[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: T2 Non repudiation and MSG, CPP/A, BPSS spec alignment
NRR and RM are not orthogonal. We need to send a Receipt to the sender stating that the Message has arrived -- RM. NRR is something we add to a Receipt to ensure authenticity. Security is never orthogonal to anything. Security is always an add-on. Regards, David Fischer Drummond Group. -----Original Message----- From: Arvola Chan [mailto:arvola@tibco.com] Sent: Thursday, August 30, 2001 12:28 PM To: ebxml-msg@lists.oasis-open.org Cc: ebxml-cppa@lists.oasis-open.org Subject: T2 Non repudiation and MSG, CPP/A, BPSS spec alignment The BPSS spec says that nonRepudiationOfReceipt (NRR) is tied to the ReceiptAcknowledgement signal. NRR and reliable messaging are orthogonal. A business process may specify the non repudiation of receipt for the requesting business activity business message and/or the repudiation of receipt for the responding business activity business message, without requiring that reliable messaging be used. I think the Messaging Service should not tie NRR to the DeliveryReceipt element if the latter is used exclusively in reliable messaging. The MSH is not responsible for validating the syntax of payloads. NRR at the MSH level does not really implement NRR as called for by the business process specification. NRR at the BPSS level includes syntax validation on the payloads. Receipt Acknowledgement business signals have to be persisted in order to satisfy legal requirements implied by NRR. I just don't see the utility of persisting the DeliveryReceipt generated at the MSH level in addition to the ReceiptAcknowledgement signal. This may just be unnecessary overhead. Currently, NRR parameters are tied to the DeliveryChannel element in the CPP/A. According to Marty, these parameters may have to be relocated / added to the ProcessSpecification and/or the Role element in order to properly model the non repudiation requirements associated with the business process. I strongly feel that non repudation is one area that the MSG, CPP/A, and BP groups must closely coordinate among themselves in their 1.1 specifications. -Arvola ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC