[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: Security reqs v.02
Bill, nice job on the documents. I'm still mulling over a few things, but the only comment I have at present is that we can't over emphasise the trust/non-repudiation nature of the world we're putting BTP in: there's this implicit, unwritten trust model that exists in transactions that has affects throughout, e.g., if I as a coordinator tell someone to rollback and they say they have, I assume it's true. Likewise, I as a participant trust the coordinator and (assuming I'm a well behaved participant) do as I'm told. Spoofing transactions is possible in a closely-coupled environment, and it's even more possible/likely in the loosely coupled environment of web services. I have a document describing the various loopholes that are possible in traditional transactions, and it may be possible to use some of that if we think it's relevant. Mark. ---------------------------------------------- Dr. Mark Little (mark@arjuna.com) Transactions Architect, HP Arjuna Labs Phone +44 191 2064538 Fax +44 191 2064203
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC