[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pki-tc] B2B & Transaction PKI
Arshad, I'm happy to finally see some more concrete guideline-related work! <snip> >B2B in my interpretation, is: non-GUI software products, transacting >programmatically with each other, without human interaction. This is indeed a variant of B2B. The classical way of purchasing goods is though still alive and kicking. Enclosed is a minimalistic picture of what I consider a highly valid "B2B" Transaction PKI usage. TC mermbers: Would this level in your opinion qualify as reasonable in a guideline? <snip> >An employee of a bank, ordering office supplies from the corporate >stationery supplier, using the web interface supplied by the supplier >is not a B2B transaction in my interpretation. Here we entered a confusing area. From a business point of view this is definitely B2B, but the technical solution is entirely different from the "classic" B2B model. In addition, there are quite a few organizations who combine these methods by using schemes known as "PunchOut" and "RoundTrip". MIT's ECAT is an example of this. These schemes are BTW from a PKI and security point-of-view extremely interesting. >So, to clarify, the Transaction PKI effort will specifically focus on >Browser-to-Application security. This is a very good definition. regards Anders
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]