- From: Prasad Yendluri via cvs-syncmail <cvsmail@w3.org>
- Date: Thu, 19 Oct 2006 19:27:29 +0000
- To: public-ws-policy-eds@w3.org
Update of /sources/public/2006/ws/policy In directory hutz:/tmp/cvs-serv32573 Modified Files: ws-policy-framework.html ws-policy-attachment.html Log Message: Upload latest revisions Index: ws-policy-framework.html =================================================================== RCS file: /sources/public/2006/ws/policy/ws-policy-framework.html,v retrieving revision 1.55 retrieving revision 1.56 diff -u -d -r1.55 -r1.56 --- ws-policy-framework.html 13 Oct 2006 20:29:44 -0000 1.55 +++ ws-policy-framework.html 19 Oct 2006 19:27:27 -0000 1.56 @@ -108,7 +108,7 @@ (12) </wsp:All> (13) </wsp:ExactlyOne> (14) </wsp:Policy></pre></div></div><p>Lines (03-06) represent one - policy alternative for signing a message body.</p><p>Lines (08-11) represents a second policy alternative for encrypting a message body. </p><p>Lines (02-13) illustrates the <code class="elt">ExactlyOne</code> policy + policy alternative for signing a message body.</p><p>Lines (08-11) represent a second policy alternative for encrypting a message body. </p><p>Lines (02-13) illustrate the <code class="elt">ExactlyOne</code> policy operator. Policy operators group policy assertions into policy alternatives. A valid interpretation of the policy above would be that an invocation of a Web service will either sign or encrypt the message body.</p></div></div><div class="div1"> @@ -177,16 +177,11 @@ <a href="#nested_policy_expression">nested policy expression</a> </dt><dd><p>A <b>nested policy expression</b> is a <a title="policy expression" href="#policy_expression">policy expression</a> that is an Element Information Item in the <strong>[children]</strong> property of a <a title="policy assertion" href="#policy_assertion">policy assertion</a>.</p></dd><dt class="label"> <a href="#policy">policy</a> - </dt><dd><p>A <b>policy</b> is a potentially empty collection of - <a title="policy alternative" href="#policy_alternative">policy alternatives</a>. </p></dd><dt class="label"> + </dt><dd><p>A <b>policy</b> is a collection of + <a title="policy alternative" href="#policy_alternative">policy alternatives</a>, </p></dd><dt class="label"> <a href="#policy_alternative">policy alternative</a> - </dt><dd><p>A <b>policy alternative</b> - is a potentially empty collection of <a title="policy assertion" href="#policy_assertion">policy assertions</a>.</p></dd><dt class="label"> - <a href="#policy_alternative_vocabulary">policy alternative vocabulary</a> - </dt><dd><p>A <b>policy alternative vocabulary</b> is the set of - all <a title="policy assertion type" href="#policy_assertion_type">policy assertion - types</a> within the <a title="policy alternative" href="#policy_alternative">policy - alternative</a>.</p></dd><dt class="label"> + </dt><dd><p>a <b>policy alternative</b> + is a collection of <a title="policy assertion" href="#policy_assertion">policy assertions</a>.</p></dd><dt class="label"> <a href="#policy_assertion">policy assertion</a> </dt><dd><p>A <b>policy assertion</b> represents an individual requirement, capability, or other property of a behavior.</p></dd><dt class="label"> @@ -335,7 +330,7 @@ (i) Normal form of a policy expression (ii) Compact form of a policy expression (iii) Identification of policy expressions and (iv) Policy intersection. </p><p> The normal form of a policy expression is the most straightforward - Infoset represenattion; equivalent, alternative Infosets allow compactly + Infoset representation; equivalent, alternative Infosets allow compactly expressing a policy through a number of constructs.</p><p>This specification does not define processing for arbitrary <code class="elt">wsp:Policy</code> Element Information Items in any context other than as an Element Information Item in the <strong>[children]</strong> property of an Element @@ -499,7 +494,7 @@ <code><wsp:Policy/></code> Element Information Item in its <strong>[children]</strong> property; as explained in Section <a href="#Policy_Operators"><b>4.3.3 Policy Operators</b></a>, this is equivalent to a nested policy expression with a single alternative that has zero -assertions. The reason for requring least an empty <code><wsp:Policy/></code> +assertions. The reason for requiring at least an empty <code><wsp:Policy/></code> Element above is to ensure that two assertions of the same type will always be compatible and an intersection would not fail (see Section <a href="#Policy_Intersection"><b>4.4 Policy Intersection</b></a>).</p><p>Note: This specification does not define processing for arbitrary @@ -766,7 +761,6 @@ <!-- Policy P1 --> (02) <wsp:ExactlyOne> (03) <wsp:All> <!-- Alternative A1 --> - (04) <sp:SignedElements> (05) <sp:XPath>/S:Envelope/S:Body</sp:XPath> (06) </sp:SignedElements> @@ -849,7 +843,8 @@ be mitigated by requiring authentication for sensitive information, by omitting sensitive information from the policy or by securing access to the policy. For securing access to policy metadata, policy providers can use mechanisms from other Web Services - specifications such as WS-Security and WS-MetadataExchange.</p></div><div class="div2"> + specifications such as WS-Security [<cite><a href="#WS-Security">WS-Security 2004</a></cite>] and + WS-MetadataExchange [<cite><a href="#WS-MetadataExchange">WS-MetadataExchange</a></cite>] .</p></div><div class="div2"> <h3><a name="spoofing-and-tampering-threats"></a>5.2 Spoofing and Tampering Threats</h3><p>If a policy expression is unsigned it could be easily tampered with or replaced. To prevent tampering or spoofing of policy, requestors should discard a policy unless it is signed by the provider and presented with sufficient credentials. Requestors should also @@ -1058,7 +1053,12 @@ http://www.w3.org/TR/2006/CR-wsdl20-20060327. The <a href="http://www.w3.org/TR/wsdl20/">latest version of WSDL 2.0</a> is available at http://www.w3.org/TR/wsdl20. - </dd><dt class="label"><a name="XML-Signature"></a>[XML-Signature] </dt><dd> + </dd><dt class="label"><a name="WS-MetadataExchange"></a>[WS-MetadataExchange] </dt><dd> + <cite><a href="http://schemas.xmlsoap.org/ws/2004/09/mex/">Web Services Metadata Exchange (WS-MetadataExchange)</a></cite>, K. Ballinger, + et al, Authors. BEA Systems Inc., Computer Associates International, Inc., International + Business Machines Corporation, Microsoft Corporation, Inc., SAP AG, Sun Microsystems, and + webMethods, August 2006. Available at http://schemas.xmlsoap.org/ws/2004/09/mex/. + </dd><dt class="label"><a name="XML-Signature"></a>[XML-Signature] </dt><dd> <cite><a href="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/">XML-Signature Syntax and Processing</a></cite>, D. Eastlake, J. Reagle, and D. Solo, Editors. The Internet Society & World Wide Web Consortium, 12 February @@ -1235,4 +1235,6 @@ </td></tr><tr><td rowspan="1" colspan="1">20061012</td><td rowspan="1" colspan="1">DBO</td><td rowspan="1" colspan="1">Revisited action items: <a href="http://www.w3.org/2006/07/12-ws-policy-minutes.html#action15">15</a> as early as possible in the doc, use the definition that are defined in the doc. Opened as Bug <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3720">3720</a> - </td></tr></tbody></table><br></div></div></body></html> \ No newline at end of file + </td></tr><tr><td rowspan="1" colspan="1">20061019</td><td rowspan="1" colspan="1">PY</td><td rowspan="1" colspan="1">Completed action item: + <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/57">57</a> PaulC's comments. + </td></tr></tbody></table><br></div></div></body></html> \ No newline at end of file Index: ws-policy-attachment.html =================================================================== RCS file: /sources/public/2006/ws/policy/ws-policy-attachment.html,v retrieving revision 1.53 retrieving revision 1.54 diff -u -d -r1.53 -r1.54 --- ws-policy-attachment.html 13 Oct 2006 20:29:44 -0000 1.53 +++ ws-policy-attachment.html 19 Oct 2006 19:27:27 -0000 1.54 @@ -203,11 +203,11 @@ children of a wrapper <code class="elt">wsp:Policy</code> element.</p></dd><dt class="label"> <a href="ws-policy-framework.html#policy">policy</a> - </dt><dd><p id="policy">A <b>policy</b> is a potentially empty collection of - <a title="" href="#policy_alternative">policy alternatives</a>. </p></dd><dt class="label"> + </dt><dd><p id="policy">A <b>policy</b> is a collection of + <a title="" href="#policy_alternative">policy alternatives</a>, </p></dd><dt class="label"> <a href="ws-policy-framework.html#policy_alternative">policy alternative</a> - </dt><dd><p id="policy_alternative">A <b>policy alternative</b> - is a potentially empty collection of <a title="" href="#policy_assertion">policy assertions</a>.</p></dd><dt class="label"> + </dt><dd><p id="policy_alternative">a <b>policy alternative</b> + is a collection of <a title="" href="#policy_assertion">policy assertions</a>.</p></dd><dt class="label"> <a href="ws-policy-framework.html#policy_assertion">policy assertion</a> </dt><dd><p id="policy_assertion">A <b>policy assertion</b> represents an individual requirement, capability, or other property of a behavior.</p></dd><dt class="label"> @@ -286,7 +286,7 @@ assumed to be located at <code>http://www.example.com/policies</code>. Per Section <a href="http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-framework.html?content-type=text/html;charset=utf-8/#Policy_Identification">3.2 - Policy Identification</a> of Web Services Policy 1.5 - Framework [<cite><a href="#WS-Policy">Web Services Policy Framework</a></cite>], the URIs used for these <a title="" href="#policy_expression">policy expressions</a> + Policy Identification</a> of Web Services Policy 1.5 - Framework [<cite><a href="#WS-Policy">Web Services Policy Framework</a></cite>], the IRIs used for these <a title="" href="#policy_expression">policy expressions</a> in the remainder of this document are <code>http://www.example.com/policies#RmPolicy</code> and <code>http://www.example.com/policies#X509EndpointPolicy</code>, @@ -398,7 +398,7 @@ <h3><a name="ExternalPolicyAttachment"></a>3.4 External Policy Attachment</h3><p>This mechanism allows <a title="" href="#policy">policies</a> to be associated with a <a title="" href="#policy_subject">policy subject</a> independent of that subject's definition and/or representation through the use of a <code class="elt">wsp:PolicyAttachment</code> -gelement.</p><p>This element has three components: the <a title="" href="#policy_scope">policy scope</a> of the +element.</p><p>This element has three components: the <a title="" href="#policy_scope">policy scope</a> of the attachment, the <a title="" href="#policy_expression">policy expressions</a> being bound, and optional security information. The <a title="" href="#policy_scope">policy scope</a> of the attachment is defined using one or more extensible domain expressions that identify <a title="" href="#policy_subject">policy subjects</a>, @@ -1659,4 +1659,6 @@ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/1">resolution</a> for issue <a href="http://www.w3.org/2006/07/13-ws-policy-minutes.html#action10">summary of Action 10 from F2F</a> replaced "subject" instances with "policy subject" - </td></tr><tr><td rowspan="1" colspan="1">20061012</td><td rowspan="1" colspan="1">PY</td><td rowspan="1" colspan="1">Updated "Changes in this Version" section (Appendix D)</td></tr></tbody></table><br></div></div></body></html> \ No newline at end of file + </td></tr><tr><td rowspan="1" colspan="1">20061012</td><td rowspan="1" colspan="1">PY</td><td rowspan="1" colspan="1">Updated "Changes in this Version" section (Appendix D)</td></tr><tr><td rowspan="1" colspan="1">20061019</td><td rowspan="1" colspan="1">PY</td><td rowspan="1" colspan="1">Completed action item: + <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/57">57</a> PaulC's comments. + </td></tr></tbody></table><br></div></div></body></html> \ No newline at end of file
Received on Thursday, 19 October 2006 19:27:39 UTC