W3C home > Mailing lists > Public > public-ws-policy@w3.org > May 2007

RE: AIN, NOBI and composition

From: David Orchard <dorchard@bea.com>
Date: Thu, 10 May 2007 10:23:03 -0700
Message-ID: <4260A18CD3F05B469E67BC6C20464EAC063340@rcpbex01.amer.bea.com>
To: "Christopher B Ferris" <chrisfer@us.ibm.com>, "Ashok Malhotra" <ashok.malhotra@oracle.com>
Cc: "Daniel Roth" <Daniel.Roth@microsoft.com>, <public-ws-policy@w3.org>, <public-ws-policy-request@w3.org>
Ignorable/hidden: What if the service has an assertion C that implies
logging behaviour, but it isn't put in the policy?  I think the service
can do a whole bunch of things that might be disclosed to the client for
intersection.
 
Optional: What if the service has an optional Assertion, like
RMAssertion, and it isn't in the policy.  
 
Under your rules, I think that means all those behaviours are not to be
applied.  
 
Cheers,
Dave


________________________________

	From: Christopher B Ferris [mailto:chrisfer@us.ibm.com] 
	Sent: Thursday, May 10, 2007 6:12 AM
	To: Ashok Malhotra
	Cc: Daniel Roth; David Orchard; public-ws-policy@w3.org;
public-ws-policy-request@w3.org
	Subject: RE: AIN, NOBI and composition
	
	

	I don't know what C or Z imply. Again, you keep adding
assertions to the mix. The statement we proposed 
	says NOTHING about assertions. It speaks ONLY about BEHAVIORS. 
	
	I cannot make this any more clear than that. 
	
	There are a set of behaviors implied by the set of assertions IN
an alternative. 
	Those and ONLY THOSE implied behaviors are to be applied, full
stop. 
	
	Cheers, 
	
	Christopher Ferris
	STSM, Software Group Standards Strategy
	email: chrisfer@us.ibm.com
	blog: http://www.ibm.com/developerworks/blogs/page/chrisferris
	phone: +1 508 377 9295 
	
	public-ws-policy-request@w3.org wrote on 05/10/2007 08:48:27 AM:
	
	> Chris: 
	> I was being deliberately provocative to get you to spell out
the 
	> exact semantics.  So, if the selected policy is 
	>  <policy>
	>      <A/>
	>      <B/>
	> </policy> 
	>   
	> What can I do, or can I not do wrt C or Z? 
	> All the best, Ashok 
	> 
	> From: public-ws-policy-request@w3.org
[mailto:public-ws-policy-
	> request@w3.org] On Behalf Of Christopher B Ferris
	> Sent: Thursday, May 10, 2007 5:02 AM
	> To: Ashok Malhotra
	> Cc: Daniel Roth; David Orchard; public-ws-policy@w3.org;
public-ws-
	> policy-request@w3.org
	> Subject: RE: AIN, NOBI and composition 
	>   
	> 
	> Ashok, 
	> 
	> Bzzzt. 
	> 
	> Where in the text that I have offered is the RFC2119 keyword
"MUST 
	> NOT"? The proposal that IBM has offered 
	> does NOT require that you know the unknowable (the complete
set of 
	> policy alternatives in the universe). 
	> The proposal we have offered is an attempt to make it clear
that a 
	> policy alternative is a complete 
	> expression of the set of behaviors to be engaged. 
	> 
	> If we have the "makes no claims" interpretation, then a policy

	> author is free to (for instance) exclude the 
	> security policy necessary to the interaction on the grounds
that it 
	> is too complicated. Thus, an endpoint 
	> wishing to interact with an endpoint whose policy was authored
by 
	> this lazy policy author would find 
	> out the hard way that the message needed to be signed and
encrypted 
	> in order to be processed. 
	> 
	> We believe that in order for policy to have value, it must be
a 
	> complete expression of the behaviors 
	> that are engaged for purposes of interaction. 
	> 
	> This has nothing to do with omniscience of policy assertion 
	> vocabularies and exclusion of the 
	> set of behaviors implied by those absent from a given policy
alternative. 
	> 
	> IBM wants a policy alternative to be able to be taken at face
value 
	> as the expression of the 
	> set of behaviors that are to be used to interact
(interoperate) with
	> the attached policy subject. 
	> 
	> Cheers, 
	> 
	> Christopher Ferris
	> STSM, Software Group Standards Strategy
	> email: chrisfer@us.ibm.com
	> blog: http://www.ibm.com/developerworks/blogs/page/chrisferris
	> phone: +1 508 377 9295 
	> 
	> public-ws-policy-request@w3.org wrote on 05/09/2007 06:11:23
PM:
	> 
	> > 
	> > Yes, David, I agree.  Let me put it more starkly.
	> > Chris' proposal is that if the agreed on policy is:
	> > 
	> > <policy>
	> >     <A/>
	> >     <B/>
	> > </policy>
	> > 
	> > Then you MUST NOT do assertion X or Y or any other
assertions for 
	> that matter.
	> > 
	> > This means that you must know the universe of all possible
assertions.
	> > The <encoding> assertion is one you may not think about but
unless 
	> > you specify <encoding> you cannot do it, according to this
proposal.
	> > 
	> > 
	> > All the best, Ashok
	> > 
	> > > -----Original Message-----
	> > > From: public-ws-policy-request@w3.org
[mailto:public-ws-policy-
	> > > request@w3.org] On Behalf Of David Orchard
	> > > Sent: Wednesday, May 09, 2007 9:24 AM
	> > > To: Daniel Roth; Ashok Malhotra; public-ws-policy@w3.org
	> > > Subject: RE: AIN, NOBI and composition
	> > > 
	> > > 
	> > > We continue to talk past each other.  I think the
following two
	> > > sentences are equivalent:
	> > > "No behaviors are to be applied for the alternative other
than the
	> > > behaviors specified by the assertions in the alternative"
	> > > "The absence of an assertion means that the behaviour
specified by the
	> > > absent assertion should not be applied".
	> > > 
	> > > Cheers,
	> > > Dave
	> > > 
	> > > > -----Original Message-----
	> > > > From: Daniel Roth [mailto:Daniel.Roth@microsoft.com]
	> > > > Sent: Tuesday, May 08, 2007 4:52 PM
	> > > > To: David Orchard; Ashok Malhotra;
public-ws-policy@w3.org
	> > > > Subject: RE: AIN, NOBI and composition
	> > > >
	> > > > > AIN Closed flavour: Any assertion not in an
alternative
	> > > > should not be
	> > > > > applied (revised chris proposal)
	> > > >
	> > > > Chris' revised proposal doesn't say anything about the
	> > > > absence of assertions.  It simply says that no behaviors
are
	> > > > to be applied for the alternative other than the
behaviors
	> > > > specified by the assertions in the alternative.
	> > > >
	> > > > Daniel Roth
	> > > >
	> > > > -----Original Message-----
	> > > > From: David Orchard [mailto:dorchard@bea.com]
	> > > > Sent: Tuesday, May 08, 2007 4:42 PM
	> > > > To: Ashok Malhotra; Daniel Roth; public-ws-policy@w3.org
	> > > > Subject: RE: AIN, NOBI and composition
	> > > >
	> > > > Well, I think we need to have clear wording for all the
"alternatives"
	> > > > before the working group.
	> > > >
	> > > > The way I see it:
	> > > > AIN Vocabulary flavour: Any assertion not in a
vocabulary
	> > > > should not be applied (Original chris proposal) AIN
Closed
	> > > > favour: Any assertion not in an alternative should not
be
	> > > > applied (revised chris proposal) AIN Removal: Any
assertion
	> > > > not in alternative means nothing.  It may or may not be
applied.
	> > > >
	> > > > Cheers,
	> > > > Dave
	> > > >
	> > > > > -----Original Message-----
	> > > > > From: Ashok Malhotra
[mailto:ashok.malhotra@oracle.com]
	> > > > > Sent: Tuesday, May 08, 2007 4:29 PM
	> > > > > To: Daniel Roth; David Orchard;
public-ws-policy@w3.org
	> > > > > Subject: RE: AIN, NOBI and composition
	> > > > >
	> > > > > Dan:
	> > > > > I'm sorry, but that's not how I read it.
	> > > > >
	> > > > > My reading is that you CANNOT apply assertions that
are not in the
	> > > > > selected alternative.  That, to me feels like
negation.
	> > > > >
	> > > > > I think we shd get behind Monica's explicit wording
that eliminates
	> > > > > the fuzz factor.
	> > > > >
	> > > > > All the best, Ashok
	> > > > >
	> > > > > > -----Original Message-----
	> > > > > > From: public-ws-policy-request@w3.org
[mailto:public-ws-policy-
	> > > > > > request@w3.org] On Behalf Of Daniel Roth
	> > > > > > Sent: Tuesday, May 08, 2007 4:12 PM
	> > > > > > To: David Orchard; public-ws-policy@w3.org
	> > > > > > Subject: RE: AIN, NOBI and composition
	> > > > > >
	> > > > > >
	> > > > > > This is exactly the problem with tying negation
semantics to the
	> > > > > > absence of assertion types (AIN).
	> > > > > >
	> > > > > > IBM's proposal fixes this by simply saying you do
what you
	> > > > > assert and
	> > > > > > nothing else (NOBI).
	> > > > > >
	> > > > > > Daniel Roth
	> > > > > >
	> > > > > > -----Original Message-----
	> > > > > > From: public-ws-policy-request@w3.org
[mailto:public-ws-policy-
	> > > > > > request@w3.org] On Behalf Of David Orchard
	> > > > > > Sent: Tuesday, May 08, 2007 3:23 PM
	> > > > > > To: public-ws-policy@w3.org
	> > > > > > Subject: AIN, NOBI and composition
	> > > > > >
	> > > > > >
	> > > > > > I wonder about AIN, NOBI, etc. and composition.
	> > > > > >
	> > > > > > Imagine that WS-I produces an assertion that says a
"RSPAssertion"
	> > > > > > means RMAssertion and Security, perhaps exactly one
of
	> > > > > > messageSecurity|transportsecurity.  What's the
meaning
	> > > > when some of
	> > > > > > messageSecurity|the
	> > > > > > assertions that are in the composition are missing?
For
	> > > > example, I
	> > > > > > just say RSPAssertion.  I don't say RMAssertion,
though
	> > > > > RMAssertion is
	> > > > > > in the vocabulary.  If I get an intersection that
says
	> > > > RSPAssertion
	> > > > > > but not RMAssertion, AIN has the implication that
you
	> > > > > shouldn't apply
	> > > > > > RMAssertion yet RSPAssertion does.
	> > > > > >
	> > > > > > We don't say anything about whether an assertion
that means a
	> > > > > > behaviour "trumps" the lack of such an assertion.
	> > > > > >
	> > > > > > With AIN, there's a problem.  Without AIN, there's
no
	> > > > > problem because
	> > > > > > there's no conflict.
	> > > > > >
	> > > > > > Cheers,
	> > > > > > Dav3e
	> > > > > >
	> > > > > >
	> > > > > >
	> > > > > >
	> > > > > >
	> > > > >
	> > > > >
	> > > >
	> > > 
	> > 
	> > 
Received on Thursday, 10 May 2007 17:25:00 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:38:34 UTC