OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-cppa message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [ebxml-cppa] Re: Arvola's comments on version 1.01

Tony:

I agree that it is OK to remove the following text from the 1.02 spec:

"In this initial version of this specification, this MAY be accomplished by
creating a CPA between each Party and the intermediary in addition to the
CPA between the two Parties. The functionality needed for the interaction
between a Party and the intermediary is described in the CPA between the
Party and the intermediary.  The functionality needed for the interaction
between the two Parties is described in the CPA between the two Parties."

Regarding the confidentiality attribute section, I just feel that the
following statement is a little bit too strong:

"It MUST be encrypted above the level of the transport and delivered,
encrypted, to the application."

Some clarification along the lines used in the exchanges you have with Marty
may be helpful.

Thanks,
-Arvola

----- Original Message -----
From: "Tony Weida" <rweida@hotmail.com>
To: "Arvola Chan" <arvola@tibco.com>; "CPPA"
<ebxml-cppa@lists.oasis-open.org>
Sent: Thursday, January 03, 2002 7:29 AM
Subject: Arvola's comments on version 1.01


> Arvola,
>
> Regarding two comments you included for version 1.01 (the version I
> distributed to the list, with changes highlighted):
>
> 1. You commented about lines 339-343: "It was agreed in the joint MSG-CPPA
> meeting in October that the 1.1 CPP/A spec will not address the
requirements
> for interacting with intermediaries."
>
> I believe the identified text is broadly informational in nature and
doesn't
> conflict with your comment, so I'd be inclined to remove that comment from
> version 1.02.  Okay?
>
> 2. You commented on the confidentiality attribute, lines 1503-1504) as
> follows: "I think the last part of the sentence "and delivered, encrypted,
> to the application" should be struck out. The encryption might have
happened
> before the ebXML message is packaged and signed. The middleware on the
> receiver side probably should pass the decrypted payload to the
destination
> application."
>
> In response, I commented: "I thought the intent of this attribute was to
> specify confidential delivery between applications, and thus the sentence
> should remain intact."  Is that agreeable, or shall I record this as an
> issue?
>
> Regards,
> Tony

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC