RE: [ebxml-msg] Updated requirements list for your perusal

ebxml-msg message

Subject: RE: [ebxml-msg] Updated requirements list for your perusal

From: "Ahmed, Zahid" <zahid.ahmed@commerceone.com>

To: 'Cliff Collins' <collinsc@sybase.com>, Doug Bunting <db134722@iplanet.com>,"Jones, Ian" <ian.c.jones@bt.com>

Date: Fri, 25 Oct 2002 17:08:49 -0700

Title: ebXML Requirements List

BTW, Requirements #11, #15, and #16 are related to the support of OASIS WSS (WS-Security)

since:

- WS-Security will support how W3C XML encrypted content can be referenced from

the SOAP Security header extension

- WS-Security will support how SAML Assertions can be carried and referenced from

SOAP Security header extension

I would recommend, hence, that these 3 requirements be consolidated eventually w.r.t.

incorporation into ebXML Messaging specification. For now it is OK to manage them individually,

if it will help in prioritizing them. I think all 3 of them have high priority w.r.t security interop.

W.r.t. #11 another issue is related to if ebXML 3.0 supports W3C XML Encryption using

WS-Security what backward compatibility support for S/MIME encryption will be required?.

S/MIME encryption is basically PKCS7 encryption plus relevant MIME content-types. This

issue, per se, has some additional sub-issues.

Finally, I am glad we are capturing Requirement # 24 although I would recommend

atleast an medium to high priority level for #24(a) rather than low.

Doug, thanks for updating this list

thanks,

Zahid

-----Original Message-----
From: Cliff Collins [mailto:collinsc@sybase.com]
Sent: Friday, October 25, 2002 4:58 PM
To: Doug Bunting; Jones, Ian
Cc: ebXML Messaging
Subject: RE: [ebxml-msg] Updated requirements list for your perusal

I would like to see #7 not pushed to "NO".

Maybe I missed discussion on this but I think it is valuable and should be included in an optional section. It's a method that already has at least 3 implementers from the last round of Drummond testing.

In addition, I think the encapsulation model should be examined for doing compression (#26). This allows for shrinking the message at the MSH level. Doing things to payloads directly has the same problem SMIME had in MS 2.0. It's unclear whether the BP or the MSH should "undo" the operation when the message is received. Encapsulation also allows for compression and SMIME to be done on the same message and it results in some very nice performance improvements.

Cliff

-----Original Message-----
From: Doug Bunting [mailto:db134722@iplanet.com]
Sent: Friday, October 25, 2002 4:28 PM
To: Jones, Ian
Cc: ebXML Messaging
Subject: [ebxml-msg] Updated requirements list for your perusal

ebXML Requirements List 10 October 2002

The following table contains all the requirements currently identified for future releases of the ebXML Messaging Service

Requirements List

Number

Description

Priority

Type

Raised By

Release

1

What about dealing with SOAP1.2? We could prepare to have a version compatible with SOAP1.2 when it changes status to PR or REC. That would involve some namespace changes and a change to the HTTP Binding as well as treatment of attachments.

M-H

Specification

Chris Ferris

3.0

2

Capture, answer and resolve any question and issues raised against version 2.0

M-H

General

Ian Jones

3.0

3

The Business interface layer has never been written - do we still need it?

M

Specification

Ian Jones

3.0

4

A document to describe the minimum implementation.

L

Documentation

Ian Jones

3.0

5

A primer/introduction to the messaging service.

L-M

Documentation

Ian Jones

3.0

6

The IIC TC is producing a conformance test/suite/documentation for version 2.0, the MSG TC will support this work.

L

Documentation

Ian Jones

3.0

7

Encryption (encrypt the entire document including MIME headers) Decided this issue was about extending beyond the current vague pointer towards XML Encryption to include additional features. See 11 as well.

NO

Specification

David Fischer

3.0

8

Forwarding/Multi-hop (especially with the identified problems with Signatures)

[1]

Specification

David Fischer

3.0

9

Third-Party Processing (Intermediate Timestamps...)

hold for 8

Specification

David Fischer

3.0

10

Chunking (sending extremely large files in pieces)

NO

Specification

David Fischer

3.0

11

Now that XML Encryption is a W3C candidate recommendation, we ought to figure out how it is to be used in conjunction with ebMS.

H

Specification

Arvola Chan

3.0

12

We also may want to coordinate with the CPP/A team to determine how intermediaries ought to be configured.

[3]

Specification

Arvola Chan

3.0

13

Future releases should be backward compatible to version 2.0.

[4]

Specification

Duane Nickull

All

14

Query supported versions and functionality - This needs to relate to CPPA discovery may duplicate function but could be useful in a Web Service framework.

L-M

Specification

Ian Jones

3.0+

15

Include SAML based authentication of MSH's and ebXML message originating parties.

hold for 16

Specification

Zahid Ahmed

3

16

Alignment with WS-Security TC work.

H

Specification

Doug Bunting

3

17

Alignment with BPSS group around conversational semantics.

H

Specification

Doug Bunting

3

18

Modularity for increased flexibility and ability to use other, emerging Web service standards.

H

Specification

Doug Bunting

3

18a

Extend modularity to support inclusion of ebXML features in other Web service standards. For example, WS-Reliability, WS-Conversations and WS-Manifest.

M

Specification

Doug Bunting

3

19

Default CPA [this may overlap with item 4] to (for example) support CPA negotiation phase.

M

Specification

Jacques Durand

3

20

Revisit SyncReply around a) constraints on use b) inclusion in a synchronous response and c) significant differences between mshSignals and other syncReplyMode settings (implementation barriers if all are required).

H

Specification

Jacques Durand

3

21

Issues around reliability such as permanent disconnects – meaning of reliability features in specification.

M

Specification

Jacques Durand

3

21a

Issues around reliability – better describe the failure conditions.

H

Specification

Jacques Durand

3

22

Deal with multiple MSH's – issues for clusters. Resolution leaned towards new requirements for such clusters to externally function as a single MSH, make the interface to the cluster identical to the interface to a single MSH.

M

Specification

Jacques Durand

3

23

Other BPSS alignment issues as they arise.

H

Specification

Jacques Durand

3

24

Alignment with WSDL group and their output. Options include a) WSDL binding to the ebXML Messaging protocol b) WSDL extensions to cover requiring ebXML Messaging headers and c) WSDL documents describing the services defined in our specification (ping and status query). The first two were thought to be CPP/A issues so priority is only for 24c.

L

Specification

Jacques Durand

3

25

Liaisons to WSS TC or OASIS Security JC, BPSS group, W3C WG's, ...

VH

Group

??

ongoing

26

Support larger attachments (through compression for example, not chunking).

L-M

Specification

Jacques Durand

3

27

Explicit settings used when sending our services (without other content). May become a call for a larger set of default properties as described in 19.

L-M

Specification

Matt MacKenzie

3