Re: [ebxml-cppa] isConfidential

["Himagiri(Hima) Mukkamala" <himagiri@sybase.com>]

+1 for comments from Chris, and that was the concern I raised in
the conf call.

Persistent confidentiality has nothing to do with persistence
of the message and only refers to persistent form of encryption
above the transport layer.

If BPSS describes it that way, it should either be corrected
or we need to get clarfiication.

-hima

Christopher Ferris wrote:

> Hmmm... then you'd better get some clarification.
> That wasn't what I was given to understand. Basically,
> the notions of persistent vs transient confidentiality, etc.
> were raised by me, not originating from BPSS. They
> had originally had just a boolean which could have
> been interpreted sixteen ways to sunday. Before that,
> they were implying specific technology solutions in
> their characterization which was also felt to be
> inappropriate as this is the realm not of the model, but
> of the agreement between parties and the common capabilities
> of their respective solutions.
>
> Cheers,
>
> Chris
>
> Dale Moberg wrote:
>
> > Also, persistence, or the idea that "a copy was to be
> > saved," was part of
> > the BPSS clarification
> > of what isConfidential was to
> > mean.
> >
> > Probably from the UMM, somewhere.
> >
> > Dale
> >
> > -----Original Message-----
> > From: Tony Weida [mailto:rweida@hotmail.com]
> > Sent: Monday, March 11, 2002 12:20 PM
> > To: Christopher Ferris
> > Cc: CPPA
> > Subject: Re: [ebxml-cppa] isConfidential
> >
> >
> > The isConfidential attribute has four potential values: "none",
> > "transient",
> > "persistent", and "transient-and-persistent".  The cited text applies to
> > the
> > persistent cases.  Sorry for omitting the qualification.  THe motivation
> > is
> > to address the case of confidential exchange between applications, not
> > merely MSHs.
> >
> > ----- Original Message -----
> > From: "Christopher Ferris" <chris.ferris@sun.com>
> > To: "Tony Weida" <rweida@hotmail.com>
> > Cc: "CPPA" <ebxml-cppa@lists.oasis-open.org>
> > Sent: Monday, March 11, 2002 2:09 PM
> > Subject: Re: [ebxml-cppa] isConfidential
> >
> >
> >
> >>Why would persistence (I assume on some media) be a
> >>consideration? True, the confidentiality is "persistent",
> >>but persistent only to the degree that the feature is
> >>not a function of the transfer or transport mechanism
> >>but of the message itself.
> >>
> >>Tony Weida wrote:
> >>
> >>
> >>>Here's the text we arrived at during the last call to characterize
> >>>isConfidential:
> >>>
> >>>
> >>>
> >>>    "...persisted locally in encrypted form, and made available to
> >>>
> > the
> >
> >>>    application in accordance with local security policies
> >>>
> > implemented
> >
> >>>    to preserve confidentiality."
> >>>
> >>>
> >>>
> >>>Tony
> >>>
> >>>
> >>
> >>
> >
> > ----------------------------------------------------------------
> > To subscribe or unsubscribe from this elist use the subscription
> > manager: <http://lists.oasis-open.org/ob/adm.pl>
> >
>
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>