OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

soa-rm-ra message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: Willingness based on Trust discussion

I have just three notes but prefer not using this computer for file detachmentSorry for the inconvenience. So, here they are:

1) in the section Background: From SOA-RM:  The initiator in a service interaction MUST be aware of the other parties  I think there should be party because there are only two participants in each individual interaction. If we also consider a broadcast-like interaction, awareness about other parties is OPTIONAL, not MUST.

2) in the section Inputs for SOA-RA:  Although the objective of any SOA interaction is no Risk  I think that this is not necessary correct; I have never heard about such objective as no Risk, it does not exist as well as absolute security. I propose the following: interaction is minimal Risk  or  interaction is acceptable Risk

3) in the section Inputs for SOA-RA:  Although the SOA-RM states, policies may be documented in the service description, in fact they can be established at any time in the SOA conversation and at any level of the IP Stack (e.g. SSL with both Server and Client Certificates)  I do like this line of thoughts; to continue it we can say something like: Policies established during the SOA conversation MUST be included into the service contract (in addition to and/or instead of the policies identified before the SOA conversation).
 
Plus, SSL with both Server and Client Certificates does not seem to me as a policy but rather as a result of the policy application. The policy in this case might be formulated as Communication between Server and Client must use SSL with both Server and Client Certificates

- Michael

________________________________________
Subject: Willingness based on Trust discussion
	From: "David E. Ellis" <dellis@sandia.gov> 
	To: "'Ken Laskey'" <klaskey@mitre.org>,"'Rex Brooks'" <rexb@starbourne.com> 
	Date: Tue, 12 May 2009 08:01:18 -0600 
________________________________________
Title: Willingness based on Trust discussion
Ken, Rex
Attached is a preliminary discussion of Trust.  I feel we need more words but please review for tomorrows meeting.  I will try to attend but I am in a IUBIP conference.
Dave <<...>> 
<Trust section.doc>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]