[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[COAS-List] Re: Fw: XML and New England Neurosurgery Network
- To: gunther@aurora.rg.iupui.edu, webber@zeus.lnk.com
- Subject: [COAS-List] Re: Fw: XML and New England Neurosurgery Network
- From: Gunther Schadow <gunther@aurora.rg.iupui.edu>
- Date: Mon, 3 Aug 1998 11:42:59 -0500 (EST)
- Cc: coas@cs.fiu.edu, csmedema@best.ms.philips.com, dean-bidgood@ouhsc.edu, drew@hq.rsna.org, gaeta@merge.com, Harry.Solomon@ccmail.l-3com.com, horii@rad.upenn.edu, Kurt.Hedstrom@elema.siemens.se, lloyd-hildebrand@ouhsc.edu, Mikael.Dahlke@elema.siemens.se, N.J.G.B@btinternet.com, sgml-hl7@dudley.mc.duke.edu, TMONTGOMERY@partners.org, vansyckled@merge.com, yha@philabs.research.philips.com
- Sender: owner-coas@cs.fiu.edu
David,
> I'm sorry but I disagree. The NOTATION (hint: look at the word!?)
> is not intended to hide binaries. It's meant to let you put
> notation characters into your XML.
Oh, I did not only look at the word, but at the XML spec as well. And
there I could find that it at least allows external binary data with a
notation attribute. I admit that I am not an expert on that, but I
can't see the foundation of your interpretation ``to put notation
characters into your XML.''
> also - the security is a complete red-herring.
>
> Yes I'm looking at MIME and I see a horror show that we do
> not want to repeat.
>
> Security is MIDDLEWARE. It has nothing to do with the XML
> representation.
>
> How you store the actual document on the disk, or send it down
> a pipe I do not care. Just make sure that I never see any of
> that in my XML layer.
>
> Namesapces anf RDF provide the correct interface between
> digital signatures, encryption schemes and middleware, and
> that is the official W3C approach, with working groups and
> so on. If you want to do encryption, et al, please see
> the RDF and namespace work.
Can you give me a hint to a W3C/XML statement about security what they
want and what they don't want?
I don't think that ``security is middleware,'' and in fact, I don't
think there is a common understand what ``middleware'' is at all. It
doesn't help to use this term more often.
I don't know enough about RDF to be able to follow you on this.
I agree to your wish to separate XML presentation from session and
transport and even lower layers. However, I don't believe that
security pertains to any of those layers specifically. All it seems to
do is to depend on a presentation in a way that makes it very hard to
lock security into one of the OSI layers of communication.
I normally argue that if you do not want people to see part of your
document, you should create another document that doesn't contain
those parts. However, especially regarding the longlivety and
context-independent(*) nature of medical documents, we can at least
think about spearately encrypted parts of a document.
regards
-Gunther
PS: I agree to your assessment of DICOM, and I would also wish that
someone would take over that sword to cut this arcane bit and byte
stuff out from the abstract DICOM information, so that we would be
able to use DICOM in a technology neutral way.
(*) For Gerard Freriks: By ``context-independent nature'' I mean that
the documents should mention their context explicitly rather than
depend on any context information to be known implicitly. Conversely,
HL7 messages are very much dependent on the state and purpose of the
particular thread of communication and are not meant to be fully
understandible on their own.
Gunther Schadow ----------------------------------- http://aurora.rg.iupui.edu
Regenstrief Institute for Health Care
1001 W 10th Street RG5, Indianapolis IN 46202, Phone: (317) 630 7960
schadow@aurora.rg.iupui.edu ---------------------- #include <usual/disclaimer>