W3C home > Mailing lists > Public > public-rdf-dawg@w3.org > October to December 2004

ws-policy use caes

From: Eric Prud'hommeaux <eric@w3.org>
Date: Tue, 2 Nov 2004 08:26:40 -0500
To: Kendall Clark <kendall@monkeyfist.com>
Cc: public-rdf-dawg@w3.org
Message-ID: <20041102132640.GA22596@w3.org>
On Mon, Nov 01, 2004 at 08:24:41AM -0600, Dan Connolly wrote:
> ACTION: Eric to ask Kendall to put X509 policy use case into UC&R

I described a ws-policy use case at the last meeting and volunteered
to relay it to you. The scenario comes from my position paper [1] for
the Constraints and Capabilities Workshop.

  My dream bank allows me to conduct transactions via a web service
  interface. To prevent fraud, the messages to this service must be
  authenticated by a trusted mechanism, either X509 or Kerberose.

  My messages to the bank must be signed by either of these
  mechanisms. These signatures get reflected to the application as
  triples in an RDF graph.

    @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>.
    @prefix wsse: <http://www.w3.org/2004/08/20-ws-pol-pos/#>.
    <http://bucks.example/mesg#1234 rdf:type wsse:SecurityToken;
                               wsse:tokenType wsse:Kerberosv5TGT.

    @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>.
    @prefix wsse: <http://www.w3.org/2004/08/20-ws-pol-pos/#>.
    <http://bucks.example/mesg#1234 rdf:type wsse:SecurityToken;
                               wsse:tokenType wsse:X509v3.

  The service expresses and enforces these constraints with a query
  that runs over that RDF graph. This conveniently communicates the
  constraints in a language that is human-comprehensible, machine-
  comprehensible, and testable by all parties.

[1] http://www.w3.org/2004/08/20-ws-pol-pos/#query

office: +81.466.49.1170 W3C, Keio Research Institute at SFC,
                        Shonan Fujisawa Campus, Keio University,
                        5322 Endo, Fujisawa, Kanagawa 252-8520
        +1.617.258.5741 NE43-344, MIT, Cambridge, MA 02144 USA
cell:   +1.857.222.5741 (does not work in Asia)

Feel free to forward this message to any list for any purpose other than
email address distribution.

Received on Tuesday, 2 November 2004 13:26:41 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:00:45 UTC