OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

emergency message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [emergency] SBE Viewpoint

Strongly agree. 
I also was pointing to the ebXML CPA as an example of mechanisms that link between the exchange message envelope and the ability to determine what the relationship is between the bits and bytes and the real world.
BTW - I've just recalled another nifty feature of CPA - the CPA ID - which can be private.  So even if I managed somehow to get hold of someones digital certificate for signing messages - I may not know what the CPA ID is that defines the relationship between X and Y - because as partner W with Y - I have never seen the CPA ID they are using.  And the CPA ID can be specific to message exchanges - so I may have different values depending on the types of messages in an exchange.
Conversely - where is proves problematic to have digital certificates - they are not the easiest thing to say shoehorn into a device - whereas a CPA ID code can be used in a configuration to authenticate the relationship and exchange.
To the general discussion though - seems to me - need is to add supporting documents and profiles of use to the base schema in the CAP spec's - rather than retooling the schema persay.
These profiles are things you can vote on separately - and implementers will want to use then to supplement the schema.
Mentioning which - as Chair of CAM TC - I need to mention that CAM templates provide a great way to specify profiles of use - that overlay on top of a generic schema - and provide the actual "rules of engagement" and content for specific application use.

Thanks, DW
-------- Original Message --------
Subject: RE: [emergency] SBE Viewpoint
From: "Ron Lake" <rlake@galdosinc.com>
Date: Mon, February 15, 2010 6:02 pm
To: "David RR Webber (XML)" <david@drrw.info>
Cc: "Gary Timm" <gtimm@journalbroadcastgroup.com>,
<emergency@lists.oasis-open.org>, "Oien,Chuck" <ctoien@sandia.gov>,
"Sanzero,George" <gsanzer@sandia.gov>, "Ammerlahn,Heidi"
<hrammer@sandia.gov>, "Lee Tincher" <ltincher@evotecinc.com>,
<rexb@starbourne.com>, "David E. Ellis" <dellis@sandia.gov>

Hi David:
I don’t disagree with what you are saying, but I think it is an issue for message envelope and envelope handling (my main point) and not message content.  XML signatures I think would go a long way in practical terms of providing identification of the source, non-tampering with the contents, and non-repudiation.

From: David RR Webber (XML) [mailto:david@drrw.info]
Sent: February 15, 2010 2:17 PM
To: Ron Lake
Cc: Gary Timm; emergency@lists.oasis-open.org; Oien,Chuck; Sanzero,George; Ammerlahn,Heidi; Lee Tincher; rexb@starbourne.com; David E. Ellis
Subject: RE: [emergency] SBE Viewpoint
I wish that your example with digital signature was so!  All this does is increase confidence that the probability might be.  Nothing digital can be absolute.
Dave gives some great scenario insights between single key nuclear authorization systems and by comparison a distributed emergency alerting system.
How do the people driven systems work today?  I think we can learn a lot from studying how say an evacuation order from Wash DC gets actioned.
What I'm seeing is that you have a system where multiple channels contribute to your confidence that the information you are receiving is authentic.  People will "pick up the phone" and talk first hand particularly.  Now compare that to say a campus building alert system.  Perhaps you would allow that to be automatically triggered without more verification.  Or a home system that summons an ambulance or law enforcement response.
So - what I'm seeing is that you need a supporting system of level of authority and increasing confidence compared to the seriousness of the action requested.
This should be something you can publish as implementation non-normative notes that support the specification.
In this regard again - notice that today on the ebCORE TC - Pim published a standalone CPA ID specification garnered from the original eXML CPPA - so that you can create these kinds of trust relationships - beyond the mechanics of digital signatures and encryption alone.  Nice thing is this is then standalone - not dependent on transport delivery system specifically - but supports the role and context needed - that is otherwise missing from the simple message exchange data.
Thanks, DW

-------- Original Message --------
Subject: RE: [emergency] SBE Viewpoint
From: "Ron Lake" <rlake@galdosinc.com>
Date: Mon, February 15, 2010 4:48 pm
To: "Lee Tincher" <ltincher@evotecinc.com>, <rexb@starbourne.com>,
"David E. Ellis" <dellis@sandia.gov>
Cc: "Gary Timm" <gtimm@journalbroadcastgroup.com>,
<emergency@lists.oasis-open.org>, "Oien, Chuck" <ctoien@sandia.gov>,
"Sanzero, George" <gsanzer@sandia.gov>, "Ammerlahn, Heidi"


I would also expect that one can do this using existing specifications
for messaging such as XML Signatures (W3C) (as part of the solution).
In XML Signatures, one mulches the message being sent using an
appropriate mulching or digestion algorithm (analogous to computing a
CRC) and gets an encrypted string (containing also the sender's
credentials)) that is sent with the message. The receiver uses the
encrypted string to run the received message through the same mulching
algorithm and compares the result with the received string. If they
match, the content MUST have come from the indicated sender (they cannot
deny it) and it must have not been tampered with.

For a better description of this see

The main point is that it has nothing to do with the content of the


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]