Results of Voting on the CIQ TC Specifications

[Ram Kumar <rkumar@msi.com.au>]

========================================================
RESULTS OF THE VOTING PROCESS (CIQ TC)

Objective: Move the CIQ Specifications to Committee Specifications

1. Appprove moving the xNAL Specifications as Committee Specifications
(V1.0)
    (Version 1.1 of xNL and V1.2 of xAL)
   	YES:	5
	NO:	0

2. Approve moving the xCIL Specifications V1.3 as Committee Specifications
	YES:	4
	NO:	1

3. Interested to convert the Committee Specifications to OASIS Standard
	YES:	5
	NO:	0
=========================================================

I have to take in to account David's points about xCIL. My suggestion is
that
we will set up a conference call soon and decide on what the objectives of
the
xCIL Spec. should be and what should be done before we move it to Committee
Specifications. Till then, we will keep xCIL on hold. We need everyone of
the TC
to agree unanimously on any decisions we make. Therefore, we will now adopt
V1.0 of xNAL as the committee specs and do further work on xCIL to move it
to Committee Specs.


David's Comments about xCIL:
----------------------------------------------------------------------------
---------------------------
Ram,

Having reviewed this - and I know I should have been here
sooner - BUT - hey I'm living 7 maybe 9 concurrent lives
here - good test for xCIL - I have to say I have some very
serious concerns about xCIL.

I like the address and name pieces:  xAL.dtd and xNL.dtd.

However the xCIL.dtd introduces completely different
metrics.

We need to address the question of privacy and control.

Nearly three years again I started work on BizID as a
concept with XML precisely because privacy and control
are key.

By exposing your BizID you are exactly and precisely
controlling who has access to your information and
when.   You are not handing over an xCIL of information
and then not knowing who when and where it will be
accessed.  The BizID provides an access "key" back
into xCIL providers repositories - and that API contains
checks and measures.

Each peice of the an "xCIL" can then be precisely
controlled and restricted and access to it logged and
audited.

Also the xCIL can be extended with private and public
section extensions.

I would propose we introduce the notion of Privacy
and Control mechanisms into this equation.

<person>
<personalID/>
<xAL/>
<xNL/>
<controlledContent>
   <demographics/>
   <medical/>
   <financials/>
   <travel/>
   <vehicle/>
</controlledContent>
<person>

I could happily vote Yes to the xAL and xNL pieces
standalone.

However I must vote No to the overall xCIL since it
mixes highly private content with public.

I know we've been in hurry-up-and-wait, but I
believe we really must take another three months
here if necessary and fundamentally address how
people will have control of their own information
in the XML space.

We should also explore how we can exploit ebXML
messaging to enable secure querying against
customer information.  We do not have to spell this
out in chapter and verse - but we can at least
show how sister specifications can be utilized to
deliver on requirements.

Sorry to rain on the parade so late - but fundamentally
we have to address the biggest issues here.  Just
creating the XML DTD is just the tip of the iceberg.

Thanks, DW.
----------------------------------------------------------------------------
--------------------------------
Cheers

Ram

Ram Kumar
MSI
Level 12, 67 Albert Avenue
Chatswood NSW 2067
Australia

"We are a One to One Business Solutions and Consulting Company
that assists our clients to become Customer-Centric with appropriately
tailored strategies, services and enabling technologies"

Direct Phone : +61 2 94128315
Office Phone : +61 2 94128333
Facsimile      : +61 2 94134275
Mobile          : +61 412758025
Web Site      :  www.msi.com.au