[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: OASIS Registry Security : Minutes
Here are the minutes of the meeting ebXML Registry Security meeting. Suresh will send out any updates/corrections to this note later. Sekhar %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Minutes of ebXML Registry Security Meeting Attendees: Sanjay Patil, Suresh Damodaran, Farrukh Najmi, Sekhar Vajjhala Use Cases - Sanjay to send use cases by today Review of security risk document updated by Suresh 1.b added. needs to be split into 1.b.1 & 1.b.2 1.b.1 integrity protection in xmission 1.b.2 confidentiality protection in xmission sekhar to update 5.2 Added Type F ( for futuristic) 2d changed from C to D Section numbers may no longer be accurate. Define Registry Profile - Registry profile is available - Global issue ; not specific to security - every group needs to define what is needed in the registry profile - suggestion: each group documents in English what is needed in English. Syntax could be deferred. - CPP could be source for what should be in registry profile A (targeted for V2.0) items: - integrity protection of data - authentication ( at least the verification of the signer ) - custom access controls - XACML may not be ready in time ? use IBM_XACL ? Status of XMLDSIG - making progress ; hopefully a first version would be out tomorrow ( Sekhar to send out ). - Reference the document in the "Deliverables" Section in the Risks document. Deliverables: - Integrity protection of data in xmission and storage - use of XML DSIG - Authentication of content owner - Management of Access control policies - updates to the RIM and RS; follow use case model - Registry profile - cookie cutter policies for registry - use cases document -- Sekhar
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC