W3C home > Mailing lists > Public > public-ws-policy@w3.org > March 2007

Proposal for resolving guidelines part of 4213

From: Maryann Hondo <mhondo@us.ibm.com>
Date: Tue, 13 Mar 2007 01:18:08 -0400
To: public-ws-policy@w3.org
Message-ID: <OF1FE41E34.2ADAED47-ON8525729C.0080829A-8525729D.001CEF62@us.ibm.com>
The bug 4213 includes updating both the Primer and the Guidelines with an 
example of an empty nested assertion.

This Proposed Resolution is to address the Guidelines part.

Target:
        Guidelines document

Proposal:

Add the following text to the end of section 4.4.2 after example 4.4. 

In another example, WS-Security Policy defines sp:HttpToken assertion to 
contain three possible nested elements, sp:HttpBasicAuthentication, 
sp:HttpDigestAuthentication and sp:RequireClientCertificate. When the 
HttpToken is used with an empty nested policy in a policy expression by a 
provider, it will indicate that none of the dependent behaviors namely 
authentication or client certificate is required. 

(add this in an example box...example 4.5 )

<sp:TransportToken> 
                 <wsp:Policy> 
                                 <sp:HttpsToken> 
                                                 <wsp:Policy/> 
                                 </sp:HttpsToken> 
                 </wsp:Policy> 
</sp:TransportToken> 
A non-anonymous client who requires authentication or client certificate 
will not be able to use this provider solely on the basis of intersection 
algorithm alone. 
Received on Tuesday, 13 March 2007 05:16:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:20:48 GMT