W3C home > Mailing lists > Public > www-ws-desc@w3.org > November 2004

RE: Minutes of MEP Task Force 2004-11-23

From: Yalcinalp, Umit <umit.yalcinalp@sap.com>
Date: Tue, 23 Nov 2004 21:31:05 +0100
Message-ID: <99CA63DD941EDC4EBA897048D9B0061D0E07DC92@uspalx20a.pal.sap.corp>
To: "'David Booth'" <dbooth@w3.org>, www-ws-desc@w3.org


>-----Original Message-----
>From: www-ws-desc-request@w3.org [mailto:www-ws-desc-request@w3.org] 
>Sent: Tuesday, Nov 23, 2004 11:05 AM
>To: www-ws-desc@w3.org
>Subject: Re: Minutes of MEP Task Force 2004-11-23
>
>
>
>Regarding today's MEP task force discussion, here are my followup
>thoughts and further clarification of my position, since I 
>don't think I
>was very successful in conveying it during the call. :(
>
>First, we all (on the TF call at least) agree that a service 
>needs to be
>able to fault when (for whatever reason) it doesn't like the Reply-To
>message that the client has indicated.

Big +1 on this idea. :-)

I think this will cover a lot of cases I had been concerned about wrt the usage of Reply-To.  

>
>Second I agree with Amy that it is possible for the actual runtime
>messages to violate the MEP that is stated in the WSDL document. 
>Furthermore, I also agree that there some cases in which the 
>service can
>detect that such a violation has occurred.  
>
>My concern is that I think it would be harmful for the service to
>*assume* that it knows more than the client about which endpoints the
>client has authorized, because doing so would inhibit many legitimate
>use cases in which the client adds a new physical address that is not
>yet known to the service.  Thus, if the client specifies our current
>in-out MEP, but also indicates a Reply-To an unknown physical address,
>the mere fact that it specified that address in the Reply-To field
>should be considered prima facie evidence that that physical address
>*is* authorized to act on behalf of the client, and thus should not be
>considered a violation of the MEP.   After all, that new address may
>well be a legitimate part of the client node even though the service
>doesn't yet know about it.
>
>In particular, WSDL 2.0 should not require the service to know, in
>advance, of all physical addresses that a client might use in
>redirecting a reply, because such a requirement would imply a tighter
>coupling between the client and the service than is needed or desirable
>in many cases.  Certainly, we should *permit* a service to have an
>application policy that requires it to know all potential Reply-To
>addresses in advance.  But I think that would be an application-level
>constraint.  I don't think we need to put anything in the WSDL 2.0
>language to specifically support that.
>
>The bottom line is that I suggest -- actually JMarsh made this
>suggestion on the call, but I didn't manage to minute it in 
>the midst of
>our debate :) -- that the service be permitted to characterize 
>the fault
>either as a violation of its policies about where replies are permitted
>to be redirected or as an MEP violation.  How about letting the service
>characterize the fault in whatever way it sees fit?  

+1 on this as well. 

>
>
>On Tue, 2004-11-23 at 13:02, David Booth wrote:
>> Minutes of MEP Task force 2004-11-23 are at
>> http://www.w3.org/2004/11/23-ws-desc-minutes.htm
>. . . .
>-- 
>
>David Booth
>W3C Fellow / Hewlett-Packard
>
>
>
Received on Tuesday, 23 November 2004 20:31:58 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:58:33 GMT