eb XML CPPA Technology Dale Moberg Cyclone Commerce

eb. XML CPPA Technology Dale Moberg, Cyclone Commerce Chair, OASIS eb. XML TC Dmoberg@cyclonecommerce. com Copyright OASIS, 2001

Collaboration Protocol Profiles and Agreements: Export Use Case • In a nutshell, the security, packaging, transport, and XML messaging “infrastructure” capabilities for engaging in specific business processes are announced. Export either CPPs or CPA templates • Can be discovered using Registries and Repositories, made available through services, or obtained directly as Copyright OASIS, 2001

Implementation Use Case: Import • Once the Profiles are available, draft CPAs can be exchanged and agreed upon. The CPA is an agreement on which of the capabilities will be used for XML messaging. • Messaging and other middleware software MAY import the CPA information for automated configuration. The ROI is in increased automation of configuration lifecycle management. Copyright OASIS, 2001

Other Use Cases (JSR 157) • Given BPSS, create CPP or CPA template for middleware systems. • Given 2 CPPs, create draft CPA or CPA template for negotiation. • Given CPA, check validity and acceptablity. • Given CPA, sign CPA. • Given CPA, update for new Copyright OASIS, 2001

Structure of CPPs • Defines associations between: • Party, Role, Service, Action, Packaging and Delivery Channels • Preferences on Business. Transaction. Characteri stics • And • Messaging. Characteristics Copyright OASIS, 2001

Party, Role, Service, Action • Party. Info identified by party. Name attribute, 1 or more Party. Id and Party. Ref. • Collaboration. Role/Role: “buyer” “seller” • Service: “Rosetta. Net” “c. XML” • Action: “Purchase. Order” “Receipt. Acknowledgment” Copyright OASIS, 2001

Delivery. Channels Focus • Combinations of Doc. Exchange and Transport that document the capabilities for using different transports (SMTP, FTP, HTTP) with security (SSL 3, TLS) and capabilities for digital enveloping, digital signature, reliable messaging, and XML extensions supported (indicated by namespace URI) Copyright OASIS, 2001

Doc. Exchange Focus • Contains the eb. XMLSender (Receiver)Binding elements • Can be generalized to other messaging approaches by defining different subordinate elements. • Contains IDREFs to PKI alignment details for digital envelope and digital signature (non-repudiation) resolving to Security. Details/Trust. Anchor and Certificate elements. Uses XMLDsig Key. Info elements to contain or refer to certificates. How to check for Copyright OASIS, 2001

PKI Alignment Doc. Exchange Example • Within Can. Receive context, an IDREF to Delivery. Channel and then an IDREF to Doc. Exchange, permits finding Certificates used for digital signatures or envelopes. • URL for eb. XML CPPA schema: http: //www. oasisopen. org/committees/ebxml -cppa/schema/cpa-example 2_0 b. xml Copyright OASIS, 2001

Digital Envelope PKI Alignment Sender. Side • <element name="Sender. Digital. Envelope"> • <complex. Type><sequence><elemen t name="Digital. Envelope. Protocol" type="tns: protocol. type"/> • <element ref="tns: Encryption. Algorithm" max. Occurs="unbounded"/> • <element name="Encryption. Security. Details. R ef" type="tns: Security. Details. Ref. type" Copyright OASIS, 2001

Digital Envelope Receiver. Side • <element name="Receiver. Digital. Envelope"> • <complex. Type><sequence><ele ment name="Digital. Envelope. Protocol" type="tns: protocol. type"/> • <element ref="tns: Encryption. Algorithm" max. Occurs="unbounded"/> • <element name="Encryption. Certificate. Ref" Copyright OASIS, 2001

Security. Details • <complex. Type> • <sequence> • <element name="Security. Details"> • <element ref="tns: Trust. Anchors" min. Occurs="0"/> • <element ref="tns: Security. Policy" min. Occurs="0"/> • </sequence> • <attribute name="security. Id" type="ID“ use="required"/> Copyright OASIS, 2001

Trust Anchors • <element name="Trust. Anchors"> • <complex. Type><sequence> • <element name="Anchor. Certificate. Ref" type="tns: Certificate. Ref. type" max. Occurs="unbounded"/> • </sequence></complex. Type> • </element> Copyright OASIS, 2001

Certificate • • • <element name="Certificate"> <complex. Type><sequence> <element ref="ds: Key. Info"/> </sequence> <attribute name="cert. Id" type="ID" use="required"/> • </complex. Type> • </element> Copyright OASIS, 2001

Encryption. Algorithm • element name="Encryption. Algorithm"> • <complex. Type> <simple. Content> • <extension base="tns: non-emptystring"> • <attribute name="minimum. Strength" type="integer"/> • <attribute name="oid" type="tns: non-empty-string"/> • <attribute name="w 3 c" type="tns: non-empty-string"/> Copyright OASIS, 2001

Other Examples • Digital Signature • Transport (SSL or TLS) • Application. Level. Security • Access. Authentication • For each security “module, ” both PKI alignment and algorithm details can be announced, negotiated, and agreed upon. Copyright OASIS, 2001