W3C home > Mailing lists > Public > public-ws-policy@w3.org > August 2006

NEW ISSUE 3602: The absence of an assertion should not mean that the behavior is "explicitly prohibited"

From: Daniel Roth <Daniel.Roth@microsoft.com>
Date: Wed, 16 Aug 2006 09:02:48 -0700
Message-ID: <CACD2E414F77164CA4F324AF9A2094F30239F6D1@RED-MSG-70.redmond.corp.microsoft.com>
To: <public-ws-policy@w3.org>
Title - The absence of an assertion should not mean that the behavior is
"explicitly prohibited"

 

Description - Section 3.2 of the WS-Policy Framework contains the
following sentence:  "An assertion whose type is part of the policy's
vocabulary but is not included in an alternative is explicitly
prohibited by the alternative."   This statement seems to indicate that
the absence of the assertion implies a constraint on the policy consumer
to not use that policy assertion and to not perform the prohibited
behavior.  Depending on the provider's policy, this constraint on policy
consumers may not be supportable.  For example, let's say a provider
publishes a policy with two alternatives.  One alternative contains two
assertions, A and B, and the other contains no assertions.  Now, let's
suppose a requester doesn't understand either assertion.  According to
the current text in the WS-Policy Framework this requester should not
call the provider, because it might do the behavior for A but not the
behavior for B.  The requester may correctly implement one of the two
alternatives, but it cannot ensure that this is the case.  Similarly,
the requester cannot ensure that both behaviors are not implemented.  In
Section 3.2, the "explicitly prohibited" statement is too restrictive. 

 

In general, the absence of an assertion type should not imply nor
indicate anything about the policy subject.  The WS-Policy Framework
already contains text to this effect in paragraph 1 of Section 3.2: "An
alternative with zero assertions indicates no behaviors.  An alternative
with one or more assertions indicates behaviors implied by those, and
only those assertions." 

 

Justification - The current wording of paragraph 2 in Section 3.2
confusing to implementers.

 

Target - Web Services Policy Framework

 

Proposal - The correct interpretation of the WS-Policy Framework
specification should be that a policy alternative is processed
independently of all other assertions.  This interpretation is self
consistent and it allows policy consumers to process policy alternatives
independent of the policy vocabulary.  The proposed resolution for
paragraph 2 of Section 3.2 is to remove the last sentence as shown
below: 

 

SECTION 3.2

CHANGE FROM: The vocabulary of a policy alternative is the set of all
policy assertion types within the alternative. The vocabulary of a
policy is the set of all assertion types used in all the policy
alternatives in the policy.  An assertion whose type is part of the
policy's vocabulary but is not included in an alternative is explicitly
prohibited by the alternative.

 

CHANGE TO: The vocabulary of a policy alternative is the set of all
policy assertion types within the alternative. The vocabulary of a
policy is the set of all assertion types used in all the policy
alternatives in the policy.

 

We should also consider adding explanatory text in the primer regarding
the absence of an assertion.
Received on Wednesday, 16 August 2006 16:05:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:20:40 GMT