[graap-wg] proposal: agreement lifecycle end-games
Jon MacLaren
maclaren at cct.lsu.edu
Wed Mar 23 14:06:21 CST 2005
No, I don't think I've explained it properly. It's a lot simpler that
your reply suggests.
I didn't say the agreement is a message, which you stated in your
reply. I said that it should be a document. There is nothing to stop
me sending a signed document as part of an XML message irrespective of
the message-level/transport-level security stuff.
The user proposes an agreement ("offer" to use the terminology in the
spec.), and sends this as a signed document. If the respondent agrees,
they sign the agreement too, and send it back. You do not need to
retain all the messages - just this document, signed by both parties.
Of course proof of agreement is out of scope. But if you have the
agreement in the form I suggest, at least you give a *basis* on which
people can do this. The current WS-Agreement specification doesn't do
that.
Jon.
On Mar 23, 2005, at 10:42 AM, Karl Czajkowski wrote:
> Jon, I do think I understand what you are asking for. The difficulty
> lies, I think, in the fact that the "WS architecture" way of doing
> things is to treat security-related things like signature as
> orthogonal aspects that get folded into a service deployment.
>
> The underlying audit/proof problem you are concerned with requires the
> persistent naming and retention of protocol messages, e.g. "at time
> T0, party 1 initiated agreement with offer O" and "at time T1, party 2
> accepted offer O" in some way that the eventual arbiter can believe
> them to be accurate historical data.
>
> I do not think WSRF makes it harder to think about this. The
> WS-Agreement resource is not a message, but an addressable
> representation of the online process within which these messages are
> correlated. The WSRF modeling approach we are using is about making
> this process or "session" manageable, in the sense of being able to
> incorporate these agreement processes into a larger worldview of
> discovery and monitoring systems, etc. So, the Agreement resource
> gives us a dynamic view of the "current" status, while I think
> contract resolution requires an archived view of different key
> messages/interactions in the process like "agreement happened" and
> "agreement was violated (or satisfied) during time interval I".
>
> I think the question here is whether this "proof of agreement" problem
> is in or out of scope for the WS-Agreement standard. We have already
> declared "proof of satisfaction/violation" to be out of scope, so I
> had assumed proof of agreement would be treated the same way.
>
> I think you are asking for "proof of agreement" to be made in scope. I
> do not know how to do this in a way that is not biased towards one
> security/trust model, so that makes me afraid to approach it. Can you
> provide a more concrete proposal, or at least argue for why proof of
> agreement is different than the larger proof of satisfaction/violation
> such that we should keep banging our heads on this for the first
> version of the standard?
>
> I'm not discounting the value of these proofs, but merely questioning
> whether they are tractable enough to put in scope...
>
>
> karl
>
> --
> Karl Czajkowski
> karlcz at univa.com
>
More information about the graap-wg
mailing list