ebxml-cppa message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Subject: Re: [ebxml-cppa] RE: [ebxml-msg] CPA & MS overriding parameters - Mildcorrection
- From: James Bryce Clark <jamie.clark@mmiec.com>
- To: "Damodaran, Suresh" <Suresh_Damodaran@stercomm.com>,'Martin W Sachs' <mwsachs@us.ibm.com>
- Date: Wed, 14 Nov 2001 12:21:53 -0800
[This replaces the last send, which was incomplete.]
Just got Suresh's latest message after I sent mine.
Incidentally, I am mirroring to ebxml-msg but it may bounce as I may not
still be signed up there. Please feel free to cc that list, if this
should be copied there.
At 11:32 AM 11/14/01, Damodaran, Suresh
wrote:
<sd>
The parameters that can be overridden are in CPA also because in some
cases parties may decide that these MUST not be overridden, and state so
in the policy (we may not have such a mechanism in CPA, but the CPA TC
may consider having it)
<sd/>
We do have a mechanism in the CPA/CPP spec for non-overridable
parameters. It's called the CPA. I don't mean to be
flip. The entry assumption of using a CPA is that two trading
partners plan to conduct a logically associated set of
transactions -- likely to progress from the first to last without
intervention. I ham having trouble imagining why any trading
partner would want to permit the business signal parameters to
change in the middle of runtime of a nonsupervised
collaboration.
* If we are only talking about a collaboration
composed of a single transaction, this issue is irrelevant.
There is no need to vary on a 'per-message' basis from the CPA
parameters, if they only apply to one pair of messages.
* If we are talking about a multi-step collaboration,
could someone give me an example of a CPA-invoked parameter that I might
as a trading partner be willing to "waive" by acceding
to an override? Here's what I imagine:
(1) I am offering to sell widgets.
You find my prospective offer in a registry along with a CPP. My
CPP asks you as a buyer always to XML-DSIG sign and hash through any
substantive acceptance or rejection -- as I will be bound to ship you up
to $1000000 of widgets, and want to be sure about your being bound to pay
in a manner that gives me some pretty good evidence that the
"acceptance" came authentically from you.
(2) You and I enter into a CPA that
includes that DSIG level of repudiation protection as a parameter.
(3) I send you my binding e-offer to
sell, upon the acceptance of which I am bound to deliver to you. It
is contained in a message with no overrides.
(4) You return a message to me with
a logically valid and BP-conformant acceptance -- but no DSIG, and a
message header that essentially says "no DSIG
needed".
Well, as a lawyer I'm just full of questions at this point:
(a) Am I bound by your acceptance? (b) Why would I ever, if sober,
agree to the optionality of the DSIG requirement in the CPA
itself? Isn't "optional" or "overridable"
logically identical to "no"? What does
{yes|no|optional} add to {yes|no} ?
Regards Jamie
James Bryce Clark
VP and General Counsel, McLure-Moynihan Inc.
Chair, ABA Business Law Subcommittee on Electronic Commerce
(www.abanet.org/buslaw/cyber/ecommerce/ecommerce.html)
1 818 597 9475 jamie.clark@mmiec.com
jbc@lawyer.com
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Powered by eList eXpress LLC