RE: [ebxml-cppa] isConfidential

["Malu, Pallavi G" <pallavi.g.malu@intel.com>]

I wonder if "persistent" is right word to use. Doesn't persistent means some
kind of storage is involved.

-Pallavi

-----Original Message-----
From: Christopher Ferris [mailto:chris.ferris@sun.com]
Sent: Monday, March 11, 2002 1:23 PM
To: Tony Weida
Cc: CPPA
Subject: Re: [ebxml-cppa] isConfidential


Then might I suggest the following:

A mechanism that is applied to the message itself, irrespective
of the communication protocol(s) used to convey the message, such that
its content (in whole, or in part) can only be revealed to
the authorized holder of the key that is used to decrypt the
encrypted content.

Cheers,

Chris

Tony Weida wrote:

> By way of background, the new wording arose from discussion of the
previous
> wording:
> 
> "It MUST be encrypted above the level of the transport and delivered,
> encrypted, to the application."
> 
> Arvola wanted to weaken the wording and I didn't.  In particular, I wanted
> to ensure that the "application" controls when and where decryption takes
> place.  However, there was a general feeling that the definition of
> "application" would be hard to agree on.
> 
> Thanks,
> Tony
> 
> ----- Original Message -----
> From: "Christopher Ferris" <chris.ferris@sun.com>
> To: "Tony Weida" <rweida@hotmail.com>
> Cc: "CPPA" <ebxml-cppa@lists.oasis-open.org>
> Sent: Monday, March 11, 2002 2:33 PM
> Subject: Re: [ebxml-cppa] isConfidential
> 
> 
> 
>>I took that as a given. However, as I indicated, it
>>really has nothing to do with "persistence on some
>>media". The fact that I use XML Encryption on a message
>>does not necessarily require any manner of persistence
>>(e.g. storage on some form of media such as hard disk).
>>
>>The confidentiality accorded a message that is characterized
>>as "isConfidential='persistent' is a function of the message
>>itself. isConfidential='transient-and-persistent' is a
>>function BOTH of the communications protocol that is used
>>to exchange the message between two adjacent network nodes
>>and of the message itself, independent of the mechanism
>>used to convey the message between network nodes.
>>
>>The fact that a message that has used a persistent form
>>of confidentiality *might* be stored (locally or elsewhere)
>>on some form of storage media is secondary to the definition
>>of what this property means.
>>
>>Cheers,
>>
>>Chris
>>
>>Tony Weida wrote:
>>
>>
>>>The isConfidential attribute has four potential values: "none",
>>>
> "transient",
> 
>>>"persistent", and "transient-and-persistent".  The cited text applies to
>>>
> the
> 
>>>persistent cases.  Sorry for omitting the qualification.  THe motivation
>>>
> is
> 
>>>to address the case of confidential exchange between applications, not
>>>merely MSHs.
>>>
>>>----- Original Message -----
>>>From: "Christopher Ferris" <chris.ferris@sun.com>
>>>To: "Tony Weida" <rweida@hotmail.com>
>>>Cc: "CPPA" <ebxml-cppa@lists.oasis-open.org>
>>>Sent: Monday, March 11, 2002 2:09 PM
>>>Subject: Re: [ebxml-cppa] isConfidential
>>>
>>>
>>>
>>>
>>>>Why would persistence (I assume on some media) be a
>>>>consideration? True, the confidentiality is "persistent",
>>>>but persistent only to the degree that the feature is
>>>>not a function of the transfer or transport mechanism
>>>>but of the message itself.
>>>>
>>>>Tony Weida wrote:
>>>>
>>>>
>>>>
>>>>>Here's the text we arrived at during the last call to characterize
>>>>>isConfidential:
>>>>>
>>>>>
>>>>>
>>>>>   "...persisted locally in encrypted form, and made available to the
>>>>>   application in accordance with local security policies implemented
>>>>>   to preserve confidentiality."
>>>>>
>>>>>
>>>>>
>>>>>Tony
>>>>>
>>>>>
>>>>>
>>>>
>>
>>
>>----------------------------------------------------------------
>>To subscribe or unsubscribe from this elist use the subscription
>>manager: <http://lists.oasis-open.org/ob/adm.pl>
>>
> 



----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>