- From: Asir Vedamuthu via cvs-syncmail <cvsmail@w3.org>
- Date: Fri, 10 Nov 2006 02:18:33 +0000
- To: public-ws-policy-eds@w3.org
Update of /sources/public/2006/ws/policy
In directory hutz:/tmp/cvs-serv31079
Modified Files:
ws-policy.xsd glossary-framework.xml ws-policy-framework.xml
ws-policy-framework.html ws-policy-attachment.html
ws-policy-attachment.xml glossary-attachment.xml
Log Message:
WS-Policy, WS-PolicyAttachmend and XML Schema: implemented the resolution for issues 3721 and 3789.
Index: glossary-attachment.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/glossary-attachment.xml,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- glossary-attachment.xml 31 Oct 2006 05:39:53 -0000 1.5
+++ glossary-attachment.xml 10 Nov 2006 02:18:30 -0000 1.6
@@ -24,6 +24,21 @@
</gitem>
<gitem>
<label>
+ <loc href="ws-policy-framework.html#ignorable_policy_assertion">ignorable policy assertion</loc>
+ </label>
+ <def>
+ <p id="ignorable_policy_assertion">An
+ <term>ignorable policy assertion</term> is
+ an assertion that may be ignored for policy intersection (as defined in
+ <xspecref xmlns:xlink="http://www.w3.org/1999/xlink"
+ href="http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-framework.html?content-type=text/html;charset=utf-8"
+ xlink:type="simple"
+ xlink:actuate="onRequest"
+ xlink:show="new">4.5 Policy Intersection</xspecref>).</p>
+ </def>
+ </gitem>
+ <gitem>
+ <label>
<loc href="#merge">merge</loc>
</label>
<def>
Index: glossary-framework.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/glossary-framework.xml,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- glossary-framework.xml 31 Oct 2006 05:39:52 -0000 1.5
+++ glossary-framework.xml 10 Nov 2006 02:18:30 -0000 1.6
@@ -2,6 +2,21 @@
<glist>
<gitem>
<label>
+ <loc href="#ignorable_policy_assertion">ignorable policy assertion</loc>
+ </label>
+ <def>
+ <p>An
+ <term>ignorable policy assertion</term> is
+ an assertion that may be ignored for policy intersection (as defined in
+ <xspecref xmlns:xlink="http://www.w3.org/1999/xlink"
+ href="http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-framework.html?content-type=text/html;charset=utf-8"
+ xlink:type="simple"
+ xlink:actuate="onRequest"
+ xlink:show="new">4.5 Policy Intersection</xspecref>).</p>
+ </def>
+ </gitem>
+ <gitem>
+ <label>
<loc href="#nested_policy_expression">nested policy expression</loc>
</label>
<def>
Index: ws-policy-framework.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-framework.xml,v
retrieving revision 1.87
retrieving revision 1.88
diff -u -d -r1.87 -r1.88
--- ws-policy-framework.xml 9 Nov 2006 19:35:24 -0000 1.87
+++ ws-policy-framework.xml 10 Nov 2006 02:18:30 -0000 1.88
@@ -347,7 +347,16 @@
Assertions indicate domain-specific (e.g.,
security, transactions) semantics and are expected to be
defined in separate, domain-specific specifications.</p>
-
+
+ <p>An assertion MAY indicate that it is an ignorable policy assertion
+ (see <specref ref="ignorable-policy-assertions"/>).
+ <termdef id="ignorable_policy_assertion" term="ignorable policy assertion">An
+ <term>ignorable policy assertion</term> is
+ an assertion that may be ignored for policy intersection (as defined in
+ <xspecref href="&framework.latest;">4.5 Policy Intersection</xspecref>).</termdef> By default, an assertion is not
+ ignorable for policy intersection.
+ </p>
+
<p>Assertions are typed by the authors
that define them. <termdef id='policy_assertion_type' term='policy assertion type'>A <term>policy assertion type</term>
represents a class of <termref def='policy_assertion'>policy assertions</termref> and implies a
@@ -1221,18 +1230,41 @@
<p>There are times when it is desirable to "re-use" a portion of a policy expression. Generally, this can be accomplished by placing the common assertions in a separate policy expression and referencing it. </p>
</div3>
</div2>
+<div2 id="ignorable-policy-assertions">
+<head>Ignorable Policy Assertions</head>
+<p>The <att>wsp:Ignorable</att> attribute indicates if a policy assertion is an
+<termref def="ignorable_policy_assertion">ignorable policy assertion</termref>. The schema
+outline for this attribute is as follows:</p>
+<eg xml:space="preserve" role="needs-numbering"><Assertion ( wsp:Ignorable="xs:boolean" )? … > … </Assertion></eg>
+<p>The following describes the Attribute Information Item defined in the schema outline above:</p>
+<glist>
+ <gitem><label><att>/Assertion/@wsp:Ignorable</att></label>
+ <def><p>This attribute is of type <code>xs:boolean</code>. If the actual
+ value (See XML Schema Part 1 [<bibref ref="XMLSchemaPart1"/>]) is true,
+ the assertion is an <termref def="ignorable_policy_assertion">ignorable policy assertion</termref>. If the actual value is false,
+ the assertion is not an <termref def="ignorable_policy_assertion">ignorable policy assertion</termref>. Omitting
+ this attribute is semantically equivalent to including it with a value of false.</p></def>
+ </gitem>
+</glist>
+</div2>
<div2 id="Policy_Intersection">
<head>Policy Intersection</head>
-<p>Policy intersection is useful when two or more parties express <termref def='policy'>policy</termref> and want to limit the <termref def='policy_alternative'>policy alternatives</termref> to those that are mutually compatible. For example, when a requester and a provider express requirements on a message exchange, intersection identifies compatible policy alternatives (if any) included in both requester and provider policies. Intersection is a commutative, associative function that takes two policies and returns a policy.</p>
+<p>Policy intersection is useful when two or more parties express <termref def='policy'>policy</termref> and
+want to limit the <termref def='policy_alternative'>policy alternatives</termref> to those
+that are mutually compatible. For example, when a requester and a provider express requirements
+on a message exchange, intersection identifies compatible policy alternatives (if any) included
+in both requester and provider policies. Intersection is a commutative function that
+takes two policies and returns a policy. There are two modes for intersection:
+ strict and lax. How the mode is selected or indicated for the policy intersection is
+outside the scope of this specification.
+</p>
<p>Because the set of behaviors indicated by a <termref def='policy_alternative'>policy
alternative</termref> depends on the domain-specific semantics of the collected assertions,
determining whether two policy alternatives are compatible generally involves
domain-specific processing. If a domain-specific intersection processing algorithm
is required will be known from the QNames of the specific <termref def='policy_assertion_type'>assertion types</termref>
involved in the policy alternatives. As a first approximation, an algorithm is defined herein
-that approximates compatibility in a domain-independent manner; specifically,
-for two <termref def="policy_alternative">policy alternatives</termref> to be compatible, they must at least have the same
-<termref def="policy_alternative_vocabulary">policy alternative vocabulary</termref> (see Section <specref ref="rPolicy_Alternative"/>).
+that approximates compatibility in a domain-independent manner:
</p>
<ulist>
<item><p>Two <termref def='policy_assertion'>policy assertions</termref> are compatible if they have the same <termref def='policy_assertion_type'>type</termref> and</p></item>
@@ -1240,7 +1272,24 @@
</ulist>
<p><termref def='policy_assertion_parameter'>Assertion parameters</termref> are not part of the compatibility determination defined herein but may be part of other, domain-specific compatibility processing. </p>
<ulist>
-<item><p>Two <termref def='policy_alternative'>policy alternatives</termref> are compatible if each assertion in one is compatible with an assertion in the other, and vice-versa. If two alternatives are compatible, their intersection is an alternative containing all of the assertions in both alternatives.</p></item>
+<item>
+ <p>If the mode is strict, two <termref def='policy_alternative'>policy alternatives</termref> A and B are compatible:
+ <ulist><item><p>if each assertion in A is compatible with an
+ assertion in B, and</p></item>
+ <item><p>if each assertion in B is compatible with an assertion in A.</p></item>
+ </ulist></p>
+ <p>If the mode is lax, two <termref def='policy_alternative'>policy alternatives</termref> A and B are compatible:
+ <ulist><item><p>if each assertion in A that is not an <termref def="ignorable_policy_assertion">ignorable policy assertion</termref>
+ is compatible with an
+ assertion in B, and</p></item>
+ <item><p>if each assertion in B that is not an
+ <termref def="ignorable_policy_assertion">ignorable policy assertion</termref>
+ is compatible with an
+ assertion in A.</p></item>
+ </ulist></p>
+<p>If two alternatives are compatible, their
+intersection is an alternative containing all of the assertions in both alternatives.</p></item>
+
<item><p>Two <termref def='policy'>policies</termref> are compatible if an alternative in one is compatible with an alternative in the other. If two policies are compatible, their intersection is the set of the intersections between all pairs of compatible alternatives, choosing one alternative from each policy. If two policies are not compatible, their intersection has no policy alternatives.</p></item>
</ulist>
<p>As an example of intersection, consider two input policies in normal form:</p>
@@ -1739,7 +1788,7 @@
<p>A list of substantive changes since the Working Draft dated 2 November, 2006
is below:</p>
<ulist>
- <item><p>None.</p></item>
+ <item><p>Added a new feature: <specref ref="ignorable-policy-assertions"/>.</p></item>
</ulist>
</inform-div1>
<inform-div1 id="change-log">
@@ -2199,7 +2248,16 @@
<td>Implemented Editors' Action
<loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/74">74</loc>.
</td>
- </tr>
+ </tr>
+ <tr>
+ <td>20061109</td>
+ <td>ASV</td>
+ <td>Implemented the
+ <loc href="http://lists.w3.org/Archives/Public/public-ws-policy/2006Nov/0072.html">resolution</loc> for issues
+ <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3721">3721</loc> and
+ <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3789">3789</loc>.
+ </td>
+ </tr>
</tbody>
</table>
</inform-div1>
Index: ws-policy-attachment.html
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-attachment.html,v
retrieving revision 1.66
retrieving revision 1.67
diff -u -d -r1.66 -r1.67
--- ws-policy-attachment.html 9 Nov 2006 19:35:24 -0000 1.66
+++ ws-policy-attachment.html 10 Nov 2006 02:18:30 -0000 1.67
@@ -65,7 +65,7 @@
</p></div><div>
<h2><a name="status">Status of this Document</a></h2><p><strong>This document is an editors' copy that has
no official standing.</strong></p><p></p></div><hr><div class="toc">
-<h2><a name="contents">Table of Contents</a></h2><p class="toc">1. <a href="#tocRange">Introduction</a><br>2. <a href="#NotationsTerminology">Notations and Terminology</a><br> 2.1 <a href="#NotationalConventions">Notational Conventions</a><br> 2.2 <a href="#XMLNamespaces">XML Namespaces</a><br> 2.3 <a href="#Glossary">Terminology</a><br> 2.4 <a href="#Example">Example</a><br>3. <a href="#rPolicyAttachment">Policy Attachment</a><br> 3.1 <a href="#rEffectivePolicy">Effective Policy</a><br> 3.2 <a href="#PolicyAttachmentMechanisms">Policy Attachment Mechanisms</a><br> 3.3 <a href="#XMLElementAttachement">XML Element Attachment</a><br> 3.4 <a href="#ExternalPolicyAttachment">External Policy Attachment</a><br>4. <a href="#AttachingPolicyUsingWSDL1.1">Attaching Policies Using WSDL 1.1</a><br> 4.1 <a href="#CaculatingEffectivyPolicywithWSDL1.1">Calculating Effective Policy in WSDL 1.1</a><br> 4.1.1 <a href="#ServicePolicySubject">Service Policy Subject</a><br> 4.1.2 <a href="#EndpointPolicySubject">Endpoint Policy Subject</a><br> 4.1.3 <a href="#OperationPolicySubject">Operation Policy Subject</a><br> 4.1.4 <a href="#MessagePolicySubject">Message Policy Subject</a><br> 4.1.5 <a href="#Example2">Example</a><br>5. <a href="#ws-policy-attachment-for-wsdl20">WS-Policy Attachment for WSDL 2.0</a><br> 5.1 <a href="#wsdl20-example">Example</a><br> 5.2 <a href="#attaching-policy-expressions">Attaching Policy Expressions</a><br> 5.3 <a href="#extension-to-wsdl-component-model">Extension to WSDL Component Model</a><br>  5.4 <a href="#effective-policy">Effective Policy</a><br> 5.4.1 <a href="#service-policy-subject">Service Policy Subject</a><br> 5.4.2 <a href="#endpoint-policy-subject">Endpoint Policy Subject</a><br> 5.4.3 <a href="#operation-policy-subject">Operation Policy Subject</a><br> 5.4.4 <a href="#message-policy-subject-input">Message Policy Subject (input message)</a><br> 5.4.5 <a href="#message-policy-subject-output">Message Policy Subject (output message)</a><br> 5.4.6 <a href="#message-policy-subject-input-fault">Message Policy Subject (input fault message)</a><br> 5.4.7 <a href="#message-policy-subject-output-fault">Message Policy Subject (output fault message)</a><br>. <a href="#AttachingPoliciesUsingUDDI">Attaching Policies Using UDDI</a><br> 6.1 <a href="#CalculatingEffectivePolicyElementPolicyUDDI">Calculating Effective Policy and Element Policy in UDDI</a><br> 6.1.1 <a href="#ServiceProviderPolicySubjectUDDI">Service Provider Policy Subject</a><br> 6.1.2 <a href="#ServicePolicySubjectUDDI">Service Policy Subject</a><br> 6.1.3 <a href="#EndpointPolicySubjectUDDI">Endpoint Policy Subject</a><br> 6.2 <a href="#ReferencingRemotePolicyExpressions">Referencing Remote Policy Expressions</a><br> 6.3 <a href="#RegisteringReusablePolicyExpressions">Registering Reusable Policy Expressions</a><br> 6.4 <a href="#RegisteringPoliciesUDDIVersion3">Registering Policies in UDDI Version 3</a><br>7. <a href="#SecurityConsiderations">Security Considerations<a><br>8. <a href="#Conformance">Conformance</a><br> 8.1 <a href="#d3e3849">External Policy Attachment Conformance</a><br> 8.2 <a href="#d3e3861">WSDL 1.1 Attachment Conformance</a><br> 8.3 <a href="#d3e3870">WSDL 2.0 Attachment Conformance</a><br></p>
+<h2><a name="contents">Table of Contents</a></h2><p class="toc">1. <a href="#tocRange">Introduction</a><br>2. <a href="#NotationsTerminology">Notations and Terminology</a><br> 2.1 <a href="#NotationalConventions">Notational Conventions</a><br> 2.2 <a href="#XMLNamespaces">XML Namespaces</a><br> 2.3 <a href="#Glossary">Terminology</a><br> 2.4 <a href="#Example">Example</a><br>3. <a href="#rPolicyAttachment">Policy Attachment</a><br> 3.1 <a href="#rEffectivePolicy">Effective Policy</a><br> 3.2 <a href="#PolicyAttachmentMechanisms">Policy Attachment Mechanisms</a><br> 3.3 <a href="#XMLElementAttachement">XML Element Attachment</a><br> 3.4 <a href="#ExternalPolicyAttachment">External Policy Attachment</a><br>4. <a href="#AttachingPolicyUsingWSDL1.1">Attaching Policies Using WSDL 1.1</a><br> 4.1 <a href="#CaculatingEffectivyPolicywithWSDL1.1">Calculating Effective Policy in WSDL 1.1</a><br> 4.1.1 <a href="#ServicePolicySubject">Service Policy Subject</a><br> 4.1.2 <a href="#EndpointPolicySubject">Endpoint Policy Subject</a><br> 4.1.3 <a href="#OperationPolicySubject">Operation Policy Subject</a><br> 4.1.4 <a href="#MessagePolicySubject">Message Policy Subject</a><br> 4.1.5 <a href="#Example2">Example</a><br>5. <a href="#ws-policy-attachment-for-wsdl20">WS-Policy Attachment for WSDL 2.0</a><br> 5.1 <a href="#wsdl20-example">Example</a><br> 5.2 <a href="#attaching-policy-expressions">Attaching Policy Expressions</a><br> 5.3 <a href="#extension-to-wsdl-component-model">Extension to WSDL Component Model</a><br>  5.4 <a href="#effective-policy">Effective Policy</a><br> 5.4.1 <a href="#service-policy-subject">Service Policy Subject</a><br> 5.4.2 <a href="#endpoint-policy-subject">Endpoint Policy Subject</a><br> 5.4.3 <a href="#operation-policy-subject">Operation Policy Subject</a><br> 5.4.4 <a href="#message-policy-subject-input">Message Policy Subject (input message)</a><br> 5.4.5 <a href="#message-policy-subject-output">Message Policy Subject (output message)</a><br> 5.4.6 <a href="#message-policy-subject-input-fault">Message Policy Subject (input fault message)</a><br> 5.4.7 <a href="#message-policy-subject-output-fault">Message Policy Subject (output fault message)</a><br>. <a href="#AttachingPoliciesUsingUDDI">Attaching Policies Using UDDI</a><br> 6.1 <a href="#CalculatingEffectivePolicyElementPolicyUDDI">Calculating Effective Policy and Element Policy in UDDI</a><br> 6.1.1 <a href="#ServiceProviderPolicySubjectUDDI">Service Provider Policy Subject</a><br> 6.1.2 <a href="#ServicePolicySubjectUDDI">Service Policy Subject</a><br> 6.1.3 <a href="#EndpointPolicySubjectUDDI">Endpoint Policy Subject</a><br> 6.2 <a href="#ReferencingRemotePolicyExpressions">Referencing Remote Policy Expressions</a><br> 6.3 <a href="#RegisteringReusablePolicyExpressions">Registering Reusable Policy Expressions</a><br> 6.4 <a href="#RegisteringPoliciesUDDIVersion3">Registering Policies in UDDI Version 3</a><br>7. <a href="#SecurityConsiderations">Security Considerations<a><br>8. <a href="#Conformance">Conformance</a><br> 8.1 <a href="#d3e3874">External Policy Attachment Conformance</a><br> 8.2 <a href="#d3e3886">WSDL 1.1 Attachment Conformance</a><br> 8.3 <a href="#d3e3895">WSDL 2.0 Attachment Conformance</a><br></p>
<h3><a name="appendix" id="appendix">Appendices</a></h3><p class="toc">A. <a href="#References">References</a><br> A.1 <a href="#Normative-References">Normative References</a><br> A.2 <a href="#Informative-References">Other References</a><br>B. <a href="#AppendixA">UDDI tModel Definitions</a><br> B.1 <a href="#RemotePolicyReferenceCategorySystem">Remote Policy Reference Category System</a><br> B.1.1 <a href="#DesigGoals1">Design Goals</a><br> B.1.2 <a href="#tModelDefinition1">tModel Definition</a><br> B.1.3 <a href="#ModelStructure1">tModel Structure</a><br> B.2 <a href="#WS-PolicyTypesCategorySystem">Web Services Policy Types Category System</a><br> B.2.1 <a href="#DesignGoals2">Design Goals</a><br> &bsp; B.2.2 <a href="#tModelDefinition2">tModel Definition</a><br> B.2.3 <a href="#ModelStructure2">tModel Structure</a><br> B.3 <a href="#LocalPolicyReferenceCategorySystem">Local Policy Reference Category System</a><br> B.3.1 <a href="#DesignGoals3">Design Goals</a><br> B.3.2 <a href="#tModelDefinition3">tModel Definition</a><br> B.3.3 <a href="#ModelStructure3">tModel Structure</a><br>C. <a href="#acknowledgments">Acknowledgements</a> (Non-Normative)<br>D. <a href="#change-description">Changes in this Version of the Document</a> (Non-Normative)<br>E. <a href="#change-log">Web Services Policy 1.5 - Attachment Change Log</a> (Non-Normative)<br></p></div><hr><div class="body"><div class="div1">
<h2><a name="tocRange"></a>1. Introduction</h2><p>
The Web Services Policy 1.5 - Framework [<cite><a href="#WS-Policy">Web Services Policy Framework</a></cite>]
@@ -196,6 +196,11 @@
</dt><dd><p>The
<b>element policy</b> is the <a title="" href="#policy">policy</a> attached to the <a title="" href="#policy_subject">policy subjects</a> associated with
the element information item that contains it.</p></dd><dt class="label">
+ <a href="ws-policy-framework.html#ignorable_policy_assertion">ignorable policy assertion</a>
+ </dt><dd><p id="ignorable_policy_assertion">An
+ <b>ignorable policy assertion</b> is
+ an assertion that may be ignored for policy intersection (as defined in
+ <a href="http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-framework.html?content-type=text/html;charset=utf-8">4.5 Policy Intersection</a>).</p></dd><dt class="label">
<a href="#merge">merge</a>
</dt><dd><p>a <b>merge</b>
consists of serializing each policy as a
@@ -981,7 +986,9 @@
equality is dependent on the semantics of that assertion type.
</p><p>
Two <a title="" href="#policy_assertion">policy assertions</a> are equivalent
- if they have the same QName and, if either <a title="" href="#policy_assertion">policy assertion</a>
+ if they have the same QName, if either policy assertion is an <a title="" href="#ignorable_policy_assertion">ignorable policy assertion</a>,
+ both assertions must be <a title="" href="#ignorable_policy_assertion">ignorable policy assertions</a>
+ and, if either <a title="" href="#policy_assertion">policy assertion</a>
has a nested policy, both assertions must have a
nested policy and the nested policies must be equal. If either assertion
contains policy assertion parameters, then the policy assertion parameters
@@ -1325,11 +1332,11 @@
Security Considerations section of the Web Services Policy 1.5 - Framework document [<cite><a href="#WS-Policy">Web Services Policy Framework</a></cite>].
</p></div><div class="div1">
<h2><a name="Conformance"></a>8. Conformance</h2><div class="div2">
-<h3><a name="d3e3849"></a>8.1 External Policy Attachment Conformance</h3><p>An element information item whose namespace name is "http://www.w3.org/@@@@/@@/ws-policy" and whose local part is PolicyAttachment conforms to this specification if it is valid according to the XML Schema [<cite><a href="#XMLSchemaPart1">XML Schema Structures</a></cite>] for that element as defined by this specification (<a href="http://www.w3.org/@@@@/@@/ws-policy.xsd">http://www.w3.org/@@@@/@@/ws-policy.xsd</a>) and additionally adheres to all the constraints contained in Section <a href="#ExternalPolicyAttachment"><b>3.4 External Policy Attachment</b></a> of this specification. Such a conformant element information item constitutes an external policy attachment. </p></div><div class="div2">
-<h3><a name="d3e3861"></a>8.2 WSDL 1.1 Attachment Conformance</h3><p>
+<h3><a name="d3e3874"></a>8.1 External Policy Attachment Conformance</h3><p>An element information item whose namespace name is "http://www.w3.org/@@@@/@@/ws-policy" and whose local part is PolicyAttachment conforms to this specification if it is valid according to the XML Schema [<cite><a href="#XMLSchemaPart1">XML Schema Structures</a></cite>] for that element as defined by this specification (<a href="http://www.w3.org/@@@@/@@/ws-policy.xsd">http://www.w3.org/@@@@/@@/ws-policy.xsd</a>) and additionally adheres to all the constraints contained in Section <a href="#ExternalPolicyAttachment"><b>3.4 External Policy Attachment</b></a> of this specification. Such a conformant element information item constitutes an external policy attachment. </p></div><div class="div2">
+<h3><a name="d3e3886"></a>8.2 WSDL 1.1 Attachment Conformance</h3><p>
A WSDL 1.1 [<cite><a href="#WSDL11">WSDL 1.1</a></cite>] description conforms to this specification when it incorporates one or more element policies and additionally adheres to all the constraints contained in section <a href="#AttachingPolicyUsingWSDL1.1"><b>4. Attaching Policies Using WSDL 1.1</b></a>
</p></div><div class="div2">
-<h3><a name="d3e3870"></a>8.3 WSDL 2.0 Attachment Conformance</h3><p>
+<h3><a name="d3e3895"></a>8.3 WSDL 2.0 Attachment Conformance</h3><p>
A WSDL 2.0 [<cite><a href="#WSDL20">WSDL 2.0 Core Language</a></cite>] description conforms to this specification when it incorporates one or more element policies and additionally adheres to all the constraints contained in section <a href="#ws-policy-attachment-for-wsdl20"><b>5. WS-Policy Attachment for WSDL 2.0</b></a>
</p></div></div></div><div class="back"><div class="div1">
<h2><a name="References"></a>A. References</h2><div class="div2">
@@ -1712,4 +1719,8 @@
Editors' Action <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/71">71</a>.
</td></tr><tr><td rowspan="1" colspan="1">20061109</td><td rowspan="1" colspan="1">TIB</td><td rowspan="1" colspan="1">Implemented Editors' Action
<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/74">74</a>.
+ </td></tr><tr><td rowspan="1" colspan="1">20061109</td><td rowspan="1" colspan="1">ASV</td><td rowspan="1" colspan="1">Implemented the
+ <a href="http://lists.w3.org/Archives/Public/public-ws-policy/2006Nov/0072.html">resolution</a> for issues
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3721">3721</a> and
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3789">3789</a>.
</td></tr></tbody></table><br></div></div></body></html>
\ No newline at end of file
Index: ws-policy.xsd
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy.xsd,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- ws-policy.xsd 19 Aug 2006 01:15:46 -0000 1.2
+++ ws-policy.xsd 10 Nov 2006 02:18:30 -0000 1.3
@@ -87,7 +87,8 @@
</xs:element>
<xs:attribute name="Optional" type="xs:boolean" default="false" />
-
+ <xs:attribute name="Ignorable" type="xs:boolean" default="false" />
+
<!-- Constructs from the Web Services Policy 1.5 Attachment -->
<xs:attribute name="PolicyURIs" >
Index: ws-policy-framework.html
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-framework.html,v
retrieving revision 1.69
retrieving revision 1.70
diff -u -d -r1.69 -r1.70
--- ws-policy-framework.html 9 Nov 2006 19:35:24 -0000 1.69
+++ ws-policy-framework.html 10 Nov 2006 02:18:30 -0000 1.70
@@ -62,7 +62,7 @@
requirements and capabilities.</p></div><div>
<h2><a name="status">Status of this Document</a></h2><p><strong>This document is an editors' copy that has
no official standing.</strong></p><p></p></div><hr><div class="toc">
-<h2><a name="contents">Table of Contents</a></h2><p class="toc">1. <a href="#tocRange">Introduction</a><br> 1.1 <a href="#Example">Example</a><br>2. <a href="#Notation_Terminlogy">Notations and Terminology</a><br> 2.1 <a href="#Notational_Conventions">Notational Conventions</a><br> 2.2 <a href="#Extensibility">Extensibility</a><br> 2.3 <a href="#XML_Namespaces">XML Namespaces</a><br> 2.4 <a href="#Terminology">Terminology</a><br>3. <a href="#Policy_Model">Policy Model</a><br> 3.1 <a href="#rPolicy_Assertion">Policy Assertion</a><br> 3.2 <a href="#rPolicy_Alternative">Policy Alternative</a><br> 3.3 <a href="#rPolicy">Policy</a><br> 3.4 <a href="#Web_services">Policies of Entities in a Web Services Based System</a><br>4. <a href="#rPolicy_Expression">Policy Expression</a><br> 4.1 <ahref="#Normal_Form_Policy_Expression">Normal Form Policy Expression</a><br> 4.2 <a href="#Policy_Identification">Policy Identification</a><br> 4.3 <a href="#Compact_Policy_Expression">Compact Policy Expression</a><br> 4.3.1 <a href="#Optional_Policy_Assertions">Optional Policy Assertions</a><br> 4.3.2 <a href="#Policy_Assertion_Nesting">Policy Assertion Nesting</a><br> 4.3.3 <a href="#Policy_Operators">Policy Operators</a><br> 4.3.4 <a href="#Policy_References">Policy References</a><br> 4.3.5 <a href="#Policy_Inclusion">Policy Inclusion</a><br> 4.4 <a href="#Policy_Intersection">Policy Intersection</a><br>5. <a href="#Security_Considerations">Security Considerations</a><br> 5.1 <a href=#information-disclosure-threats">Information Disclosure Threats</a><br> 5.2 <a href="#spoofing-and-tampering-threats">Spoofing and Tampering Threats</a><br> 5.3 <a href="#downgrade-threats">Downgrade Threats</a><br> 5.4 <a href="#repudiation-threats">Repudiation Threats</a><br> 5.5 <a href="#denial-of-service-threats">Denial of Service Threats</a><br> 5.6 <a href="#general-xml-considerations">General XML Considerations</a><br>6. <a href="#Conformance">Conformance</a><br></p>
+<h2><a name="contents">Table of Contents</a></h2><p class="toc">1. <a href="#tocRange">Introduction</a><br> 1.1 <a href="#Example">Example</a><br>2. <a href="#Notation_Terminlogy">Notations and Terminology</a><br> 2.1 <a href="#Notational_Conventions">Notational Conventions</a><br> 2.2 <a href="#Extensibility">Extensibility</a><br> 2.3 <a href="#XML_Namespaces">XML Namespaces</a><br> 2.4 <a href="#Terminology">Terminology</a><br>3. <a href="#Policy_Model">Policy Model</a><br> 3.1 <a href="#rPolicy_Assertion">Policy Assertion</a><br> 3.2 <a href="#rPolicy_Alternative">Policy Alternative</a><br> 3.3 <a href="#rPolicy">Policy</a><br> 3.4 <a href="#Web_services">Policies of Entities in a Web Services Based System</a><br>4. <a href="#rPolicy_Expression">Policy Expression</a><br> 4.1 <ahref="#Normal_Form_Policy_Expression">Normal Form Policy Expression</a><br> 4.2 <a href="#Policy_Identification">Policy Identification</a><br> 4.3 <a href="#Compact_Policy_Expression">Compact Policy Expression</a><br> 4.3.1 <a href="#Optional_Policy_Assertions">Optional Policy Assertions</a><br> 4.3.2 <a href="#Policy_Assertion_Nesting">Policy Assertion Nesting</a><br> 4.3.3 <a href="#Policy_Operators">Policy Operators</a><br> 4.3.4 <a href="#Policy_References">Policy References</a><br> 4.3.5 <a href="#Policy_Inclusion">Policy Inclusion</a><br> 4.4 <a href="#ignorable-policy-assertions">Ignorable Policy Assertions</a><br> 4.5 <a href="#Policy_Intersection">Policy Intersection</a><br>5. a href="#Security_Considerations">Security Considerations</a><br> 5.1 <a href="#information-disclosure-threats">Information Disclosure Threats</a><br> 5.2 <a href="#spoofing-and-tampering-threats">Spoofing and Tampering Threats</a><br> 5.3 <a href="#downgrade-threats">Downgrade Threats</a><br> 5.4 <a href="#repudiation-threats">Repudiation Threats</a><br> 5.5 <a href="#denial-of-service-threats">Denial of Service Threats</a><br> 5.6 <a href="#general-xml-considerations">General XML Considerations</a><br>6. <a href="#Conformance">Conformance</a><br></p>
<h3><a name="appendix" id="appendix">Appendices</a></h3><p class="toc">A. <a href="#ietf-draft">The application/wspolicy+xml Media Type</a><br> A.1 <a href="#ietf-reg">Registration</a><br>B. <a href="#References">References</a><br> B.1 <a href="#Normative-References">Normative References</a><br> B.2 <a href="#Informative-References">Other References</a><br>C. <a href="#acknowledgments">Acknowledgements</a> (Non-Normative)<br>D. <a href="#change-description">Changes in this Version of the Document</a> (Non-Normative)<br>E. <a href="#change-log">Web Services Policy 1.5 - Framework Change Log</a> (Non-Normative)<br></p></div><hr><div class="body"><div class="div1">
<h2><a name="tocRange"></a>1. Introduction</h2><p>Web Services Policy 1.5 - Framework defines a framework and a model for expressing policies that
refer to domain-specific capabilities, requirements, and general characteristics of
@@ -176,6 +176,11 @@
"<span class="rfc2119">OPTIONAL</span>" in this document are to be
interpreted as described in RFC 2119 [<cite><a href="#RFC2119">IETF RFC 2119</a></cite>].
</p><p>We introduce the following terms that are used throughout this document:</p><dl><dt class="label">
+ <a href="#ignorable_policy_assertion">ignorable policy assertion</a>
+ </dt><dd><p>An
+ <b>ignorable policy assertion</b> is
+ an assertion that may be ignored for policy intersection (as defined in
+ <a href="http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-framework.html?content-type=text/html;charset=utf-8">4.5 Policy Intersection</a>).</p></dd><dt class="label">
<a href="#nested_policy_expression">nested policy expression</a>
</dt><dd><p>A <b>nested policy expression</b> is a <a title="policy expression" href="#policy_expression">policy expression</a> that is an Element Information Item in the <strong>[children]</strong> property of a <a title="policy assertion" href="#policy_assertion">policy assertion</a>.</p></dd><dt class="label">
<a href="#policy">policy</a>
@@ -227,7 +232,14 @@
<a title="policy" href="#policy">policy</a> can be associated. ]
Assertions indicate domain-specific (e.g.,
security, transactions) semantics and are expected to be
- defined in separate, domain-specific specifications.</p><p>Assertions are typed by the authors
+ defined in separate, domain-specific specifications.</p><p>An assertion MAY indicate that it is an ignorable policy assertion
+ (see <a href="#ignorable-policy-assertions"><b>4.4 Ignorable Policy Assertions</b></a>).
+ [<a name="ignorable_policy_assertion" title="ignorable policy assertion">Definition</a>: An
+ <b>ignorable policy assertion</b> is
+ an assertion that may be ignored for policy intersection (as defined in
+ <a href="http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-framework.html?content-type=text/html;charset=utf-8">4.5 Policy Intersection</a>).] By default, an assertion is not
+ ignorable for policy intersection.
+ </p><p>Assertions are typed by the authors
that define them. [<a name="policy_assertion_type" title="policy assertion type">Definition</a>: A <b>policy assertion type</b>
represents a class of <a title="policy assertion" href="#policy_assertion">policy assertions</a> and implies a
schema for the assertion and assertion-specific semantics.] The <a title="policy assertion type" href="#policy_assertion_type">policy assertion
@@ -511,7 +523,7 @@
assertions. The reason for requiring at least an empty <code><wsp:Policy/></code>
Element above is to ensure that two assertions of the same type will always be
compatible and an intersection would not fail
-(see Section <a href="#Policy_Intersection"><b>4.4 Policy Intersection</b></a>).</p><p>Note: This specification does not define processing for arbitrary
+(see Section <a href="#Policy_Intersection"><b>4.5 Policy Intersection</b></a>).</p><p>Note: This specification does not define processing for arbitrary
<code class="elt">wsp:Policy</code> Element Information Items in the descendants
of an assertion parameter, e.g., in the <strong>[children]</strong> property of one of the <strong>[children]</strong> as in
<code><Lorem><Ipsum><wsp:Policy> …
@@ -761,16 +773,38 @@
(03) <wsp:PolicyReference URI="#Protection" />
(04) <sp:OnlySignEntireHeadersAndBody />
(05) </wsp:Policy></pre></div><p>There are times when it is desirable to "re-use" a portion of a policy expression. Generally, this can be accomplished by placing the common assertions in a separate policy expression and referencing it. </p></div></div><div class="div2">
-<h3><a name="Policy_Intersection"></a>4.4 Policy Intersection</h3><p>Policy intersection is useful when two or more parties express <a title="policy" href="#policy">policy</a> and want to limit the <a title="policy alternative" href="#policy_alternative">policy alternatives</a> to those that are mutually compatible. For example, when a requester and a provider express requirements on a message exchange, intersection identifies compatible policy alternatives (if any) included in both requester and provider policies. Intersection is a commutative, associative function that takes two policies and returns a policy.</p><p>Because the set of behaviors indicated by a <a title="policy alternative" href="#policy_alternative">policy
+<h3><a name="ignorable-policy-assertions"></a>4.4 Ignorable Policy Assertions</h3><p>The <code class="attr">wsp:Ignorable</code> attribute indicates if a policy assertion is an
+<a title="ignorable policy assertion" href="#ignorable_policy_assertion">ignorable policy assertion</a>. The schema
+outline for this attribute is as follows:</p><div class="exampleInner"><pre>(01) <Assertion ( wsp:Ignorable="xs:boolean" )? … > … </Assertion></pre></div><p>The following describes the Attribute Information Item defined in the schema outline above:</p><dl><dt class="label"><code class="attr">/Assertion/@wsp:Ignorable</code> </dt><dd><p>This attribute is of type <code>xs:boolean</code>. If the actual
+ value (See XML Schema Part 1 [<cite><a href="#XMLSchemaPart1">XML Schema Structures</a></cite>]) is true,
+ the assertion is an <a title="ignorable policy assertion" href="#ignorable_policy_assertion">ignorable policy assertion</a>. If the actual value is false,
+ the assertion is not an <a title="ignorable policy assertion" href="#ignorable_policy_assertion">ignorable policy assertion</a>. Omitting
+ this attribute is semantically equivalent to including it with a value of false.</p></dd></dl></div><div class="div2">
+<h3><a name="Policy_Intersection"></a>4.5 Policy Intersection</h3><p>Policy intersection is useful when two or more parties express <a title="policy" href="#policy">policy</a> and
+want to limit the <a title="policy alternative" href="#policy_alternative">policy alternatives</a> to those
+that are mutually compatible. For example, when a requester and a provider express requirements
+on a message exchange, intersection identifies compatible policy alternatives (if any) included
+in both requester and provider policies. Intersection is a commutative function that
+takes two policies and returns a policy. There are two modes for intersection:
+ strict and lax. How the mode is selected or indicated for the policy intersection is
+outside the scope of this specification.
+</p><p>Because the set of behaviors indicated by a <a title="policy alternative" href="#policy_alternative">policy
alternative</a> depends on the domain-specific semantics of the collected assertions,
determining whether two policy alternatives are compatible generally involves
domain-specific processing. If a domain-specific intersection processing algorithm
is required will be known from the QNames of the specific <a title="policy assertion type" href="#policy_assertion_type">assertion types</a>
involved in the policy alternatives. As a first approximation, an algorithm is defined herein
-that approximates compatibility in a domain-independent manner; specifically,
-for two <a title="policy alternative" href="#policy_alternative">policy alternatives</a> to be compatible, they must at least have the same
-<a title="policy alternative vocabulary" href="#policy_alternative_vocabulary">policy alternative vocabulary</a> (see Section <a href="#rPolicy_Alternative"><b>3.2 Policy Alternative</b></a>).
-</p><ul><li><p>Two <a title="policy assertion" href="#policy_assertion">policy assertions</a> are compatible if they have the same <a title="policy assertion type" href="#policy_assertion_type">type</a> and</p></li><li><p>If either assertion contains a nested <a title="policy expression" href="#policy_expression">policy expression</a>, the two assertions are compatible if they both have a nested policy expression and the alternative in the nested policy expression of one is compatible with the alternative in the nested policy expression of the other.</p></li></ul><p><a title="policy assertion parameter" href="#policy_assertion_parameter">Assertion parameters</a> are not part of the compatibility determination defined herein but may be part of other, domain-specific compatibility processing. </p><ul><li><p>Two <a title="policy alternative" href="#policy_alternative">policy alternatives</a> are compatible if each assertion in one is compatible with an assertion in the other, and vice-versa. If two alternativs are compatible, their intersection is an alternative containing all of the assertions in both alternatives.</p></li><li><p>Two <a title="policy" href="#policy">policies</a> are compatible if an alternative in one is compatible with an alternative in the other. If two policies are compatible, their intersection is the set of the intersections between all pairs of compatible alternatives, choosing one alternative from each policy. If two policies are not compatible, their intersection has no policy alternatives.</p></li></ul><p>As an example of intersection, consider two input policies in normal form:</p><div class="exampleInner"><pre>(01) <wsp:Policy
+that approximates compatibility in a domain-independent manner:
+</p><ul><li><p>Two <a title="policy assertion" href="#policy_assertion">policy assertions</a> are compatible if they have the same <a title="policy assertion type" href="#policy_assertion_type">type</a> and</p></li><li><p>If either assertion contains a nested <a title="policy expression" href="#policy_expression">policy expression</a>, the two assertions are compatible if they both have a nested policy expression and the alternative in the nested policy expression of one is compatible with the alternative in the nested policy expression of the other.</p></li></ul><p><a title="policy assertion parameter" href="#policy_assertion_parameter">Assertion parameters</a> are not part of the compatibility determination defined herein but may be part of other, domain-specific compatibility processing. </p><ul><li><p>If the mode is strict, two <a title="policy alternative" href="#policy_alternative">policy alternatives</a> A and B are compatible:
+ <ul><li><p>if each assertion in A is compatible with an
+ assertion in B, and</p></li><li><p>if each assertion in B is compatible with an assertion in A.</p></li></ul></p><p>If the mode is lax, two <a title="policy alternative" href="#policy_alternative">policy alternatives</a> A and B are compatible:
+ <ul><li><p>if each assertion in A that is not an <a title="ignorable policy assertion" href="#ignorable_policy_assertion">ignorable policy assertion</a>
+ is compatible with an
+ assertion in B, and</p></li><li><p>if each assertion in B that is not an
+ <a title="ignorable policy assertion" href="#ignorable_policy_assertion">ignorable policy assertion</a>
+ is compatible with an
+ assertion in A.</p></li></ul></p><p>If two alternatives are compatible, their
+intersection is an alternative containing all of the assertions in both alternatives.</p></li><li><p>Two <a title="policy" href="#policy">policies</a> are compatible if an alternative in one is compatible with an alternative in the other. If two policies are compatible, their intersection is the set of the intersections between all pairs of compatible alternatives, choosing one alternative from each policy. If two policies are not compatible, their intersection has no policy alternatives.</p></li></ul><p>As an example of intersection, consider two input policies in normal form:</p><div class="exampleInner"><pre>(01) <wsp:Policy
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
xmlns:wsp="http://www.w3.org/@@@@/@@/ws-policy" >
<!-- Policy P1 -->
@@ -1114,7 +1148,7 @@
acknowledged.
</p></div><div class="div1">
<h2><a name="change-description"></a>D. Changes in this Version of the Document (Non-Normative)</h2><p>A list of substantive changes since the Working Draft dated 2 November, 2006
- is below:</p><ul><li><p>None.</p></li></ul></div><div class="div1">
+ is below:</p><ul><li><p>Added a new feature: <a href="#ignorable-policy-assertions"><b>4.4 Ignorable Policy Assertions</b></a>.</p></li></ul></div><div class="div1">
<h2><a name="change-log"></a>E. Web Services Policy 1.5 - Framework Change Log (Non-Normative)</h2><a name="ws-policy-framework-changelog-table"></a><table border="1"><tbody><tr><th rowspan="1" colspan="1">Date</th><th rowspan="1" colspan="1">Author</th><th rowspan="1" colspan="1">Description</th></tr><tr><td rowspan="1" colspan="1">20060712</td><td rowspan="1" colspan="1">ASV</td><td rowspan="1" colspan="1">Updated the list of editors. Completed action items
<a href="http://www.w3.org/2006/07/12-ws-policy-minutes.html#action12">12</a>,
<a href="http://www.w3.org/2006/07/12-ws-policy-minutes.html#action16">16</a> and
@@ -1287,4 +1321,8 @@
to create a normative appendix for MIMe subtype wspolicy+xml.
</td></tr><tr><td rowspan="1" colspan="1">20061109</td><td rowspan="1" colspan="1">TIB</td><td rowspan="1" colspan="1">Implemented Editors' Action
<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/74">74</a>.
+ </td></tr><tr><td rowspan="1" colspan="1">20061109</td><td rowspan="1" colspan="1">ASV</td><td rowspan="1" colspan="1">Implemented the
+ <a href="http://lists.w3.org/Archives/Public/public-ws-policy/2006Nov/0072.html">resolution</a> for issues
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3721">3721</a> and
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3789">3789</a>.
</td></tr></tbody></table><br></div></div></body></html>
\ No newline at end of file
Index: ws-policy-attachment.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-attachment.xml,v
retrieving revision 1.67
retrieving revision 1.68
diff -u -d -r1.67 -r1.68
--- ws-policy-attachment.xml 9 Nov 2006 19:35:24 -0000 1.67
+++ ws-policy-attachment.xml 10 Nov 2006 02:18:30 -0000 1.68
@@ -343,6 +343,9 @@
<!-- The following definitions are taken from the WS-Policy-Framework document. They need to be here for the automatic glossary generation. Use the value of the ID for the termdef element in ws-policy-framework.xml inside a p element.-->
<ulist role="termreference">
<item>
+<p>ignorable_policy_assertion</p>
+</item>
+<item>
<p>policy</p>
</item>
<item>
@@ -1648,7 +1651,9 @@
</p>
<p>
Two <termref def="policy_assertion">policy assertions</termref> are equivalent
- if they have the same QName and, if either <termref def="policy_assertion">policy assertion</termref>
+ if they have the same QName, if either policy assertion is an <termref def="ignorable_policy_assertion">ignorable policy assertion</termref>,
+ both assertions must be <termref def="ignorable_policy_assertion">ignorable policy assertions</termref>
+ and, if either <termref def="policy_assertion">policy assertion</termref>
has a nested policy, both assertions must have a
nested policy and the nested policies must be equal. If either assertion
contains policy assertion parameters, then the policy assertion parameters
@@ -1657,6 +1662,7 @@
equality may be further refined by the corresponding <termref def="policy_assertion">policy assertion</termref>
specification.
</p>
+
</div2>
<div2 id="effective-policy">
<head>Effective Policy</head>
@@ -2956,6 +2962,15 @@
<td>Implemented Editors' Action
<loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/74">74</loc>.
</td>
+ </tr>
+ <tr>
+ <td>20061109</td>
+ <td>ASV</td>
+ <td>Implemented the
+ <loc href="http://lists.w3.org/Archives/Public/public-ws-policy/2006Nov/0072.html">resolution</loc> for issues
+ <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3721">3721</loc> and
+ <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3789">3789</loc>.
+ </td>
</tr>
</tbody>
</table>
Received on Friday, 10 November 2006 02:18:57 UTC