Re: [emergency] Identity and Authority ( was RE: CAP Visualization...)

[Rex Brooks <rexb@starbourne.com>]

I certainly don't mind. I'm overdue for a dunking in the security 
specifications pool. It's gonna havta wait till at least next Monday, 
though. My plate is overflowing. So much so, in fact that I am not 
gonna get my treasured grant proposals out on time. sigh. I'll live, 
but I have to do better at this.

Ciao,
Rex

At 11:14 AM -0600 6/9/04, Carl Reed wrote:
>Hope you do jot mind my opening this dialogue up again :-) A couple of
>thoughts on work being done by other standards/specifications organizations
>that could be used to address (solve?) the issue of identity and authority.
>
>In late May, I attended a seminar on DRM (Digital Rights Management). There
>was much discussion on Rights Expression Languages. Rights expression
>languages (RELs) are emerging in the information community that support
>different aspects of the digital access environment -- licensing, payments,
>web material, use control, access, etc. One such language is Open Digital
>Rights Language (ODRL). ODRL is a general-purpose language that allows, but
>does not require, some actionable control over resource use. It was designed
>as an open standard for industry and community use.
>
>The other place to is the Geography and Privacy (GeoPriv) working group of
>the IETF. The mission of this WG is to define encoding rules for privacy and
>authority. Any location payload, such as a CAP message, would be "wrapped"
>the a GeoPriv privacy encoding capsule. The intent is to provide protection
>from unauthorized access and use of location information as it pertains to
>privacy.
>
>Cheers
>
>Carl
>
>----- Original Message -----
>From: "Art Botterell" <acb@incident.com>
>To: "Rex Brooks" <rexb@starbourne.com>; "Kon Wilms"
><kon.wilms@ndsamericas.com>; <emergency@lists.oasis-open.org>
>Sent: Thursday, May 20, 2004 5:46 PM
>Subject: RE: [emergency] Identity and Authority ( was RE: CAP
>Visualization...)
>
>
>>  At 4:30 PM -0700 5/20/04, Rex Brooks wrote:
>>  >We chose not to make these decisions in the spec, but ought we
>>  >provide the reason why and suggest some best practices for various
>>  >levels of trust and security in the implementation/implementor's
>>  >guide?
>>
>>  My question would be whether we might be duplicating work being done
>>  in other TCs and other organizations?  Most of these issues are
>>  universal in web services applications of all sorts and
>>  telecommunications in general.
>>
>>  - Art
>>
>>
>>  To unsubscribe from this mailing list (and be removed from the roster of
>the OASIS TC), go to
>http://www.oasis-open.org/apps/org/workgroup/emergency/members/leave_workgroup.php.
>>


-- 
Rex Brooks
GeoAddress: 1361-A Addison, Berkeley, CA, 94702 USA, Earth
W3Address: http://www.starbourne.com
Email: rexb@starbourne.com
Tel: 510-849-2309
Fax: By Request