[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Use Cases & Requirements, Straw Man 1
I have some comments on the current use case and requirements document. First thanks to Evan Prodromou for pulling together the first cut in a short time. One of the goals listed is SOAP as a messaging protocol. SOAP was one of the inputs to the XML Protocol group in W3C. I don't follow that group, but my understanding is that they are scheduled to have a candidate recommendation by April 2001. Therefore wouldn't it be better to have "XML Protocol" instead of SOAP? One of the non-goals is listed as: "Challenge-response authentication protocols are outside the scope of [OSSML]." Therefore are all other possible classes of authentication protocols in? If we want to restrict the authentication protocols allowed, then I think it would be better to list the ones in-scope explicitly. Scenario 2, first paragraph seems to have text missing. It ends: "in order to determine " In the two "Back office scenarios", I didn't understand the value of the buyer and seller exchanging "authentication documents". Should it be "authorization/assertion documents"? I think I might not only need who I am engaging in a transaction with, but also if they are authorized to do so. A similar comment applies to the Application chain. Finally, I think we have lost some of the valuable aspects of scenario 2 from the S2ML specification. In that scenario two exchanges were identified, and one of the exchanges (exchange A) was inserting statements into the documents as they flowed thru it. Regards, Nigel.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC