W3C home > Mailing lists > Public > public-ws-policy@w3.org > August 2006

RE: NEW ISSUE: Remove misleading reference to a Requester policy (Issue 3586)

From: Sverdlov, Yakov <Yakov.Sverdlov@ca.com>
Date: Fri, 11 Aug 2006 20:05:46 -0400
Message-ID: <ACE36C31EA815A4CBA7EBECA186C0D41A61113@USILMS13.ca.com>
To: "Daniel Roth" <Daniel.Roth@microsoft.com>, <public-ws-policy@w3.org>
Hi Daniel,

 

Section 3.4, which I also cited, states that: "... the provider of a Web
service exposes a policy to convey conditions under which it provides
the service. A requester might use this policy to decide whether or not
to use the service..." 

 

This specification doesn't really define the policy ownership for either
the Requester or Provider. That aside, there is a significant difference
between 1. A Requester supporting a policy, which is specified by a
Provider, and 2. A Requester specifying its own policies. 

 

The second scenario was not supported by the original Framework's
working draft - strictly because of the policy description in the
Framework's Abstract as "... policies of a Web Service..." (Requester is
not necessarily a Web Service). The change in the Abstract to
"...policies of entities in a Web services-based system...." eliminated
the ambiguity in section 4.4, which I wanted to clarify.

 

The bottom line is that my proposal is not applicable to the editor's
copy of the specification.

 

Regards,

 

Yakov Sverdlov

CA

 

 

________________________________

From: Daniel Roth [mailto:Daniel.Roth@microsoft.com] 
Sent: Wednesday, August 09, 2006 11:40 AM
To: Sverdlov, Yakov; public-ws-policy@w3.org
Subject: RE: NEW ISSUE: Remove misleading reference to a Requester
policy (Issue 3586)

 

Hi Yakov,

 

A requester may have its own policy.  For example, a requester may only
be willing to support certain security configurations.  The requester
can express this information as a policy and use policy intersection to
determine which provider policy alternative to use if any.  Take a look
at section 3.4 of Understanding Policy
<http://msdn.microsoft.com/ws/2006/07/understanding-ws-policy/>  for a
complete example that shows how this works.

 

Thanks.

 

Daniel Roth

 

________________________________

From: public-ws-policy-request@w3.org
[mailto:public-ws-policy-request@w3.org] On Behalf Of Sverdlov, Yakov
Sent: Monday, August 07, 2006 4:06 PM
To: public-ws-policy@w3.org
Subject: NEW ISSUE: Remove misleading reference to a Requester policy
(Issue 3586)

 

Title:
Remove misleading reference to a Requester policy.
 
Description: 
My understanding is that a Requester can not express requirements in the
form of WS-Policy, nor can the Requester have a policy. A Requester can
only adhere to the policy specified by a Provider.
 
The first paragraph of 4.4 creates the impression that a Requester may
have a policy. It states that "...when a requester and a provider
express requirements on a message exchange, intersection identifies
compatible policy alternatives (if any) included in both requester and
provider policies..." On the contrary - section 3.4 states that "...a
policy is supported by a requester..." but it rightfully does not
specify that a Requester has a policy. 
 
Also, accordingly to the Abstract, the Framework deals with "...the
policies of a Web Service..." but not with the policies of a Requester
of the Web Service".
 
Justification:
Clarify the difference between "Requester Policy" and "Requester
supporting a policy"
 
Target: 
WS-Policy Framework, 4.4 Policy Intersection
 
Proposal:
Change the first paragraph of 4.4 
 
From:
 
"Policy intersection is useful when two or more parties express policy
and want to limit the policy alternatives to those that are mutually
compatible. For example, when a requester and a provider express
requirements on a message exchange, intersection identifies compatible
policy alternatives (if any) included in both requester and provider
policies. Intersection is a commutative, associative function that takes
two policies and returns a policy."
 
To:
 
"Policy intersection is useful when two or more parties express policy
and want to limit the policy alternatives to those that are mutually
compatible. Policy intersection identifies compatible policy
alternatives (if any) included in the policies. Intersection is a
commutative, associative function that takes two or more policies and
returns a policy."

 

 

Regards,

 

Yakov Sverdlov

CA
Received on Saturday, 12 August 2006 00:05:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:20:40 GMT