[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ebxml-msg] Australian Tax Office ebMS3/AS4 profile feedback from this TC
Hello,
Good comments from Sander and Theo. Here are
some additions:
Section 2, the AS4 profile reference could be updated to
the more recent "Candidate OASIS Standard" version, or more generally to
the latest release at http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/profiles/AS4-profile/v1.0/.
Section 3.2, there is a defined default role in Core
Spec 5.2.2.3, but I would think that the profile and business
processes should be organized so that there are always specific roles.
Section 3.2.3, my personal preference would be to not
include a Pmode ID type attribute in ebMS messages but to infer Pmodes from
ebMS header attributes.
In (the second) section 4.2 there is a reference to
"Username/password based security": this is referencing WS-Security
UsernameToken (rather than e.g. HTTP authentication) as mentioned in the
appendix, it may be worthwhile to be explicit on this here. It is
also probably worth mentioning that X509-based security is explicity not
required.
Section 4, none of the profiles use WS-ReliableMessaging
or WS-Reliability, which is good but could perhaps be stated
explicitly. (AS4 does not strictly prohibit use of WS-RM, although
it clearly proposes the AS4 reliable messaging features as the better
option).
Appendix, not sure what the purpose of a default Pmode
ID is, especially if there will be distinct pmodes for various business actions
and parties. Also see above.
Appendix, my recommendation for use of the UsernameToken
would be to include the Digest, Nonce, and Created options. These do not
seem hard to implement even in low-end products, so requiring them in
products is not a barrier for vendors.
Appendix, the default
parameters for retries only support retries up to 3 minutes. To be
more robust, I would recommend retries for much longer intervals,
if the business process allows this. Appendix 4, JoinInterval, it may be safe to set
this to a really high value. If this feature is used to transfer
multi gigabytes messages, then that transfer probably does not fail to fail if
it does not succeed in an hour.
From: ebxml-msg@lists.oasis-open.org [mailto:ebxml-msg@lists.oasis-open.org] On Behalf Of Sander Fieten Sent: 30 October 2012 22:38 To: ebxml-msg@lists.oasis-open.org Subject: Re: [ebxml-msg] Australian Tax Office ebMS3/AS4 profile feedback from this TC I am also travelling tomorrow during the call and therefor not able to
join. I also reviewed the document and these are my remarks:
Regards,
Sander
On Oct 30, 2012, at 10:44 , Theo Kramer wrote:
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]