OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-cppa message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: RE: [ebxml-cppa] SMTP Needs "to" and "from" e-mail addresses


Dale Moberg said:
   "I expect the conventions for xmldsig
   certificate usage to follow what is
   done for smime, but those usage
   conventions are only now emerging."

Dan Weinreb commented:
"Hmm.  If we intend for the certificates used in ebXML to have DN's
with an "e-mailAddress" component, it seems as if we really have to
either say that explicitly, or say it by means of a normative
reference to something else that says it explicitly.  Since we're not
basing ebXML on S/MIME, we can't draw on the S/MIME standards for
this.  I don't know whether this is something that we ought to specify
explicitly in our own standards documents, or whether it's something
that xmldsig ought to be talking about and we ought to be referring
to."

Dale Moberg:

Could this level of detailed profiling
be one to offload to an implementation
guide document, perhaps produced under the 
Oasis ebxml-IIC group? I imagine that
interoperability trials, API development,
and pilot experience will, as usual,
reveal the need for more detailed 
conventions on these matters. The
CPPA group, for example, will have
to eventually develop a demaraction for
what modules can just be regarded
as "interoperable in practice" in order
to avoid diving into every possible
parameter choice. For example, CPPA now
treats SSL v3 or TLS v1 as being about at the 
"bottom" when documenting transport security,
because these protocols do have mandatory
to implement default fallback algorithms
that "should" allow different implementations
to work together without further deliberate
configuration. XMLDsig does have similar
features, but as the recent whitespace
issue in ebXML messaging shows, they
are probably not done
with defining canonicalizing transforms
yet, and CPPA has marking agreed transforms
as one of its v1.1 issues.

Dale Moberg




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC