Re: Quality of Service from Michael Ryan Bannon on 2003-04-17 (www-ws-desc@w3.org from April 2003)

From: Michael Ryan Bannon <mrbannon@uwaterloo.ca>
Date: Thu, 17 Apr 2003 17:35:26 -0400
To: <www-ws-desc@w3.org>
Cc: "Jeffrey Schlimmer" <jeffsch@windows.microsoft.com>, <info@johanpeeters.com>
Message-ID: <01c801c30529$4389acc0$445c6181@uwaterloo.ca>

The WS-Policy Attachment leads me to another question:
What is generally recommended as being the best method for attaching
policies and such to WSDL and/or UDDI?
Is WS-PolicyAttachment the only game in town?



----- Original Message -----
From: "Jeffrey Schlimmer" <jeffsch@windows.microsoft.com>
To: <info@johanpeeters.com>
Cc: <mrbannon@uwaterloo.ca>; <www-ws-desc@w3.org>
Sent: Thursday, April 17, 2003 2:00 PM
Subject: RE: Quality of Service


> Johan Peeters writes:
> >There has been some discussion at the OASIS WSS TC about QoP
> >(Quality of Protection) which I would consider as a subset
> >of QoS. My understanding is that they are currently thinking
> >of introducing a new binding, secure SOAP, that would have
> >extensions allowing you to specify the QoP. Is this the way
> >to go? I personally would hope for a more orthogonal
> >definition of QoP (and other QoS aspects for that matter)
>
> Agreed.
>
> >I.e. a QoP can apply to a web service regardless of
> >whether its wire format is SOAP or not. It seems to
> >me that WS-Policy might just do that.
>
> WS-Security uses WS-Policy to state security requirements independent of
> the specific port type or the underlying transport.
>
> http://msdn.microsoft.com/ws/2002/12/ws-security-policy/
>
> >But that is by-the-by. What I really want to know is this: what
> >are the respective responsibilities of the W3C WS description
> >WG and the OASIS WSS TC working group wrt QoP/QoS descriptions
>
> The W3C Web Service Description (WSDL) Working Group (WG) charter is the
> official answer.
>
> http://www.w3.org/2002/01/ws-desc-charter
>
> The current WSDL 1.2 draft allows annotations. Annotations could be
> defined to indicate QoP or QoS, but my guess is that the WG will not
> define them.
>
> >and how will the pieces ever fit together?
>
> I am not intimately familiar with the charter of the Oasis WSS TC, but
> note that WS-I has played an integration role in the past.
>
> http://www.ws-i.org/Profiles/Basic/2003-03/BasicProfile-1.0-BdAD.html
>
> >Will a WSDL 1.2 specification tell us, for example, whether a
> >secure SOAP message is required to access a service?
>
> WS-PolicyAttachment defines a means to indicate within a WSDL 1.1
> document that a service requires general policy (or security policy
> specifically). I would be very surprised if similar mechanisms do not
> exist for WSDL 1.2 by the time it is finalized.
>
> http://msdn.microsoft.com/ws/2002/12/PolicyAttachment/
>
> >What if the binding is not SOAP?
>
> If bindings are allowed to have different message data and/or processing
> models, then it will be difficult to define annotations that can be
> generally applied to the different architectures.
>

Received on Thursday, 17 April 2003 17:33:44 UTC