W3C home > Mailing lists > Public > www-ws-arch@w3.org > February 2003

Re: Layers in the WSA (was RE: [Fwd: UN/CEFACT TMG Releases e-Bus ines s Architecture Technical Specification for Public Review])

From: Duane Nickull <duane@xmlglobal.com>
Date: Thu, 13 Feb 2003 08:50:55 -0800
Message-ID: <3E4BCCEF.1080606@xmlglobal.com>
To: Assaf Arkin <arkin@intalio.com>
Cc: "Burdett, David" <david.burdett@commerceone.com>, www-ws-arch@w3.org



Assaf Arkin wrote:
> For example, you can have a service level agreement that need to be 
> pre-negotiated and all messages have to carry the SLA number to be 
> processed and the SLA can be started and managed by some WSDL operation. 
> There is no need to negotiate messaging-level agreement, and the 
> negotiation of another agreement could be in itself a service.
>>>>>>>>>>>

I thought of that in ebXML as well, however I personally pushed for the 
CPA to be required and processed in the outermost envelope.  This was an 
architectural decision based on the rising popularity of DOS attacks 
(denial of service).  It is foreseeable that someone could pump in 
1000's of bogus messages if they wanted to tie up a specific BSI 
(Business Service Interface).  The TA team was constrained by making 
sure we thought of hacker attacks, no single point of failure etc..

By parsing and comparing the CPA ID in the outermost envelope at the 
messaging layer (probably by slurping the first 500 bytes via SAX),  it 
requires far less processor resources than to open the envelope first, 
then route the message payload to another resource before trying to 
validate the service level agreement.

For right or wrong,  that was the thinking.

Duane



-- 
VP Strategic Relations,
Technologies Evangelist
XML Global Technologies
****************************
ebXML software downloads - http://www.xmlglobal.com/prod/
Received on Thursday, 13 February 2003 11:51:02 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:25:14 GMT