RE: NEW ISSUE: Change optional example from MTOM to security (Gui delines and Primer) from Prasad Yendluri on 2006-11-13 (public-ws-policy@w3.org from November 2006)

From: Prasad Yendluri <prasad.yendluri@webmethods.com>
Date: Mon, 13 Nov 2006 16:27:56 -0500
To: Frederick Hirsch <frederick.hirsch@nokia.com>, Prasad Yendluri <prasad.yendluri@webmethods.com>
Cc: ext William Henry <william.henry@iona.com>, public-ws-policy@w3.org
Message-ID: <A3E375FA108EF94496269A5A96AFCAC107385775@mailwest-e0b>

Hi,

 

The issue description as raised is:

 

"MTOM is a very bad example for optionality since it raises ambiguities

depending on message flow. Best practices might suggest using different

endpoints for with and without MTOM. Reason is that MTOM assertion mandates

usage of MTOM on both requests and responses, so request without MTOM is

ambiguous, is it a message that wouldn't naturally use MTOM, is it in error,
or does it signal desire not to use MTOM."

 

Since (i) there is a clear way for the client to indicate it can accept
MTOM/XOP encoded messages without having to send MTOM encoded messages (ii)
it is possible to send MTOM/XOP encoded messages even when there is no
"attachment" / binary information that is associated with the outgoing
message and (iii) we have ruled it out of scope how it is determined a
particular policy alternative is selected, 

I don't see an issue.

 

Regards,

Prasad

 

-----Original Message-----
From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com] 
Sent: Monday, November 13, 2006 1:13 PM
To: ext Prasad Yendluri
Cc: Frederick Hirsch; ext William Henry; public-ws-policy@w3.org
Subject: Re: NEW ISSUE: Change optional example from MTOM to security (Gui
delines and Primer)

 

Yes, but that doesn't correct the assertion ambiguity/confusion.

 

By the way, I think Daniel's proposal on day 3 of the F2F should take  

care of the immediate concerns, if I understood it correctly from the  

minutes.

 

regards, Frederick

 

Frederick Hirsch

Nokia

 

 

On Nov 13, 2006, at 2:18 PM, ext Prasad Yendluri wrote:

 

> Hi,

> 

> Could the client indicate it wants to receive a MTOM message using  

> the HTTP

> Accept: multipart/related;type="application/xop+xml", even though  

> it does

> not send a multipart (MTOM/XOP) encoded message?    

> 

> Regards,

> Prasad

> 

> -----Original Message-----

> From: public-ws-policy-request@w3.org

> [mailto:public-ws-policy-request@w3.org] On Behalf Of Frederick Hirsch

> Sent: Monday, November 13, 2006 7:44 AM

> To: ext William Henry

> Cc: Frederick Hirsch; public-ws-policy@w3.org

> Subject: Re: NEW ISSUE: Change optional example from MTOM to security

> (Guidelines and Primer)

> 

> 

> I'm not convinced those assumptions are correct.

> 

> Why couldn't the first message not need an attachment and not bother

> sending a multipart message with only one part, yet the response need

> an attachment and multipart for rational reasons?

> 

> regards, Frederick

> 

> Frederick Hirsch

> Nokia

> 

> 

> On Nov 9, 2006, at 12:22 PM, ext William Henry wrote:

> 

>> 

>> Hi Frederick,

>> 

>> I think it's pretty obvious that if a requester sends a non-MTOM

>> request it must be assumed that they are using the alternative -

>> presumably whatever binding is specified in the binding. Then all

>> exchanges between requester and provider will be with that

>> alternative. If the requester uses MTOM then it is assumed that

>> exchanges will be with the MTOM alternative.

>> 

>> I assume this is the same with security assertions two. Once using

>> an alternative it is assumed that it will be used on all exchanges

>> between that requester and provider.

>> 

>> Regards,

>> William

>> 

>

Received on Monday, 13 November 2006 21:29:32 UTC