ebxml-msg message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Subject: [ebxml-msg] ebXML Security
- From: "Miller, Robert (GXS)" <Robert.Miller@gxs.ge.com>
- To: ebxml-msg <ebxml-msg@lists.oasis-open.org>
- Date: Mon, 10 Dec 2001 14:32:03 -0500
Title: Reliable / Duplicate / Message Order Inconsistencies
As
followup to my concerns about the Security section of the ebXML MSG, I offer the
following observations.
1) The
Namespace defining the Security structures in the ebXML specification is a
namespace foreign to the ebXML namespace.
2) A
conforming SOAP processor will direct processing of the security structures to
the handler for that namespace, which might not be same handler as the ebXML
namespace handler. In fact, the ebXML processor might not even be aware of
the presence and execution of a security handler.
3) End
users must be free to purchase security add-on SOAP modules independent of
ebXML module
4)
None of the text in section 4.1 that relates to the definition of specific
elements defined by the "ds" namespace can be normative, as the normative
definition of these elements is in fact provided in a document prepared by
another organization (W3).
--------------
In my
opinion,
o
- that portion of section 4.1 that addresses specific constructs defined in
the"ds" namespace must be relocated to a non-normative Appendix.
o
- the ebXML MSG specification may (and probably should) provide guidance on
the use of non-ebXML SOAP extensions (such as security).
o
- ebXML conformance can only address conformance of ebXML specific modules.
In particular, it cannot address conformance with respect to those consturcts
fgoverned by a 'foreign' namespace.
o -
a locator reference to the W3 specification(s) for security should be
provided.
Cheers,
Bob Miller
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Powered by eList eXpress LLC