lines 69,70 talks about a Security Specification. I thought the security stuff would be part of this specification. Is anybody developing a separate security specification ? 4. Lines 1604-1606 : So far, the TRP is a protocol specification and by adding this it could become a service ! So I am not sure if this belongs here. I do not think the TRP should get into the authentication business - there are all kind of issues including policies, contexts, ... Also this is the first time we have a SHOULD ! I would rather tie this to HeaderSignatureRequired or some similar pragma in the CPA. In all honesty, we should not build a security service in the MHS. 5. Like the excellent diagrams in the reliability section, we need similar diagrams for the security section as well. We need to bring out the interactions. 6. Another important point is the application interface. i.e. how will the MSH talk to the application ? May be there is none. 7. On the same note, will the application get the headers and the signature ? I assume so. Is there a RequiresHeaderSignature element in the CPA ? 8. I assume the TRP has no work in payload encrypting Or Does the app give the cleartext to the TRP which in turn encrypts it ? If so is there a PayLoadEncryptionRequired element ? 9. If the TRP handles the encryption/decryption, and if the CPA requires PayLoadEncryptionRequired = Yes, and if the payload is not encrypted, will TRP raise an error ? 10. Lines 1524,1525,1526 could be : Confidentiality, Integrity and Availability. Usually the security is talked about as a CIA (Pardon the pun !) 11. 1627 - definitely needs explanation ;-) 12. I think we need a section on Authentication and how it can be handled. I could write this up, if you want. This would talk lines 1604-1606 and expand on it. I am still reading and thinking thru. Will send more comments. How do you plan to co-ordinate the editing ? Do you want the changes in an e-mail ? cheers
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC