W3C home > Mailing lists > Public > public-ws-policy-eds@w3.org > July 2007

2006/ws/policy ws-policy-guidelines.html,1.78,1.79 ws-policy-guidelines.xml,1.93,1.94

From: Frederick Hirsch via cvs-syncmail <cvsmail@w3.org>
Date: Fri, 13 Jul 2007 20:06:01 +0000
To: public-ws-policy-eds@w3.org
Message-Id: <E1I9ROr-0008VC-R3@lionel-hutz.w3.org>

Update of /sources/public/2006/ws/policy
In directory hutz:/tmp/cvs-serv32614

Modified Files:
	ws-policy-guidelines.html ws-policy-guidelines.xml 
Log Message:
Restructured and updated 5.8 Interrelated domains to use Architecture of WWW format and add example, according to Editors' action 309. Updated the WSDL 20 reference [WSDL 2.0 Core Language] and WS-SecurityPolicy reference [WS-SecurityPolicy] for issue 4831. Editors' action 326

Removed one lone sug-heading for example, making document consistent.

Index: ws-policy-guidelines.html
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-guidelines.html,v
retrieving revision 1.78
retrieving revision 1.79
diff -u -d -r1.78 -r1.79
--- ws-policy-guidelines.html	19 Jun 2007 06:47:47 -0000	1.78
+++ ws-policy-guidelines.html	13 Jul 2007 20:05:58 -0000	1.79
@@ -141,7 +141,6 @@
 &nbsp;&nbsp;&nbsp;&nbsp;5.6 <a href="#optional-policy-assertion">Designating Optional Behaviors</a><br>
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;5.6.1 <a href="#d3e783">Optional behavior in Compact authoring</a><br>
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;5.6.2 <a href="#d3e823">Optional behavior at runtime</a><br>
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;5.6.2.1 <a href="#d3e868">Example</a><br>
 &nbsp;&nbsp;&nbsp;&nbsp;5.7 <a href="#levels-of-abstraction">Considerations for Policy Attachment in WSDL </a><br>
 &nbsp;&nbsp;&nbsp;&nbsp;5.8 <a href="#interrelated-domains">Interrelated domains</a><br>
 6. <a href="#versioning-policy-assertions">Versioning Policy Assertions</a><br>
@@ -924,8 +923,7 @@
 					Framework).  
 				</p><div class="boxedtext"><p><a name="bp-indicate-optional-assertion-use" id="bp-indicate-optional-assertion-use"></a><span class="practicelab">Best
 Practice 20: Indicate use of  an Optional Assertion</span></p><p class="practice">When a given behavior may be optional, it must be possible for both message participants to determine that the assertion is selected by both parties, 
-					either out of band or as reflected by the message content.</p></div><div class="div4">
-<h5><a name="d3e868" id="d3e868"></a>5.6.2.1 Example</h5><p>
+					either out of band or as reflected by the message content.</p></div><p>
 					The <cite><a href="#WS-Policy-Primer">Web Services Policy Primer</a></cite> document contains an example that outlines the 
 					use of 
 					<cite><a href="#MTOM">MTOM</a></cite> as an optional behavior that can be engaged by a consumer. 
@@ -950,7 +948,7 @@
 					optional assertion where  it may not be clear whether it is to apply in a message 
 					exchange when optionally used in part of that exchange  
 					(<a href="#bp-entire-mep-for-optional">Best Practice: Consider entire message exchange pattern when specifying Assertions that may be optional</a>).
-				</p></div></div></div><div class="div2">
+				</p></div></div><div class="div2">
 <h3><a name="levels-of-abstraction" id="levels-of-abstraction"></a>5.7 Considerations for Policy Attachment in WSDL </h3><p>A behavior identified by a policy assertion applies to the
         		associated policy subject. If a policy assertion is to be used
         		within WSDL, Assertion Authors should specify a WSDL
@@ -1053,20 +1051,26 @@
 					when there are multiple instances of a policy assertion type in the same 
 					policy alternative.
 					</p></div></div><div class="div2">
-<h3><a name="interrelated-domains" id="interrelated-domains"></a>5.8 Interrelated domains</h3><table border="1" summary="Editorial note"><tr><td align="left" valign="top" width="50%"><b>Editorial note</b></td><td align="right" valign="top" width="50%">&nbsp;</td></tr><tr><td colspan="2" align="left" valign="top">To be re-structured to use the format in the Architecture of the WWW doc.</td></tr></table><p>Assertion Authors need to be clear about how assertions defined in  
-				their domain may fit with assertions for interrelated domains. A  
-				classic example of such an interrelated domain is security, because  
-				security tends to
-				cut across all aspects of a solution.</p><p> One example is the definition  
-				of additional assertions
-				related to the interrelated security domain [<cite><a href="#WS-SecurityPolicy">WS-SecurityPolicy</a></cite>] in  
-				Web Services Reliable Messaging Policy
-				Assertions [<cite><a href="#WS-RM-Policy">Web Services Reliable Messaging Policy</a></cite>]. </p><p>Assertion Authors should not duplicate existing  
+<h3><a name="interrelated-domains" id="interrelated-domains"></a>5.8 Interrelated domains</h3><p>Assertion Authors need to be clear about how assertions defined in  
+				their domain may fit with assertions for interrelated domains. Assertion Authors should not duplicate existing  
 				assertions and should also make sure that when adding assertions those new assertions are consistent  
 				with pre-existing assertions of any  
 				interrelated domain. </p><div class="boxedtext"><p><a name="bp-specify-composition" id="bp-specify-composition"></a><span class="practicelab">Best
 Practice 26: Specify Composition with Related Assertions</span></p><p class="practice">Assertion authors should clearly specify how an assertion 
-				may compose with other related assertions, if any.</p></div></div></div><div class="div1">
+				may compose with other related assertions, if any.</p></div><p> A  
+				classic example of such an interrelated domain is security, because  
+				security tends to
+				cut across all aspects of a solution. 
+				Web Services Reliable Messaging Policy
+				Assertions [<cite><a href="#WS-RM-Policy">Web Services Reliable Messaging Policy</a></cite>] defines   
+				 additional assertions
+				 related to [<cite><a href="#WS-SecurityPolicy">WS-SecurityPolicy</a></cite>], an interrelated security domain.  One such additional assertion
+			specifies the use of transport security to protect a message sequence, for example.</p><div class="exampleOuter">
+<p style="text-align: left" class="exampleHead"><i><span>Example 5-10. </span>Reliable Message Sequence Security</i></p><div class="exampleInner"><pre>&lt;wsrmp:SequenceTransportSecurity [wsp:Optional="true"]? ... /&gt;</pre></div></div><p>The Reliable Message Policy specification states
+				"This assertion is effectively meaningless unless it occurs in conjunction with the 
+					RMAssertion and a sp:TransportBinding assertion that requires the use of some transport-level
+					security mechanism (e.g. sp:HttpsToken).".
+				</p></div></div><div class="div1">
 <h2><a name="versioning-policy-assertions" id="versioning-policy-assertions"></a>6. Versioning Policy Assertions</h2><p>Assertion Authors need to consider not just the expression of the current set of requirements but
 		how they anticipate new assertions being added to the set.  There are three aspects to versioning policy assetions:</p><ul><li><p> Assertion Extensibility </p></li><li><p> Policy Language Extensibility </p><p>Over time, the Policy WG or third parties can version or extend the Policy Language with new 
 				or modified constructs.  These constructs may be compatible or incompatible with previous versions.
@@ -1421,14 +1425,13 @@
 					<cite><a href="http://www.w3.org/TR/2001/NOTE-wsdl-20010315">Web Services Description Language (WSDL) 1.1</a></cite>, E. Christensen, et al,
           Authors. World Wide Web Consortium, March 2001. Available at
           http://www.w3.org/TR/2001/NOTE-wsdl-20010315. </dd><dt class="label"><a name="WSDL20"></a>[WSDL 2.0 Core Language] </dt><dd>
-	  <cite><a href="http://www.w3.org/TR/2006/CR-wsdl20-20060327/">Web Services Description Language (WSDL) Version
-	  2.0 Part 1: Core Language</a></cite>, R. Chinnici,
-	  J. J. Moreau, A. Ryman, S. Weerawarana, Editors. World Wide
-	  Web Consortium, 27 March 2006. This version of the WSDL 2.0
-	  specification is
-	  http://www.w3.org/TR/2006/CR-wsdl20-20060327. The <a href="http://www.w3.org/TR/wsdl20/">latest version of WSDL
-	  2.0</a> is available at http://www.w3.org/TR/wsdl20.
-	  </dd><dt class="label"><a name="WS-Policy"></a>[Web Services Policy Framework] </dt><dd>
+					<cite><a href="http://www.w3.org/TR/2006/CR-wsdl20-20060327/">Web Services Description Language (WSDL) Version 2.0 Part 1: Core
+						Language</a></cite>,
+					R. Chinnici, J. J. Moreau, A. Ryman, S.
+					Weerawarana, Editors. World Wide Web Consortium, 26 June 2007. This version
+					of the WSDL 2.0 specification is
+					http://www.w3.org/TR/2007/REC-wsdl20-20070626/. The <a href="http://www.w3.org/TR/wsdl20/">latest version of WSDL 2.0</a> is
+					available at http://www.w3.org/TR/wsdl20/. </dd><dt class="label"><a name="WS-Policy"></a>[Web Services Policy Framework] </dt><dd>
 			        <cite><a href="http://www.w3.org/TR/ws-policy/">Web Services Policy 1.5 - Framework</a></cite>, A. S. Vedamuthu, D. Orchard, F. Hirsch, M. Hondo, P. Yendluri, T. Boubez and Ü. Yalçinalp, Editors. World Wide Web Consortium, @@,
           @@@@ @@@@. This version of the 
           Web Services Policy 1.5 - Framework specification is at http://www.w3.org/TR/ws-policy/. 
@@ -1457,10 +1460,11 @@
           R. Monzillo, Editors. Organization for the Advancement of
           Structured Information Standards, March 2004. Available at
           http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. </dd><dt class="label"><a name="WS-SecurityPolicy"></a>[WS-SecurityPolicy] </dt><dd>
-					<cite><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">WS-SecurityPolicy v1.0</a></cite>, A. Nadalin,
-          M. Gudgin, A. Barbir, and H.  Granqvist,
-          Editors. Organization for the Advancement of Structured
-          Information Standards, 8 December 2005. Available at
+					<cite><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf">WS-SecurityPolicy v1.2</a></cite>, A. Nadalin, M. Goodner, M. Gudgin, A.
+					Barbir, and H. Granqvist, Editors. Organization for the Advancement of
+					Structured Information Standards, 1 July 2007. Available at
+					http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf. 
+					Namespace document available at 
 					http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702. </dd><dt class="label"><a name="WS-Trust"></a>[WS-Trust] </dt><dd>
 					<cite><a href="http://schemas.xmlsoap.org/ws/2005/02/trust">Web Services Trust Language (WS-Trust)</a></cite>,
           S. Anderson, et al, Authors.  Actional Corporation, BEA
@@ -1726,4 +1730,11 @@
 							<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/295">295</a>.
 						</td></tr><tr><td rowspan="1" colspan="1">200706018</td><td rowspan="1" colspan="1">TIB</td><td rowspan="1" colspan="1">Implemented place holder for Editors' action  
 							<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/249">249</a> for locking the document.
+						</td></tr><tr><td rowspan="1" colspan="1">20070713</td><td rowspan="1" colspan="1">FJH</td><td rowspan="1" colspan="1">Restructured and updated <a href="#interrelated-domains"><b>5.8 Interrelated domains</b></a> 
+							to use Architecture of WWW format and add example, according to  
+							Editors' action 
+							<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/309">309</a>.
+							Updated the WSDL 20 reference [<cite><a href="#WSDL20">WSDL 2.0 Core Language</a></cite>] and WS-SecurityPolicy reference [<cite><a href="#WS-SecurityPolicy">WS-SecurityPolicy</a></cite>] 
+							for issue <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4831">4831</a>. 
+							Editors' action <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/326">326</a>
 						</td></tr></tbody></table><br></div></div></body></html>
\ No newline at end of file

Index: ws-policy-guidelines.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-guidelines.xml,v
retrieving revision 1.93
retrieving revision 1.94
diff -u -d -r1.93 -r1.94
--- ws-policy-guidelines.xml	19 Jun 2007 06:47:47 -0000	1.93
+++ ws-policy-guidelines.xml	13 Jul 2007 20:05:58 -0000	1.94
@@ -1189,8 +1189,6 @@
 				<quote>When a given behavior may be optional, it must be possible for both message participants to determine that the assertion is selected by both parties, 
 					either out of band or as reflected by the message content.</quote>
 					</p>
-				<div4>
-					<head>Example</head>
 				<p>
 					The <bibref ref="WS-Policy-Primer"/> document contains an example that outlines the 
 					use of 
@@ -1217,7 +1215,6 @@
 					exchange when optionally used in part of that exchange  
 					(<loc href="#bp-entire-mep-for-optional">Best Practice: Consider entire message exchange pattern when specifying Assertions that may be optional</loc>).
 				</p>
-					</div4>
 			</div3>
 		</div2>
 		
@@ -1386,21 +1383,9 @@
 				
 			</div2>
 		<div2 id="interrelated-domains">
-			<head>Interrelated domains</head>
-			<ednote>
-				<edtext>To be re-structured to use the format in the Architecture of the WWW doc.</edtext>
-			</ednote>
+			<head>Interrelated domains</head>	
 			<p>Assertion Authors need to be clear about how assertions defined in  
-				their domain may fit with assertions for interrelated domains. A  
-				classic example of such an interrelated domain is security, because  
-				security tends to
-				cut across all aspects of a solution.</p>
-			<p> One example is the definition  
-				of additional assertions
-				related to the interrelated security domain [<bibref ref="WS-SecurityPolicy"/>] in  
-				Web Services Reliable Messaging Policy
-				Assertions [<bibref ref="WS-RM-Policy"/>]. </p>
-			<p>Assertion Authors should not duplicate existing  
+				their domain may fit with assertions for interrelated domains. Assertion Authors should not duplicate existing  
 				assertions and should also make sure that when adding assertions those new assertions are consistent  
 				with pre-existing assertions of any  
 				interrelated domain. </p>
@@ -1409,6 +1394,24 @@
 				<quote>Assertion authors should clearly specify how an assertion 
 				may compose with other related assertions, if any.</quote>
 			</p>
+			<p> A  
+				classic example of such an interrelated domain is security, because  
+				security tends to
+				cut across all aspects of a solution. 
+				Web Services Reliable Messaging Policy
+				Assertions [<bibref ref="WS-RM-Policy"/>] defines   
+				 additional assertions
+				 related to [<bibref ref="WS-SecurityPolicy"/>], an interrelated security domain.  One such additional assertion
+			specifies the use of transport security to protect a message sequence, for example.</p>
+				<example>
+					<head>Reliable Message Sequence Security</head>
+						<eg xml:space="preserve">&lt;wsrmp:SequenceTransportSecurity [wsp:Optional="true"]? ... /&gt;</eg>
+				</example> 
+			<p>The Reliable Message Policy specification states
+				<quote>This assertion is effectively meaningless unless it occurs in conjunction with the 
+					RMAssertion and a sp:TransportBinding assertion that requires the use of some transport-level
+					security mechanism (e.g. sp:HttpsToken).</quote>.
+				</p>
 		</div2>
 	</div1>
 	<div1 id="versioning-policy-assertions">
@@ -1961,17 +1964,16 @@
 					<titleref>Web Services Description Language (WSDL) 1.1</titleref>, E. Christensen, et al,
           Authors. World Wide Web Consortium, March 2001. Available at
           http://www.w3.org/TR/2001/NOTE-wsdl-20010315. </bibl>
-
-	                        <bibl key="WSDL 2.0 Core Language" id="WSDL20" href="http://www.w3.org/TR/2006/CR-wsdl20-20060327/">
-	  <titleref>Web Services Description Language (WSDL) Version
-	  2.0 Part 1: Core Language</titleref>, R. Chinnici,
-	  J. J. Moreau, A. Ryman, S. Weerawarana, Editors. World Wide
-	  Web Consortium, 27 March 2006. This version of the WSDL 2.0
-	  specification is
-	  http://www.w3.org/TR/2006/CR-wsdl20-20060327. The <loc
-	  href="http://www.w3.org/TR/wsdl20/">latest version of WSDL
-	  2.0</loc> is available at http://www.w3.org/TR/wsdl20.
-	  </bibl>
+				<bibl key="WSDL 2.0 Core Language" id="WSDL20"
+					href="http://www.w3.org/TR/2006/CR-wsdl20-20060327/">
+					<titleref>Web Services Description Language (WSDL) Version 2.0 Part 1: Core
+						Language</titleref>,
+					R. Chinnici, J. J. Moreau, A. Ryman, S.
+					Weerawarana, Editors. World Wide Web Consortium, 26 June 2007. This version
+					of the WSDL 2.0 specification is
+					http://www.w3.org/TR/2007/REC-wsdl20-20070626/. The <loc
+						href="http://www.w3.org/TR/wsdl20/">latest version of WSDL 2.0</loc> is
+					available at http://www.w3.org/TR/wsdl20/. </bibl>
 
 				<bibl id="WS-Policy" key="Web Services Policy Framework" 
                                 href="http://www.w3.org/TR/ws-policy/">
@@ -2008,11 +2010,13 @@
           R. Monzillo, Editors. Organization for the Advancement of
           Structured Information Standards, March 2004. Available at
           http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. </bibl>
-				<bibl id="WS-SecurityPolicy" key="WS-SecurityPolicy" href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
-					<titleref>WS-SecurityPolicy v1.0</titleref>, A. Nadalin,
-          M. Gudgin, A. Barbir, and H.  Granqvist,
-          Editors. Organization for the Advancement of Structured
-          Information Standards, 8 December 2005. Available at
+				<bibl id="WS-SecurityPolicy" key="WS-SecurityPolicy"
+					href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf">
+					<titleref>WS-SecurityPolicy v1.2</titleref>, A. Nadalin, M. Goodner, M. Gudgin, A.
+					Barbir, and H. Granqvist, Editors. Organization for the Advancement of
+					Structured Information Standards, 1 July 2007. Available at
+					http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf. 
+					Namespace document available at 
 					http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702. </bibl>
 				<bibl id="WS-Trust" key="WS-Trust" href="http://schemas.xmlsoap.org/ws/2005/02/trust">
 					<titleref>Web Services Trust Language (WS-Trust)</titleref>,
@@ -2706,7 +2710,19 @@
 						<td>Implemented place holder for Editors' action  
 							<loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/249">249</loc> for locking the document.
 						</td>
-					</tr>                  		              			 
+					</tr> 
+					<tr>
+						<td>20070713</td>
+						<td>FJH</td>
+						<td>Restructured and updated <specref ref="interrelated-domains" /> 
+							to use Architecture of WWW format and add example, according to  
+							Editors' action 
+							<loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/309">309</loc>.
+							Updated the WSDL 20 reference [<bibref ref="WSDL20"/>] and WS-SecurityPolicy reference [<bibref ref="WS-SecurityPolicy"/>] 
+							for issue <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4831">4831</loc>. 
+							Editors' action <loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/326">326</loc>
+						</td>
+					</tr>                        		              			 
 				</tbody>
 			</table>
 		</inform-div1>
Received on Friday, 13 July 2007 20:06:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:21:03 GMT