W3C home > Mailing lists > Public > public-ws-policy@w3.org > May 2007

RE: AIN, NOBI and composition

From: Christopher B Ferris <chrisfer@us.ibm.com>
Date: Thu, 10 May 2007 08:02:27 -0400
To: "Ashok Malhotra" <ashok.malhotra@oracle.com>
Cc: "Daniel Roth" <Daniel.Roth@microsoft.com>, "David Orchard" <dorchard@bea.com>, "public-ws-policy@w3.org" <public-ws-policy@w3.org>, public-ws-policy-request@w3.org
Message-ID: <OF32F85A71.3C5B32C2-ON852572D7.003FC330-852572D7.00420A3D@us.ibm.com>
Ashok,

Bzzzt.

Where in the text that I have offered is the RFC2119 keyword "MUST NOT"? 
The proposal that IBM has offered
does NOT require that you know the unknowable (the complete set of policy 
alternatives in the universe).
The proposal we have offered is an attempt to make it clear that a policy 
alternative is a complete
expression of the set of behaviors to be engaged.

If we have the "makes no claims" interpretation, then a policy author is 
free to (for instance) exclude the
security policy necessary to the interaction on the grounds that it is too 
complicated. Thus, an endpoint
wishing to interact with an endpoint whose policy was authored by this 
lazy policy author would find
out the hard way that the message needed to be signed and encrypted in 
order to be processed.

We believe that in order for policy to have value, it must be a complete 
expression of the behaviors
that are engaged for purposes of interaction.

This has nothing to do with omniscience of policy assertion vocabularies 
and exclusion of the
set of behaviors implied by those absent from a given policy alternative.

IBM wants a policy alternative to be able to be taken at face value as the 
expression of the
set of behaviors that are to be used to interact (interoperate) with the 
attached policy subject.

Cheers,

Christopher Ferris
STSM, Software Group Standards Strategy
email: chrisfer@us.ibm.com
blog: http://www.ibm.com/developerworks/blogs/page/chrisferris
phone: +1 508 377 9295

public-ws-policy-request@w3.org wrote on 05/09/2007 06:11:23 PM:

> 
> Yes, David, I agree.  Let me put it more starkly.
> Chris' proposal is that if the agreed on policy is:
> 
> <policy>
>     <A/>
>     <B/>
> </policy>
> 
> Then you MUST NOT do assertion X or Y or any other assertions for that 
matter.
> 
> This means that you must know the universe of all possible assertions.
> The <encoding> assertion is one you may not think about but unless 
> you specify <encoding> you cannot do it, according to this proposal.
> 
> 
> All the best, Ashok
> 
> > -----Original Message-----
> > From: public-ws-policy-request@w3.org [mailto:public-ws-policy-
> > request@w3.org] On Behalf Of David Orchard
> > Sent: Wednesday, May 09, 2007 9:24 AM
> > To: Daniel Roth; Ashok Malhotra; public-ws-policy@w3.org
> > Subject: RE: AIN, NOBI and composition
> > 
> > 
> > We continue to talk past each other.  I think the following two
> > sentences are equivalent:
> > "No behaviors are to be applied for the alternative other than the
> > behaviors specified by the assertions in the alternative"
> > "The absence of an assertion means that the behaviour specified by the
> > absent assertion should not be applied".
> > 
> > Cheers,
> > Dave
> > 
> > > -----Original Message-----
> > > From: Daniel Roth [mailto:Daniel.Roth@microsoft.com]
> > > Sent: Tuesday, May 08, 2007 4:52 PM
> > > To: David Orchard; Ashok Malhotra; public-ws-policy@w3.org
> > > Subject: RE: AIN, NOBI and composition
> > >
> > > > AIN Closed flavour: Any assertion not in an alternative
> > > should not be
> > > > applied (revised chris proposal)
> > >
> > > Chris' revised proposal doesn't say anything about the
> > > absence of assertions.  It simply says that no behaviors are
> > > to be applied for the alternative other than the behaviors
> > > specified by the assertions in the alternative.
> > >
> > > Daniel Roth
> > >
> > > -----Original Message-----
> > > From: David Orchard [mailto:dorchard@bea.com]
> > > Sent: Tuesday, May 08, 2007 4:42 PM
> > > To: Ashok Malhotra; Daniel Roth; public-ws-policy@w3.org
> > > Subject: RE: AIN, NOBI and composition
> > >
> > > Well, I think we need to have clear wording for all the 
"alternatives"
> > > before the working group.
> > >
> > > The way I see it:
> > > AIN Vocabulary flavour: Any assertion not in a vocabulary
> > > should not be applied (Original chris proposal) AIN Closed
> > > favour: Any assertion not in an alternative should not be
> > > applied (revised chris proposal) AIN Removal: Any assertion
> > > not in alternative means nothing.  It may or may not be applied.
> > >
> > > Cheers,
> > > Dave
> > >
> > > > -----Original Message-----
> > > > From: Ashok Malhotra [mailto:ashok.malhotra@oracle.com]
> > > > Sent: Tuesday, May 08, 2007 4:29 PM
> > > > To: Daniel Roth; David Orchard; public-ws-policy@w3.org
> > > > Subject: RE: AIN, NOBI and composition
> > > >
> > > > Dan:
> > > > I'm sorry, but that's not how I read it.
> > > >
> > > > My reading is that you CANNOT apply assertions that are not in the
> > > > selected alternative.  That, to me feels like negation.
> > > >
> > > > I think we shd get behind Monica's explicit wording that 
eliminates
> > > > the fuzz factor.
> > > >
> > > > All the best, Ashok
> > > >
> > > > > -----Original Message-----
> > > > > From: public-ws-policy-request@w3.org [mailto:public-ws-policy-
> > > > > request@w3.org] On Behalf Of Daniel Roth
> > > > > Sent: Tuesday, May 08, 2007 4:12 PM
> > > > > To: David Orchard; public-ws-policy@w3.org
> > > > > Subject: RE: AIN, NOBI and composition
> > > > >
> > > > >
> > > > > This is exactly the problem with tying negation semantics to the
> > > > > absence of assertion types (AIN).
> > > > >
> > > > > IBM's proposal fixes this by simply saying you do what you
> > > > assert and
> > > > > nothing else (NOBI).
> > > > >
> > > > > Daniel Roth
> > > > >
> > > > > -----Original Message-----
> > > > > From: public-ws-policy-request@w3.org [mailto:public-ws-policy-
> > > > > request@w3.org] On Behalf Of David Orchard
> > > > > Sent: Tuesday, May 08, 2007 3:23 PM
> > > > > To: public-ws-policy@w3.org
> > > > > Subject: AIN, NOBI and composition
> > > > >
> > > > >
> > > > > I wonder about AIN, NOBI, etc. and composition.
> > > > >
> > > > > Imagine that WS-I produces an assertion that says a 
"RSPAssertion"
> > > > > means RMAssertion and Security, perhaps exactly one of
> > > > > messageSecurity|transportsecurity.  What's the meaning
> > > when some of
> > > > > messageSecurity|the
> > > > > assertions that are in the composition are missing?  For
> > > example, I
> > > > > just say RSPAssertion.  I don't say RMAssertion, though
> > > > RMAssertion is
> > > > > in the vocabulary.  If I get an intersection that says
> > > RSPAssertion
> > > > > but not RMAssertion, AIN has the implication that you
> > > > shouldn't apply
> > > > > RMAssertion yet RSPAssertion does.
> > > > >
> > > > > We don't say anything about whether an assertion that means a
> > > > > behaviour "trumps" the lack of such an assertion.
> > > > >
> > > > > With AIN, there's a problem.  Without AIN, there's no
> > > > problem because
> > > > > there's no conflict.
> > > > >
> > > > > Cheers,
> > > > > Dav3e
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > 
> 
> 
Received on Thursday, 10 May 2007 12:02:44 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:38:34 UTC