- From: Christopher B Ferris <chrisfer@us.ibm.com>
- Date: Fri, 11 May 2007 16:58:59 -0400
- To: "Ashok Malhotra" <ashok.malhotra@oracle.com>
- Cc: "David Orchard" <dorchard@bea.com>, "public-ws-policy@w3.org" <public-ws-policy@w3.org>, public-ws-policy-request@w3.org
- Message-ID: <OFE117003A.63541360-ON852572D8.0072A7B7-852572D8.0073294C@us.ibm.com>
Ashok, Maryann and I have been thinking about your concerns. Possibly, the confusion relates to the scope to which this proposal applies. It is our understanding that it applies to those aspects of behavior that are controlled/influenced by policy framework processing... e.g. those behaviors that are engaged, configured, constrained by policy. Clearly, there is going to be behavior that is outside the domain of policy. That is not relevant to policy (though it may be relevant to interoperation, which I believe may be Dale's point). There may even be behavior that is subsequently documented by policy assertions that are unknown to an implementation at the time of its deployment. These too are out of scope of consideration of the policy framework processing as it relates to what is or is not applied in the context of an alternative that does not include such unknown assertions. Does that make things any clearer? Consider the following example client policy: <Policy> <A/> <B/> <C wsp:Optional='true'/> </Policy> server policy: <Policy> <A/> <B/> </Policy> intersection would yield: <Policy> <A/> <B/> <A/> <B/> </Policy> Would you engage C anyway? It is our understanding that if you have an entity that engages C (from your previous example) when C is IN the alternative selected for interaction with the attached policy subject, that it would NOT engage that behavior when C is absent the alternative selected for interaction with the attached policy subject. Under the "makes no claims" regime, an implementation would be free to do C even though it were not in the intersected alternative, because the interpretation of that alternative (A, B, A, B) says nothing about whether C may or may not be applied. What is the point of performing intersection to determine the compatible alternative(s) if the implementation isn't going to bother to abide by the resulting policy to engage in the interaction? This may seem like it is drifting back towards the notion of policy vocabulary. But, the fact is that I think as you point out, you need to at least know what you know and behave in a consistent manner with regards to what the policy says and the behaviors you apply in the context of the interaction. The point of policy is to enable interoperation between Web services components. In order for it to be effective, there needs to be a shared understanding as to what the policy means and we need to have the respective endpoints behaving in a consistent manner relative to the policies that are used to determine the set of compatible alternatives from which to choose for purposes of interaction. Maryann and I have been noodling on language that tries to capture our intent better. So, rather than add the "No other behaviors are to be applied" language, we think that maybe if we added the following prose to section 4.5 Intersection, just before the algorithm is described, that that might clear up the confusion while at the same time preserving the semantic that we believe to be important. New text for section 4.5: If the intersection algorithm produces a policy alternative, common to both parties, it indicates that the behaviors implied by the assertions in that policy alternative are an implicit contract and will be applied for any interaction based on that alternative. Any behaviors not represented by policy assertions in that alternative are out of scope and not applied as a result of policy framework processing. Cheers, Christopher Ferris STSM, Software Group Standards Strategy email: chrisfer@us.ibm.com blog: http://www.ibm.com/developerworks/blogs/page/chrisferris phone: +1 508 377 9295 public-ws-policy-request@w3.org wrote on 05/11/2007 08:17:27 AM: > > Note that 2 requires additional information, namely, all the > assertions/behaviors in the closed world. How is this information > conveyed to the policy engine? > > All the best, Ashok > > > -----Original Message----- > > From: public-ws-policy-request@w3.org [mailto:public-ws-policy- > > request@w3.org] On Behalf Of David Orchard > > Sent: Thursday, May 10, 2007 2:11 PM > > To: public-ws-policy@w3.org > > Subject: Revised positions for closed/open world assumptions > > > > > > Here's my revised estimate of the positions: > > > > Overview > > There are roughly 3 positions that may be taken on the issue of the > > meaning of assertions in alternative(s). > > > > 1. AIN Vocabulary flavour: > > Any behaviour not implied by an assertion that is in a vocabulary should > > not be applied (Roughly original chris proposal) > > > > No proponents. No further elaboration planned. > > > > 2. AIN Closed world flavour (revised MSFT/IBM proposal): > > Any behaviour not implied by an alternative must not be applied. Any > > behaviors implied by assertions in an alternative must be applied. > > > > Questions: > > 1. Is it OK to omit Ignorable="true" Assertion? > > 2. Is it OK to omit Optional="true" Assertion? > > > > Pros > > This ensures that a provider will provide a "complete" description of > > the behaviors and thus guarantee interop including optional/ignorable. > > > > Cons > > Pending questions, may limit providers ability to apply behaviors. > > > > 3. AIN Removal (open world): > > Any behaviour not implied by any assertions in an alternative may or may > > not be applied. Any behaviors implied by assertions in an alternative > > must be applied. > > > > Pros > > Perception of "simpler" specification. Allows service fuller control > > over application of behaviors. > > > > Cons > > Provider might not provide "complete" description. Interop is > > guaranteed but optional and/or ignorable behaviors may be missed by > > clients. > > > > Cheers, > > Dave > > > >
Received on Friday, 11 May 2007 21:00:21 UTC