[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [ebxml-cppa] isConfidential
Forwarding from ewtg list ************************************************************************************* Martin W. Sachs IBM T. J. Watson Research Center P. O. B. 704 Yorktown Hts, NY 10598 914-784-7287; IBM tie line 863-7287 Notes address: Martin W Sachs/Watson/IBM Internet address: mwsachs @ us.ibm.com ************************************************************************************* ----- Forwarded by Martin W Sachs/Watson/IBM on 03/12/2002 10:34 AM ----- Buchinski.Ed@tbs- sct.gc.ca To: pallavi.g.malu@intel.com, ebtwg-bps@lists.ebtwg.org cc: Buchinski.Ed@tbs-sct.gc.ca 03/12/2002 10:17 Subject: RE: [ebxml-cppa] isConfidential AM I can understand the argument being made but security has to extend beyond mere data transfer. The efforts and success achieved by ebXML in creating a "contractually binding" environment should not be compromised by lax security at the application end. My understanding is that we are conveying business semantics - not how to ensure persistence. -----Original Message----- From: Malu, Pallavi G [mailto:pallavi.g.malu@intel.com] Sent: March 11, 2002 3:11 PM To: 'ebtwg-bps@lists.ebtwg.org' Cc: 'Buchinski.Ed@tbs-sct.gc.ca' Subject: FW: [ebxml-cppa] isConfidential -----Original Message----- From: Christopher Ferris [mailto:chris.ferris@sun.com] Sent: Monday, March 11, 2002 12:33 PM To: Tony Weida Cc: CPPA Subject: Re: [ebxml-cppa] isConfidential I took that as a given. However, as I indicated, it really has nothing to do with "persistence on some media". The fact that I use XML Encryption on a message does not necessarily require any manner of persistence (e.g. storage on some form of media such as hard disk). The confidentiality accorded a message that is characterized as "isConfidential='persistent' is a function of the message itself. isConfidential='transient-and-persistent' is a function BOTH of the communications protocol that is used to exchange the message between two adjacent network nodes and of the message itself, independent of the mechanism used to convey the message between network nodes. The fact that a message that has used a persistent form of confidentiality *might* be stored (locally or elsewhere) on some form of storage media is secondary to the definition of what this property means. Cheers, Chris Tony Weida wrote: > The isConfidential attribute has four potential values: "none", "transient", > "persistent", and "transient-and-persistent". The cited text applies to the > persistent cases. Sorry for omitting the qualification. THe motivation is > to address the case of confidential exchange between applications, not > merely MSHs. > > ----- Original Message ----- > From: "Christopher Ferris" <chris.ferris@sun.com> > To: "Tony Weida" <rweida@hotmail.com> > Cc: "CPPA" <ebxml-cppa@lists.oasis-open.org> > Sent: Monday, March 11, 2002 2:09 PM > Subject: Re: [ebxml-cppa] isConfidential > > > >>Why would persistence (I assume on some media) be a >>consideration? True, the confidentiality is "persistent", >>but persistent only to the degree that the feature is >>not a function of the transfer or transport mechanism >>but of the message itself. >> >>Tony Weida wrote: >> >> >>>Here's the text we arrived at during the last call to characterize >>>isConfidential: >>> >>> >>> >>> "...persisted locally in encrypted form, and made available to the >>> application in accordance with local security policies implemented >>> to preserve confidentiality." >>> >>> >>> >>>Tony >>> >>> >> >> > ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl> ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.ebtwg.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC