W3C home > Mailing lists > Public > public-ws-addressing@w3.org > March 2005

Stepping back a bit ...

From: David Hull <dmh@tibco.com>
Date: Mon, 21 Mar 2005 13:16:01 -0500
To: "public-ws-addressing@w3.org" <public-ws-addressing@w3.org>
Message-id: <423F0F61.50903@tibco.com>
In the interest of getting through this whole MAP extensibility thing, 
I'd like to step back and try to describe the high points as I see 
them.  I'm trying to give a little background for my reasoning here, and 
not necessarily argue for one proposal or another.

One thing that jumps out from looking at MAPs is that the extensibility 
is inconsistent.  On the one hand, we have an open [relationship] 
property allowing for messages to relate to each other in arbitrary 
ways.  We predefine "reply" as a relationship and say that replies and 
faults are both replies, but we explicitly allow for other patterns.  We 
also define [reply endpoint] and [fault endpoint], but /don't/ allow for 
other possibilities.  Maybe there's no benefit from calling out an 
endpoint in the MAPs, in which case the point is moot.  But in that 
case, why define [reply endpoint] and [fault endpoint]?  If there's any 
benefit to defining them in WSA as opposed to elsewhere, that benefit 
should be extensible.  I explore possible benefits a bit below.

Another question that arises about MAPs is, how do they manifest?  As I 
understand it, we map them to SOAP properties, and these in turn will 
generally become headers.  This certainly accords with the example in 
section 3.2, which is the classic "async request/reply" use case.  
However, that can't be the whole answer for classic SOAP/HTTP, or for 
any other SOAP request/reply MEP binding that comes along.  SOAP/HTTP -- 
the 99% case as far as I know -- already works fine without a reply-to: 
header present.  Further, the SOAP 1.2 binding in section 6.2 doesn't 
mention a "replyTo" or "faultTo" property that we could latch onto, and 
SOAP 1.1 doesn't even try.  In short, there seem to be two options:

   1. Require that [reply endpoint] and [fault endpoint] manifest as
      headers.  Unless I missed something, this would mean that
      practically all existing traffic would be regarded as
      non-compliant with WS-A, which could slow adoption.
   2. Deal with existing traffic as it is, and say that, for example, an
      HTTP POST request has the [reply to] property of "the back
      channel", though this is nowhere manifest in the message (until
      you go digging into TCP headers).  This seems more sensible, and
      also seems to be what we're driving at with the "anonymous" EPR.

But in the second case, why does it matter?  If I have an existing 
SOAP/HTTP request/reply service, my clients already know how to 
correlate messages, and I already know where to send replies and 
faults.  We can talk about the [reply to] MAP floating over all this, 
but who cares?

And in fact, what if I define an "async request/reply" service?  If I'm 
advertising the service, I get to advertise the semantics.  I can say 
"If I see a header called 'ReplyTo', I'll send replies there.  
Otherwise, I'll send them back to the requester.  If I can't figure out 
how to do that (some bindings may allow for this, some may not), you're 
hosed."  This has the same semantic effect as trying to define a [reply 
endpoint] MAP, but it's more direct in that it defines default /behavior 
/directly instead of trying to define a default /value/ and then 
defining behavior in terms of value.  (insert Latin epigram here).

As far as I can tell, the only place this distinction could matter, and 
the only place endpoint MAPs matter, is if we want intermediaries to be 
able to do the right thing with messages without knowing what MEP the 
ultimate sender and receiver are participating in.  If we want to enable 
this, there are all kinds of interesting questions to deal with.  For 
example:

   1. Can the intermediary know just from looking at the message what
      endpoints might get further traffic due to this message?  If so,
      and none of them is the back channel to the sender, then that
      back-channel can be closed.  In any case, the intermediary might
      be able to send routing hints down the line.
   2. Suppose the message is being sent reliably.  The intermediary is
      participating in <your favorite reliability protocol> and thus may
      produce reliability-related faults.  Should those faults go to the
      [fault endpoint] (if any), or to an administrative endpoint for
      reliability, or possibly both?
   3. What about security faults?  Certain security faults may convey
      sensitive information by their mere presence (the problem of
      over-friendly error messages).  Again, the "security fault"
      endpoint may not be [fault endpoint], or at least the disposition
      of security faults requires special care.

This is all speculative, but if we allow for such a scenario at all, the 
presumption has to be that anything we haven't specifically been able to 
rule out could happen.  It may well be the case that there aren't that 
many fundamental questions with this scenario, or that they're all 
easily answered, but whatever the case, they all appear out of scope for 
the WS-A core.  The core should only be concerned with not making such 
questions harder to answer, to the extent that we can assess that.

(2) and (3) above argue that, even if request/reply is the only MEP in 
the world, there may be cause for further message-routing EPRs to be 
attached to a message by reliability modules, security modules and 
such.  (1) argues that it would be good if an intermediary could tell 
just by looking what EPRs might carry messages.  In retrospect, one 
obvious way to do this is the same way we did with EPRs:  There, we 
pre-define basic parts of the EPR and give them element names in the 
wsa: namespace, and we also provide an attribute in the wsa: namespace 
that tags a header as belonging to the "reference parameters" 
extensibility point.  Here, we would leave the basic parts pre-defined 
as they are, and define another attribute for the "other endpoints" 
extensibility point in MAPs.

An intermediary then knows that "ReplyTo" and "FaultTo" may carry 
traffic, and so can anything tagged with the wsa:otherEndpoint (or 
whatever) attribute.  Further, in a profile that requires /all/ 
potential endpoints to be present, if only tagged with "backChannel", an 
intermediary can make assumptions about what channels will /not/ carry 
traffic, and optimize accordingly.
Received on Monday, 21 March 2005 18:16:29 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:04 GMT