OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-cppa message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [ebxml-cppa] isConfidential


One of the problems with this discussion is that no two people seem to have
the same idea of what persistent confidentiality really is.  In particular,
the BPSS spec has an attribute but doesn't seem to have a clear discussion.
I did understand that long term secure storage of the information is part
of the function of persistent confidentiality. How about:

 "...persisted locally in a secure manner, and made available to the
>     application in accordance with local security policies implemented
>     to preserve confidentiality."

*************************************************************************************

Martin W. Sachs
IBM T. J. Watson Research Center
P. O. B. 704
Yorktown Hts, NY 10598
914-784-7287;  IBM tie line 863-7287
Notes address:  Martin W Sachs/Watson/IBM
Internet address:  mwsachs @ us.ibm.com
*************************************************************************************


                                                                                                                                                   
                      Christopher                                                                                                                  
                      Ferris                   To:       Tony Weida <rweida@hotmail.com>                                                           
                      <chris.ferris@sun        cc:       CPPA <ebxml-cppa@lists.oasis-open.org>                                                    
                      .com>                    Subject:  Re: [ebxml-cppa] isConfidential                                                           
                                                                                                                                                   
                      03/11/2002 02:09                                                                                                             
                      PM                                                                                                                           
                                                                                                                                                   
                                                                                                                                                   



Why would persistence (I assume on some media) be a
consideration? True, the confidentiality is "persistent",
but persistent only to the degree that the feature is
not a function of the transfer or transport mechanism
but of the message itself.

Tony Weida wrote:

> Here's the text we arrived at during the last call to characterize
> isConfidential:
>
>
>
>     "...persisted locally in encrypted form, and made available to the
>     application in accordance with local security policies implemented
>     to preserve confidentiality."
>
>
>
> Tony
>



----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC