W3C home > Mailing lists > Public > www-ws-arch@w3.org > August 2002

RE: Security Question

From: bhaugen <linkage@interaccess.com>
Date: Tue, 06 Aug 2002 12:47:42 -0500
To: www-ws-arch@w3.org
Message-id: <002001c23d71$5e118340$b8eafea9@default>

Hal Lockhart wrote:

> As I stated in a previous email, I agree with the general notion of
> ambiguity, however I think Mark's idea of not depending on anything
> is unrealistic. Every business transaction depends on shared
> about the goods or services involved, the terms and conditions of sale
and a
> host of other things not explicitly spelled out in the network
messages. Of
> course, many of these are defined by centuries of commercial practice
> well as laws and regulations. However, others may vary depending on
> legal system, industry and over time.

Ok, you're right.  I took Mark's statement in its original context,
which was default values popping in from schemas, that is,
alteration of the message contents.  If you take it in the
context you explained very well above, it's not true.

But for all of the other dependencies, if they are Web resources
hyperlinked from the resource that the subject of the transaction
(e.g. an order), then it would still be possible to have a
definite answer to enough questions to be able to do

> I believe the most practical approach, which is currently happening,
is for
> industry consortia to establish standards for the syntax and semantics
> common transactions in their industry. By making use of these
standards, it
> should be possible to avoid a semantic misunderstanding (deliberate or
> A party who claims to have reason to use semantics which are contrary
to the
> established standards for the relevant industry will face a very
> burden of proof.

Most but not all of the industry consortia are focusing on document
contents alone.  The business processes, transaction handling
rules, etc. also need to be spelled out for anything resembling

For a simple example, did the seller agree to be bound
by the buyer's order, or not?  How can you tell from the order
document alone? Is an explict acceptance response
required?  What if the response comes after the price
is reduced? What if the buyer cancels the order?
What if the seller delivers the goods later than promised?
...and on and on...

-Bob Haugen
Received on Tuesday, 6 August 2002 15:58:56 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:40:58 UTC