OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

soa-rm-ra message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [soa-rm-ra] agenda this week [was: [soa-rm-ra] Latest (Last?) draft of the RAF]


Hi Guys,

Since this is very similar to the approach I first proposed 4.5-5 years ago, I don't have a problem with it. In fact, with the intervening years, I like it more now than I did then since, as a foundational reference architecture, the fundamentals of security, including those most relevant to SOA, simply should not be ignored. Laying it out like this says to those who wish to conform to this model that they MUST be responsible for mitigating the whole range of security threats, which are potentially MUCH more harmful in the SOA Ecosystem and not just those which are more relevant to the SOA Ecosystem.

Cheers,
Rex

On 7/11/2012 4:49 AM, Mike Poulin wrote:
Hi All,
 I have technical problems today with both telephone and computer. I have prepares relatively detailed comment for today agenda but have to send a short version for now.

I agree with the text that Peter distributed the last time except 3 points:

1) I do not represent Fidelity any more (in Pareticipants list) but I am an Independent Member :-)

2) Regarding RM - ODP: text about them is too detailed and leaves an impression that we just repeated their work. I propose to suppress this text and add our major differences: SO Ecosystem that lasts far beyond  enterprise boundaries (while RM-ODP does not go across them, and the definition and declaration the SO Ecosystem is in Business as well as in Technology (even Business Services in RM-ODP do not clearly indicate that they consider SOA in Business, for business teams)

3) I believe that section 5.2 Security Model has to be re-worked. Currently, it is written in the style ike 'here is security and, BTW, it also applicable to SOA'. I propose to change the approach in a way: 'here are specifics of security in SOA and here is how we recommend to address them'. The rest of security stuff is known and may be simply referred to appropriate standards.

I acn help Kevin to identify SOA specifics in security if he wants.

Regards,
- Michael

 

----- Original Message -----

From: Ken Laskey

Sent: 07/09/12 03:49 AM

To: 'Peter F Brown', soa-rm-ra@lists.oasis-open.org

Subject: [soa-rm-ra] agenda this week [was: [soa-rm-ra] Latest (Last?) draft of the RAF]


I had an Outlook crash, so I’m sending again with a revised subject. 

 

 

 

 

 

Ken

 

 

 

 

 

From: Ken Laskey [mailto:klaskey@mitre.org]
Sent: Sunday, July 08, 2012 10:47 PM
To: 'Peter F Brown'; 'soa-rm-ra@lists.oasis-open.org'
Subject: RE: [soa-rm-ra] Latest (Last?) draft of the RAF

 

 

 

 

 

All,

 

 

 

 

 

Please look over the material uploaded by Peter.  On Wednesday, I’d like to vote on accepting the responses to the outstanding issues and to declare that we have addressed all comments submitted against the last public review.  I would then like to set a schedule for

 

 

1.       subcommittee review so we can submit to the full TC

 

 

2.       notice to the full TC for a meeting to approve a new Committee Specification and a new public review

 

 

3.       new public review and, in particular, how long of a review.

 

 

The Public Review length should take into account people being away for summer.

 

 

 

 

 

Chet and Jamie – if you are lurking, how long is it now taking from request for a public review to the documents being ready to go out?

 

 

 

 

 

I am assuming the meeting this Wednesday (July 11) will begin at noon ET so I can cover the IEEE call.

 

 

 

 

 

Happy reading.

 

 

 

 

 

Ken

 

 

 

 

 

---------------------------------------------------------------------------

 

 

Dr. Kenneth Laskey

 

 

MITRE Corporation, M/S H305              phone: 703-983-7934

 

 

7515 Colshire Drive                                    fax:        703-983-1379

 

 

McLean VA 22102-7508

 

 

 

 

 

From: soa-rm-ra@lists.oasis-open.org [mailto:soa-rm-ra@lists.oasis-open.org] On Behalf Of Peter F Brown
Sent: Sunday, July 08, 2012 4:05 PM
To: soa-rm-ra@lists.oasis-open.org
Subject: [soa-rm-ra] Latest (Last?) draft of the RAF

 

 

 

 

 

Hi guys,

 

 

Attached is a doc and pdf copy of the latest draft , WD08. This contains:

 

 

-          All the figure updates;

 

 

-          All the Architectural Implications sections updates;

 

 

-          The agreed, revised section on Composition, business processes and collaboration;

 

 

-          The new section on Identity and Access Control, from Kevin Smith, as discussed at the last two meetings;

 

 

-          Updated appendix D;

 

 

-          Updates to ToC, list of figures and Index

 

 

 

 

 

In addition, is a snapshot of the Issues List, with all remaining open and ongoing work issues now resolved. These are all included now in the first sheet under “Recommend to Close” (20 Issues).

 

 

 

 

 

If we close those issues and agree the text, I think we are done.

 

 

I would certainly support a motion to confirm that at this coming Wednesday’s meeting.

 

 

 

 

 

I have loaded all the documents together on Kavi as a .zip file: https://www.oasis-open.org/apps/org/workgroup/soa-rm-ra/download.php/46435/SOA-RAF-v0.8.zip

 

 

and it is this file that we should reference in any decision and recommendation to the full RM for approval.

 

 

 

 

 

The next steps would be:

 

 

-          Getting full RM TC to adopt the text as new draft; to agree to publish this as a new Public Review (realistically, we should go for 30 days, given the extent of the changes);

 

 

-          If there are nothing but minor changes requested in the review period (and we take those on board), the RM TC could proceed to a vote to adopt the text as a Committee Specification;

 

 

-          Once that has been done, we would need to look for three examples of use of the RAF out in the wild among OASIS members or beyond, and if we collect three statements of use, we can ask for an OASIS-wide membership ballot to approve the specification as an OASIS Standard.

 

 

 

 

 

Description: Description:
                                Description: Description: Description:
                                Description:
                                cid:image013.jpg@01CCBA50.522AFA00

 

 

Peter F Brown

 

 

Independent Consultant

 

 

web: www.peterfbrown.com

 

 

twitter: @pensivepeter

 

 

 

 

 

P.O. Box 49719, Los Angeles, CA 90049, USA

 

 

Phone : (310) 694-2278

 

 

 

 

 

 



-- 
Rex Brooks
GeoAddress: 
1361-A Addison
Berkeley, CA 94702
Phone: 510-898-0670


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]