BTW,
Requirements #11, #15, and #16 are related to the support of OASIS WSS
(WS-Security)
since:
- WS-Security will support how W3C XML
encrypted content can be referenced from
the SOAP Security header
extension
- WS-Security will support how SAML
Assertions can be carried and referenced from
SOAP Security header
extension
I
would recommend, hence, that these 3 requirements be consolidated eventually
w.r.t.
incorporation into ebXML Messaging specification. For now it
is OK to manage them individually,
if it will help in prioritizing them. I think all 3 of them
have high priority w.r.t security interop.
W.r.t.
#11 another issue is related to if ebXML 3.0 supports W3C XML Encryption
using
WS-Security what backward compatibility support for S/MIME
encryption will be required?.
S/MIME
encryption is basically PKCS7 encryption plus relevant MIME
content-types. This
issue,
per se, has some additional sub-issues.
Finally, I am glad we are capturing Requirement # 24 although I would
recommend
atleast an medium to high priority level for #24(a) rather
than low.
Doug, thanks for updating this list
thanks,
Zahid
I
would like to see #7 not pushed to "NO".
Maybe
I missed discussion on this but I think it is valuable and should be included in
an optional section. It's a method that already has at least 3 implementers from
the last round of Drummond testing.
In
addition, I think the encapsulation model should be examined for doing
compression (#26). This allows for shrinking the message at the MSH level. Doing
things to payloads directly has the same problem SMIME had in MS 2.0. It's
unclear whether the BP or the MSH should "undo" the operation when the
message is received. Encapsulation also allows for compression and SMIME to be
done on the same message and it results in some very nice performance
improvements.
Cliff
-----Original
Message----- From: Doug Bunting
[mailto:db134722@iplanet.com] Sent: Friday, October 25, 2002 4:28
PM To: Jones, Ian Cc: ebXML Messaging Subject:
[ebxml-msg] Updated requirements list for your perusal
ebXML Requirements List 10 October 2002
The following table contains all the requirements currently identified
for future releases of the ebXML Messaging Service
Requirements List
Number |
Description |
Priority |
Type |
Raised By |
Release |
1 |
What about dealing with SOAP1.2? We could prepare to have a
version compatible with SOAP1.2 when it changes status to PR or
REC. That would involve some namespace changes and a change to
the HTTP Binding as well as treatment of attachments. |
M-H |
Specification |
Chris Ferris |
3.0 |
2 |
Capture, answer and resolve any question and issues raised
against version 2.0 |
M-H |
General |
Ian Jones |
3.0 |
3 |
The Business interface layer has never been written - do we
still need it? |
M |
Specification |
Ian Jones |
3.0 |
4 |
A document to describe the minimum implementation. |
L |
Documentation |
Ian Jones |
3.0 |
5 |
A primer/introduction to the messaging service. |
L-M |
Documentation |
Ian Jones |
3.0 |
6 |
The IIC TC is producing a conformance
test/suite/documentation for version 2.0, the MSG TC will
support this work. |
L |
Documentation |
Ian Jones |
3.0 |
7 |
Encryption (encrypt the entire document including MIME
headers) Decided this issue was about
extending beyond the current vague pointer towards XML
Encryption to include additional features. See 11 as
well. |
NO |
Specification |
David Fischer |
3.0 |
8 |
Forwarding/Multi-hop (especially with the identified problems
with Signatures) |
[1] |
Specification |
David Fischer |
3.0 |
9 |
Third-Party Processing (Intermediate Timestamps...) |
hold for
8 |
Specification |
David Fischer |
3.0 |
10 |
Chunking (sending extremely large files in pieces) |
NO |
Specification |
David Fischer |
3.0 |
11 |
Now that XML Encryption is a W3C candidate recommendation, we
ought to figure out how it is to be used in conjunction with
ebMS. |
H |
Specification |
Arvola Chan |
3.0 |
12 |
We also may want to coordinate with the CPP/A team to
determine how intermediaries ought to be configured. |
[3] |
Specification |
Arvola Chan |
3.0 |
13 |
Future releases should be backward compatible to version 2.0.
|
[4] |
Specification |
Duane Nickull |
All |
14 |
Query supported versions and functionality - This needs to
relate to CPPA discovery may duplicate function but could be
useful in a Web Service framework. |
L-M |
Specification |
Ian Jones |
3.0+ |
15 |
Include SAML based authentication of MSH's and ebXML message
originating parties. |
hold
for 16 |
Specification |
Zahid Ahmed |
3 |
16 |
Alignment with
WS-Security TC work. |
H |
Specification |
Doug
Bunting |
3 |
17 |
Alignment with
BPSS group around conversational semantics. |
H |
Specification |
Doug
Bunting |
3 |
18 |
Modularity for
increased flexibility and ability to use other, emerging Web
service standards. |
H |
Specification |
Doug
Bunting |
3 |
18a |
Extend modularity
to support inclusion of ebXML features in other Web service
standards. For example, WS-Reliability, WS-Conversations and
WS-Manifest. |
M |
Specification |
Doug
Bunting |
3 |
19 |
Default CPA [this
may overlap with item 4] to (for example) support CPA
negotiation phase. |
M |
Specification |
Jacques
Durand |
3 |
20 |
Revisit SyncReply
around a) constraints on use b) inclusion in a synchronous
response and c) significant differences between mshSignals and
other syncReplyMode settings (implementation barriers if all are
required). |
H |
Specification |
Jacques
Durand |
3 |
21 |
Issues around
reliability such as permanent disconnects – meaning of
reliability features in specification. |
M |
Specification |
Jacques
Durand |
3 |
21a |
Issues around
reliability – better describe the failure
conditions. |
H |
Specification |
Jacques
Durand |
3 |
22 |
Deal with multiple
MSH's – issues for clusters. Resolution leaned towards new
requirements for such clusters to externally function as a
single MSH, make the interface to the cluster identical to the
interface to a single MSH. |
M |
Specification |
Jacques
Durand |
3 |
23 |
Other BPSS
alignment issues as they arise. |
H |
Specification |
Jacques
Durand |
3 |
24 |
Alignment with
WSDL group and their output. Options include a) WSDL binding to
the ebXML Messaging protocol b) WSDL extensions to cover
requiring ebXML Messaging headers and c) WSDL documents
describing the services defined in our specification (ping and
status query). The first two were thought to be CPP/A issues so
priority is only for 24c. |
L |
Specification |
Jacques
Durand |
3 |
25 |
Liaisons to WSS TC
or OASIS Security JC, BPSS group, W3C WG's, ... |
VH |
Group |
?? |
ongoing |
26 |
Support larger
attachments (through compression for example, not
chunking). |
L-M |
Specification |
Jacques
Durand |
3 |
27 |
Explicit settings
used when sending our services (without other content). May
become a call for a larger set of default properties as
described in 19. |
L-M |
Specification |
Matt
MacKenzie |
3 |
|