[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [emergency] SBE Viewpoint
These have been the most interesting email threads we’ve seen in
a long time. Discussing security issues is almost as much fun as religion or
politics. From the top level this is as much an issue addressing all our
standards, and therefore cannot be limited to the current CAP proposal. The
solution, whatever it may be, needs to be applied uniformly throughout our
work. CAP 1.2 is not the place to make this decision. As such I would propose we make this issue the subject of a separate
sub-committee and have the results apply to the TC in general the same way we
approach GIS. I’m voting yes to approve. Rob 805-551-6232 From: Ron Lake
[mailto:rlake@galdosinc.com] Hi David: I don’t disagree with what you are saying, but I think it is an
issue for message envelope and envelope handling (my main point) and not
message content. XML signatures I think would go a long way in practical
terms of providing identification of the source, non-tampering with the
contents, and non-repudiation.
From: David RR Webber
(XML) [mailto:david@drrw.info] Ron, I wish that your example with digital signature was
so! All this does is increase confidence that the probability might
be. Nothing digital can be absolute. Dave gives some great scenario insights between single key nuclear
authorization systems and by comparison a distributed emergency
alerting system. How do the people driven systems work today? I think we can
learn a lot from studying how say an evacuation order from Wash DC gets
actioned. What I'm seeing is that you have a system where multiple channels
contribute to your confidence that the information you are receiving is
authentic. People will "pick up the phone" and talk first hand
particularly. Now compare that to say a campus building alert
system. Perhaps you would allow that to be automatically triggered
without more verification. Or a home system that summons an ambulance or
law enforcement response. So - what I'm seeing is that you need a supporting system of level
of authority and increasing confidence compared to the seriousness of the
action requested. This should be something you can publish as implementation non-normative
notes that support the specification. In this regard again - notice that today on the ebCORE TC - Pim
published a standalone CPA ID specification garnered from the original eXML
CPPA - so that you can create these kinds of trust relationships - beyond the
mechanics of digital signatures and encryption alone. Nice thing is this
is then standalone - not dependent on transport delivery system specifically -
but supports the role and context needed - that is otherwise missing from the
simple message exchange data. Thanks, DW
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]