OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

regrep-security message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [ebXML Registry Security] Deliverables etc.

I support the plan by Suresh.

BTW I recommend we leave ACP to be submitted and otherwsie managed out of band
in a registry specific way until V3 when xacml
is available. For V2.0 we still need to define ACP including cookie-cutter ones
in RIM and how it effects authorization. All I am saying
is lets keep ACP management out of RS so we dont have to spec the XML interface.
We can define RIM ACP class based on IBM's xacl etc.

"Damodaran, Suresh" wrote:

> Here is what I think we agreed to deliver.
> Please comment!
> The deliverables for V2.0 are the following
> 1. Security Risks document (all)
> 2. Application of XMLDSIG to Registry use cases (data integrity,
> authentication) (Sekhar)
> 3. Cookie cutter access control policies (Sekhar, Farrukh, Suresh)
> 4. Updated RIM and RS to apply (Farrukh)
> 5. Security profile content (all)
> How about we target Sept 17 to get the final cut (internal to security team)
> of 1, 2
> and an early draft of 3 & 5, and a proposal for 4?
> Meanwhile, we post interim versions to the security email list.
> Thanks,
> -Suresh
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>


org:Sun Microsystems;Java Software
adr:;;1 Network Dr. MS BUR02-302;Burlington;MA;01803-0902;USA
fn:Farrukh Najmi

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC