RE: [ebxml-iic] Deployment Profile Template for OASIS Specification ebXML Message Service 2.0

[Jacques Durand <JDurand@us.fujitsu.com>]

Title: RE: [ebxml-iic] Deployment Profile Template for OASIS Specification ebXML Message Service 2.0

Sacha:
Inline

-----Original Message-----
From: Sacha Schlegel [mailto:sschlegel@cyclonecommerce.com]
Sent: Monday, June 13, 2005 11:33 AM
To: ebxml-iic
Subject: [ebxml-iic] Deployment Profile Template for OASIS Specification ebXML Message Service 2.0

Deployment Profile Template

For OASIS Specification ebXML Message Service 2.0
--------------------------------------------------

I think this is a very nice and usefule document.

Reading through the document I came across some questions that I want to
share with you.

p.3 Where is conversation ID? In relation to ebBP the conversation ID is
of high importance. This is the ID which is uesd to correlate all
business messages (ebXML messages) which belong to the execution of one
instance of a collaborative business process. Potentially backend
applications, or middleware applications are interested in this ID for
that correlation. So I was surprised to not find the conversation ID in
the profile template.

<JD> per today's call, I will add it in next revision.

p.9 Did you consider ebXML CPA templates? Admitting that the crux with a
CPA template is, that it is not complete, eg it is an incomplete CPA. Or
in other words there is no way to validate a CPA template. The problem
increases when the ebXML MSH accepts a CPA template which can come from
any place. Maybe there has not been enough enduser CPA template
requirements, yet.

Such a profile may be used to configure a default CPA template for this
community ...

<JD> per today's call, there seems to be a consensus that CPA template is the next one to do.

p18. 3.1.3 CPAID
This seems to be a good question and I am also looking for best practice
for this. On top, the same is true for the filename of the CPA. One of
the questions is, whether the CPA ID is mainly read by the system or
also by the end user (eg it may show up in the user interface). If the
CPA id is used by an enduser, I would suggest to also add the Party
Names into the CPA ID to just make it more human readable.

<JD> Any profiling of filenames for CPAs would fall under 4.1. I'll add a line on this in its table.

p.20, 3.1.5 Action
Do you have a reference (maybe add it to the reference list at the end
of the document) of the "EAN-UCC-Message Service Implementation Guide"?

<JD> right.

p.32, 3.3 Error Handling
Profiling (c) on how to report errors. This seems to be part of a
general question I have: "Who is responsible for the collaboration? The
ebXML MSH, a middlware, the backend application?"
Do you have best practices here?

<JD> not sure how this question translates into profiling ebMS error handling...

p.38, 3.5.6  Reliablity Protocol
Profiling (c) on what if the error message cannot be delivered. What is
best practice? Alerting through email, alerting through email and phone
calls?

<JD> I guess that is left to profiling. I will add a line on this in section 4.4.

p.46, 3.11.3 on HTTP Access Control
Maybe add a question how the parties intend to exchange user name and
passwords for HTTP authentication. A user name and password will not be
part of the CPA.

<JD> Will add a line in 4.2, please check.

p.50, 4.1 Deployment and Processing requirements for CPA's
CPA management seems to become a major requirement for ebXML end users.
One of the reasons for that is the requirement to have exactly one CPA
with every trading partner. So if a big party has 1000 trading partners,
it will have at least 1000 CPA's. What happens if a CPA terminates (end
date of CPA is reached), a party wants to support a new ebBP, a
certificate has to be changed (if it is the big party who wants to
exchange the certificate it is required to change every CPA which used
the old certificate), a party whishes to change the transport protocol,
or change a flag for digital signatures, or changes endpoint address,
etc.

<JD> as far as ebMS Template is concerned, that below should be under 4.1.
We could detail a bit more 4.1. (can you come-up with additional lines to the table?)

So in that regard a good question for a profile may be: Who is
responsible to create, update and distribute CPA's?

Possible answers can be: organisation X (a not for profit organisation),
the parties have to define themselves ... 

Maybe the answer to the question is not important but rather the the
parties are concious that they will have a CPA management requirement.

As a side note, it seems that today we omit to take the path through
CPP's and go directly to CPA's.

<JD> Right. Maybe we should add at least a line on CPP in 4.1?

p.50, 4.1 Deployment and Processing requirements for CPA's
Maybe add a question whether there is preferred tool to use for handling
CPA's for this community. But then again this has not much to do with
ebMS ...

So I think a Deployment Profile Template for CPA's would be a good thing
to have as well ;) And then one for ebBP on top of that ;)

Kind regards

Sacha

---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in OASIS
at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php