OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebcore message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Groups - cppa3-specification uploaded

Submitter's message
WD 08, 2017-08-25
- New "match" algorithm, described in a new section 4.

This algorithm takes a CPA and a CPP and determines whether the CPA matches the CPP. A CPA matches a CPP if it could have been derived from it by unifying it with some other (unspecified) CPP. This means that one of the two parties in the CPA relates to the party in the CPP. Also, all other structures, such as service and action bindings, channels, transport etc. all need to be linkable to a structure in the CPP. As in unification, presented party certificates can be checked against specified trust anchor sets.

This function could be used by a party to verify, before accepting it, that a presented CPA (possibibly created by a communication partner or by a third party service provider) is compatible with its own configuration, whether related to networking, messaging, security, business content or process.

This "match" function is likely to be useful to a wider audience than the unification/formation, which in practical deployments is likely to community service providers. By contrast, whether a (presented, candidate) agreement matches matches and validates is of interest to any party updating a communication configuration.

Matching is also much easier to implement than unification. A sample implementation is provided as a new "match" module in the open source cppa3 package. For now it is tested by reverse-testing CPAs generated from CPPs using that same library's "unify" module.

-- Mr. Pim van der Eijk
Document Name: cppa3-specification

Specification (in ODF) of the CPPA3 schema and unification method.

WD 08, 2017-08-25
- New "match" algorithm, described in a new section 4.

WD 07, 2017-07-26
- Updated S/MIME reference to current 3.2 version, relevant for ebMS2.
- When matching service specifications, presence and values of ebBP
attributes must match.
- TrustAnchor renamed to TrustAnchorSet.
- *TrustAnchorRef renamed to *TrustAnchorSetRef
- CanonicalizationMethodadded to unification of CanonicalizationMethod and
*CertificateRef is covered only in X.509 section.
- New *CertificateRequired elements in schema #19.
- Definition of validity in section 2.3.1
- New conformance section 4.
- Different channel types are listed in 2.2.7.

WD06 2017-04-02
Schema #15 (2017-03-27) and #16 (2017-04-02):
- New chapter 2.3.4 on schema extensibility.
- Description of IPv4 and IPv6 support features and related constraints in
unification in new section 3.4.16.
- ?Certification Authority?, naming consistency.
- ?Content Coding? support for HTTP.
- ?HTTP Version? support for HTTP.
- Editorial.
- Fixed some missing coverage of elements in 3.4.2.
- Added bibliographic entries for FTP and SMTP RFCs and MTOM and XOP W3C

WD05 2017-03-19
- IETF and W3C references taken from OASIS lists at
- Updated HTTP 1.1 reference from obsolete IETF 2616 to RFC 7230.
- Note that activation and expiration of CPPs must be synchronized with
validity interval of certificates.

- Updates for schema revision #13:
- CompressionType sub-element instead of attribute.
- New optional element SignatureFormat, added for EDIINT.
- New elements AS1Channel, AS2Channel, AS3Channel. Easier for conformance
clauses than EDIINTChannel, and functionality is slightly different beyond
- New section 2.3.3 on bibliographic references in XML Schema.
- New section 3.4.25 on WS-A From. (Unlikely requirement, but completes
coverage of Web Services specifications).
- New section 3.4.26 on intervals for transport restart and for joining.

Schema #14
- New section 2.2.8 on the new CPPA3 delegation feature.
- New section 3.4.12 on unification for delegation.
- Removed the Compressed* elements, and Compression is now just another
- New CertificateDefaults element.

WD04, 2017-01-31
Describe updates and new features in schema revisions #9 to #12:
- SAML token and SAMLKeyConfirmed­SubjectToken.
- IDP registrations and set of and references to registrations.
- CA defined as Certification Authority
- Some missing bibliographic references added.
- Editorial.

WD03, 2016-12-17
Describe some new features in the schema, and impact on formation:
- Payload signing and encryption (schema #7)
- Authorization attributes (schema #8)
Some editorial fixes.

WD02 2016-11-01
Editorial fixes.
XKMS resolution in CPA formation.
Attribute unification.
AU is not a normative reference.
Start with support for the SAML conformance clause.
New href attribute on ProfileIdentifier for use in CPAs.
Clarified that some introductory sections are not normative.
Added WSS-Username-Token profile to references.
Described the ChannelProfile feature.

WDD01, 2016-10-02
First Draft
Download Latest Revision
Public Download Link

Submitter: Mr. Pim van der Eijk
Group: OASIS ebXML Core (ebCore) TC
Folder: Contributions
Date submitted: 2017-08-25 08:34:16
Revision: 7

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]