On 21/02/07, Jan Algermissen <[EMAIL PROTECTED]> wrote: > > > > > > > > > > On 21.02.2007, at 12:38, Paul Fremantle wrote: > > Good answer Steve. > > I have a question for Jan. When you order the pizza over the phone how do you > prove you didn't buy a house? > > > > Well, assumed I have a witness for what I said, the uttering of "this is a > pizza order, let me have a large magaritha" should sufficiently prove and > state my intent - it is self descriptive (which is a property of all business > documents, BTW).
Ummm I'm currently reading an NDA, its certainly not "self-descriptive" as I don't have a legal degree. I also have a PO on my desk which has some numbers and a name on it, it is however in German so I have no idea if it is correct or not. Business documents are certainly not self-descriptive, they are given context by either a legal framework (the NDA & PO) or by cultural context (the pizza order) there is nothing inherent in any of these things that actually describes within itself its entire intent. Put it this way, how do you know what a "pizza" is? How do you know what a tomato is? The answer isn't that you saw a pizza and went "that must be a pizza, and the red stuff I will call tomato", its that it was formally introduced to you by someone who you chose to trust. Having worked with lots of XML, EDI, CSV, Word and other business documents I have to say that to think they are self describing is a bit strange. I've never had one that didn't need explaining. > > > Jan > > > > > > > > > Paul > > > On 2/21/07, Steve Jones <[EMAIL PROTECTED]> wrote: > > > > Assuming you are using SAML and WS-Security and have kept a log of the > > messages then its fine as this will contain both their authentication and > > your own. > > > > If however you didn't use security and its an open exchange then you are > > just going to have fun in the courts. This is one of the key things about > > Trust (and one of the reasons that security != HTTPS), before you start a > > transaction you need to trust the other party to deliver or trust that you > > have recourse if something goes wrong. This plays back to something I > > asked at a conference back in 2001 (IIRC) (just after my dad had seen a > > presentation on WS and said "so why is ASCII RPC now a good idea?"). The > > presenter had outlined the holy trinity of WS including UDDI and talked of > > a "business" scenario where you would discover automatically a credit card > > clearance company and select the cheapest one and then complete the > > transaction. My point then was that this is bollocks as ! if that were > > true then I'd set up the world's cheapest credit card clearing company in > > somewhere with no extradition treaties and then fleece the world. > > > > Trust and validity are serious and difficult concepts, its fine for people > > to argue about document shifting approach X v Y, but if they don't provide > > a framework for Trust and validity on top of that base then its a pointless > > argument. > > > > SAML, WS-Security, WS-Trust and a decent set of audit logs. > > > > Steve > > > > > > > > > > On 21/02/07, Jan Algermissen < [EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > > > > > > > > Hi, > > > > > > if have SOA-ordered a pizza the other day but yesterday I learned I > > > sold my house..... > > > > > > How do I prove in court that my digitally signed pizza order was > > > indeed a pizza order and not (as the recipient claims) a house sale? > > > > > > Jan > > > > > > > > > > > > > > -- > Paul Fremantle > VP/Technology, WSO2 and OASIS WS-RX TC Co-chair > > http://bloglines.com/blog/paulfremantle > [EMAIL PROTECTED] > > "Oxygenating the Web Service Platform", www.wso2.com > > > >
