W3C home > Mailing lists > Public > public-ws-policy@w3.org > October 2006

Re: NEW ISSUE: New Attribute keyword to identify 'local' policies #3721

From: Sergey Beryozkin <sergey.beryozkin@iona.com>
Date: Wed, 18 Oct 2006 15:45:14 +0100
Message-ID: <01ef01c6f2c4$05b8d970$3901020a@sberyoz>
To: "Asir Vedamuthu" <asirveda@microsoft.com>, "William Henry" <William.Henry@iona.com>, <public-ws-policy@w3.org>

Here's a 32th one :-).

"I didn't come across a technical reason why a provider would expose local or private policies (or configurations) to requestors."

+1. Mostly agreed. The idea behind wsp:local attribute is actually to give a provider a chance to strip them off and, if such policy 
assertions are leaked, then tell a requester that such assertions are of no use to it and must be skipped over.

We can use private attributes. However, if the group finds some good scenarios where a standardized attribute like wsp:local can be 
used then perhaps there'll be a chance for it to exist.

What's your opinion on this example about service brokes :

http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0078.html

Cheers, Sergey


I read through 30 e-mails on this topic. I didn't come across a technical reason why a provider would expose local or private 
policies (or configurations) to requestors.

Regards,

Asir S Vedamuthu
Microsoft Corporation




From: public-ws-policy-request@w3.org [mailto:public-ws-policy-request@w3.org] On Behalf Of William Henry
Sent: Wednesday, September 13, 2006 10:42 AM
To: public-ws-policy@w3.org
Subject: NEW ISSUE: New Attribute keyword to identify 'local' policies #3721

http://www.w3.org/Bugs/Public/show_bug.cgi?id=3721

Title: New Attribute keyword to identify 'local' policies

Justificaiton:
As WS-Policy becomes more popular in use, policies not related to
consumer/provider interaction are being defined by implementors. e.g. a
provider processes use of caching data, or a consumers private identity
management information. Though such policies should not be used in WSDL
contract it is likely that such polices could make themselves visible where
they are not to be used through attachment mechanisms (external XML files or
UDDI etc.)

I understand that his issue may have been raised before and the argument was
that it was out of scope and that domains are responsible for defining such
attributes. (e.g. WSDM) However this puts a burden on consumers to understand
certain domain specifications or certain proprietary implementer policies. A
service might be deemed unusable just because consumer doesn't understand some
policy that is actually just a configuration policy for a local server.

A more consistent and also efficient mechanism is required. Having a keyword
e.g. wsp:local (or wsp:providerOnly, wsp:consumerOnly) allows consumers to
ignore such policies.

What an implementor does inside that policy then is up to them and is
"invisible" to the consumer of the the policy as it will be ignored.

So though it seems like it is not clear that we should do this in the charter
it does allow a mechanism to make consumer/provider policies clearer - i.e.
anything tagged with this attribute (e.g. wsp:local) can be ignored for
consumer/provider interaction. Pushing it out to the domain specifications can
leave a lot of ambiguity and therefore could effect our charter.

Proposal Description
Introduce the wsp:local attribute and explain that policies with this attribute
do not effect consumer/provider interaction and should be ignored from
calculating assertions for such interaction.
Received on Wednesday, 18 October 2006 14:44:12 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:20:42 GMT