OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-cppa message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Re: [ebxml-cppa] Arvola's comments on version 1.01



Tony,

With respect to item 2, you are raising the question of "what is middleware
and what is the application?" From a MSG viewpoint, the application is
everything above the mythical upper interface of the MSH since the MSH has
no knowledge of the software structure above it.  It may be perfectly
reasonable for middleware functions to be viewed as part of the application
and, in this case, to perform the decryption.  Most likely, even if the
code that actually performs the specific business process receives the
message encrypted, it will invoke a middleware function to do the
decrypting. So, as with other MSH functions, if the MSH function places the
encrypted message in the persistent store, that constitutes delivery to the
application.

Regards,
Marty

*************************************************************************************

Martin W. Sachs
IBM T. J. Watson Research Center
P. O. B. 704
Yorktown Hts, NY 10598
914-784-7287;  IBM tie line 863-7287
Notes address:  Martin W Sachs/Watson/IBM
Internet address:  mwsachs @ us.ibm.com
*************************************************************************************



Tony Weida <rweida@hotmail.com> on 01/03/2002 10:29:39 AM

To:    Arvola Chan <arvola@tibco.com>, CPPA
       <ebxml-cppa@lists.oasis-open.org>
cc:
Subject:    [ebxml-cppa] Arvola's comments on version 1.01



Arvola,

Regarding two comments you included for version 1.01 (the version I
distributed to the list, with changes highlighted):

1. You commented about lines 339-343: "It was agreed in the joint MSG-CPPA
meeting in October that the 1.1 CPP/A spec will not address the
requirements
for interacting with intermediaries."

I believe the identified text is broadly informational in nature and
doesn't
conflict with your comment, so I'd be inclined to remove that comment from
version 1.02.  Okay?

2. You commented on the confidentiality attribute, lines 1503-1504) as
follows: "I think the last part of the sentence "and delivered, encrypted,
to the application" should be struck out. The encryption might have
happened
before the ebXML message is packaged and signed. The middleware on the
receiver side probably should pass the decrypted payload to the destination
application."

In response, I commented: "I thought the intent of this attribute was to
specify confidential delivery between applications, and thus the sentence
should remain intact."  Is that agreeable, or shall I record this as an
issue?

Regards,
Tony

----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC