W3C home > Mailing lists > Public > public-ws-policy@w3.org > May 2007

Action-288 (was RE: [Bug 4479] Editorial, note is obscure or unclear

From: Asir Vedamuthu <asirveda@microsoft.com>
Date: Tue, 1 May 2007 15:13:25 -0700
To: "bob@freunds.com" <bob@freunds.com>, "public-ws-policy@w3.org" <public-ws-policy@w3.org>
Message-ID: <C9BF0238EED3634BA1866AEF14C7A9E53ED3CAB820@NA-EXMSG-C116.redmond.corp.microsoft.com>

Action-288 - Amend note in accordance with http://lists.w3.org/Archives/Public/public-ws-policy/2007Apr/0081.html

Our proposed replacement for the last paragraph in Section 3.2 [1] is:

Note: Depending on the semantics of the domain specific policy assertions a combination of the policy assertions can be required to specify a particular behavior. For example, a combination of two or three assertions from the WS-SecurityPolicy specification is used to indicate message-level security for protecting messages - that is, the sp:AsymmetricBinding assertion is used to indicate message-level security, the sp:SignedParts assertion is used to indicate the parts of a message to be protected and the sp:EncryptedParts assertion is used to indicate the parts of a message that require confidentiality.

[1] http://www.w3.org/TR/2007/CR-ws-policy-20070330/#rPolicy_Alternative

Regards,

Asir S Vedamuthu
Microsoft Corporation

-----Original Message-----
From: public-ws-policy-request@w3.org [mailto:public-ws-policy-request@w3.org] On Behalf Of Asir Vedamuthu
Sent: Friday, April 20, 2007 7:31 PM
To: bob@freunds.com; public-ws-policy@w3.org
Subject: FW: [Bug 4479] Editorial, note is obscure or unclear


>Depending on the semantics of the domain specific policy assertions a
>combination of these policy assertions can be required to specify a
>particular behavior

The above note [1] was added in January '07 in response to issue 4236 [2].

Let's look at a concrete example. In WS-SecurityPolicy, a combination of 2 or 3 assertions may be needed to indicate a behavior. For instance, to represent message-level security for protecting messages, the sp:AsymmetricBinding assertion is used to indicate message-level security, the sp:SignedParts assertion is used to indicate the parts of a message to be protected and the sp:EncryptedParts assertion is used to indicate the parts of a message that require confidentiality [3]. In this example, the behavior is specified using a combination of policy assertions.

>It is unclear to this reader if the assertion set alone is sufficient
>to specify a domain specific behavior

Yes, they are sufficient. Your first impression is right!

Do you think some prose and examples that illustrate the above note in the Guidelines document would help assertion authors?

[1] http://www.w3.org/TR/2007/CR-ws-policy-20070330/#rPolicy_Alternative
[2] http://www.w3.org/Bugs/Public/show_bug.cgi?id=4236
[3] http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-cd-02.html#_Toc161826608

Regards,

Asir S Vedamuthu
Microsoft Corporation



-----Original Message-----
From: public-ws-policy-qa-request@w3.org [mailto:public-ws-policy-qa-request@w3.org] On Behalf Of bugzilla@wiggum.w3.org
Sent: Thursday, April 19, 2007 12:08 PM
To: public-ws-policy-qa@w3.org
Subject: [Bug 4479] Editorial, note is obscure or unclear


http://www.w3.org/Bugs/Public/show_bug.cgi?id=4479

           Summary: Editorial, note is obscure or unclear
           Product: WS-Policy
           Version: CR
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Framework
        AssignedTo: fsasaki@w3.org
        ReportedBy: bob@freunds.com
         QAContact: public-ws-policy-qa@w3.org


In WS-Policy 1.5 Framework Section 3.2 it is written:
"Note: Depending on the semantics of the domain specific policy assertions a
combination of the policy assertions can be required to specify a particular
behavior."

It is unclear to this reader if the assertion set alone is sufficient to
specify a domain specific behavior or if the compatible assertions produced as
the result of the default intersection algorithm are what is meant in the
context of this note.  If this note is intended to mean that assertions alone
suffice, then it seems that policy authors have the freedom to define arbitrary
policy vocabularies and arbitrary policy alternative vocabularies so long as
they have defined the domain specific behavior for all acceptible combinations
within that domain of such assertions independant of any other rules which may
be described within this document.

I think that this note needs qualification or clarification.
Received on Tuesday, 1 May 2007 22:14:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:20:50 GMT