[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [bdxr-comment] Invitation to comment on Exchange Header Envelope (XHE) v1.0 from the BDXR TC - ends November 17th
Dear OASIS BDXR team, Please find below the comments from the CEF eDelivery team: CEF-01: Chapter: 2.9.2: Payload. Instance Hash Value has a hard-wired hashing algorithm. Suggestion: add a field to specify the hashing algorithm to be used. The following two suggestions would allow different software providers to independently build more compatible general-purpose solutions which would use the XHE for data exchange: CEF-02: One of the XHE's purposes is to ensure data integrity when using message transfer over intermediaries (as, for example, the 4-corner model). It would be beneficial to include the full path
the message went through from a business and legal perspective; therefore, it would help if the XHE envelope would contain guidelines or define how to use the envelope to implement message transmission evidences. Suggestion: Elaborate or add guidelines/examples of using an envelope to add message transmission evidences. CEF-03: Signing and encryption are heavily relying on the message originator and final receiver(s) custom agreement. Because there could be several software implementations
in message transfer (see also the comment CEF-02), it would be valuable to elaborate a standard/safe use of the encryption and signatures. Suggestion: Elaborate (for example in Appendix D): preferred/safe use of the encryption of the payload and message
signatures.
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]