- From: David Orchard via cvs-syncmail <cvsmail@w3.org>
- Date: Wed, 20 Sep 2006 22:27:19 +0000
- To: public-ws-policy-eds@w3.org
Update of /sources/public/2006/ws/policy
In directory hutz:/tmp/cvs-serv13168
Modified Files:
ws-policy-framework.xml ws-policy-framework.html
Log Message:
extensibility, bugs 3590 and 3662
Index: ws-policy-framework.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-framework.xml,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -d -r1.48 -r1.49
--- ws-policy-framework.xml 19 Sep 2006 00:12:53 -0000 1.48
+++ ws-policy-framework.xml 20 Sep 2006 22:27:16 -0000 1.49
@@ -207,8 +207,7 @@
<ulist>
<item>
<p>An element extensibility point is referred to using {any} in place of the element name. This
-indicates that any element name can be used, from any namespace other than the &nsuri;
-namespace. </p>
+indicates that any element name can be used, from any namespace. </p>
</item>
<item>
<p>An attribute extensibility point is referred to using @{any} in place of the attribute name. This
@@ -1103,7 +1102,9 @@
<wsp:PolicyReference
URI="<emph>xs:anyURI</emph>"
( Digest="<emph>xs:base64Binary</emph>" ( DigestAlgorithm="<emph>xs:anyURI</emph>" )? )?
- … />
+ … >
+ …
+ </wsp:PolicyReference>
…
</wsp:Policy> </eg>
<p>The following describes the Attribute and Element Information Items defined in the schema outline above:</p>
@@ -1157,6 +1158,15 @@
<rfc2119>SHOULD</rfc2119> be ignored.</p>
</def>
</gitem>
+<gitem>
+<label><el>/wsp:Policy/…/wsp:PolicyReference/{any}</el></label>
+<def><p>Additional elements <rfc2119>MAY</rfc2119> be specified but
+<rfc2119>MUST NOT</rfc2119> contradict the semantics of the
+ <emph role="infoset-property">parent element</emph>;
+ if an element is not recognized, it
+<rfc2119>SHOULD</rfc2119> be ignored.</p>
+</def>
+</gitem>
</glist>
<p>In the example below two policies include and extend a common policy. In the first example there is a single policy document containing two policy assertions. The expression is given an identifier but not a fully qualified location. The second and third expressions reference the first expression by URI indicating the referenced expression is within the document. </p>
@@ -1791,6 +1801,21 @@
Add Cross-Product description to 4.3.3 in Framework.
</td>
</tr>
+ <tr>
+ <td>20060920</td>
+ <td>DBO</td>
+ <td>Completed action item:
+ <loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/24">24</loc>
+ for issue
+ <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3662">3662</loc>,
+ Add PolicyReference extensibility as ##any.
+ <br/>
+ and <loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/25">25</loc>
+ for issue
+ <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3590">3590</loc>,
+ Add PolicyReference extensibility.
+ </td>
+ </tr>
</tbody>
</table>
</inform-div1>
Index: ws-policy-framework.html
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-framework.html,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -d -r1.36 -r1.37
--- ws-policy-framework.html 13 Sep 2006 22:25:26 -0000 1.36
+++ ws-policy-framework.html 20 Sep 2006 22:27:16 -0000 1.37
@@ -72,7 +72,7 @@
<h2><a name="status">Status of this Document</a></h2><p><strong>This document is an editors' copy that has
no official standing.</strong></p><p></p></div>
<hr><div class="toc">
-<h2><a name="contents">Table of Contents</a></h2><p class="toc">1. <a href="#tocRange">Introduction</a><br> 1.1 <a href="#Example">Example</a><br>2. <a href="#Notation_Terminilogy">Notations and Terminology</a><br> 2.1 <a href="#Notational_Conventions">Notational Conventions</a><br> 2.2 <a href="#Extensibility">Extensibility</a><br> 2.3 <a href="#XML_Namespaces">XML Namespaces</a><br> 2.4 <a href="#Terminology">Terminology</a><br>3. <a href="#Policy_Model">Policy Model</a><br> 3.1 <a href="#rPolicy_Assertion">Policy Assertion</a><br> 3.2 <a href="#rPolicy_Alternative">Policy Alternative</a><br> 3.3 <a href="#rPolicy">Policy</a><br> 3.4 <a href="#Web_services">Web services</a><br>4. <a href="#rPolicy_Expression">Policy Expression</a><br> 4.1 <a href="#Normal_Form_Policy_Expression"Normal Form Policy Expression</a><br> 4.2 <a href="#Policy_Identification">Policy Identification</a><br> 4.3 <a href="#Compact_Policy_Expression">Compact Policy Expression</a><br> 4.3.1 <a href="#Optional_Policy_Assertions">Optional Policy Assertions</a><br> 4.3.2 <a href="#Policy_Assertion_Nesting">Policy Assertion Nesting</a><br> 4.3.3 <a href="#Policy_Operators">Policy Operators</a><br> 4.3.4 <a href="#Policy_Inclusion">Policy Inclusion</a><br> 4.4 <a href="#Policy_Intersection">Policy Intersection</a><br>5. <a href="#Security_Considerations">Security Considerations</a><br>6. <a href="#Conformance">Conformance</a><br></p>
+<h2><a name="contents">Table of Contents</a></h2><p class="toc">1. <a href="#tocRange">Introduction</a><br> 1.1 <a href="#Example">Example</a><br>2. <a href="#Notation_Terminilogy">Notations and Terminology</a><br> 2.1 <a href="#Notational_Conventions">Notational Conventions</a><br> 2.2 <a href="#Extensibility">Extensibility</a><br> 2.3 <a href="#XML_Namespaces">XML Namespaces</a><br> 2.4 <a href="#Terminology">Terminology</a><br>3. <a href="#Policy_Model">Policy Model</a><br> 3.1 <a href="#rPolicy_Assertion">Policy Assertion</a><br> 3.2 <a href="#rPolicy_Alternative">Policy Alternative</a><br> 3.3 <a href="#rPolicy">Policy</a><br> 3.4 <a href="#Web_services">Policies of Entities in a Web Services Based System</a><br>4. <a href="#rPolicy_Expression">Policy Expression</a><br> 4.1 < href="#Normal_Form_Policy_Expression">Normal Form Policy Expression</a><br> 4.2 <a href="#Policy_Identification">Policy Identification</a><br> 4.3 <a href="#Compact_Policy_Expression">Compact Policy Expression</a><br> 4.3.1 <a href="#Optional_Policy_Assertions">Optional Policy Assertions</a><br> 4.3.2 <a href="#Policy_Assertion_Nesting">Policy Assertion Nesting</a><br> 4.3.3 <a href="#Policy_Operators">Policy Operators</a><br> 4.3.4 <a href="#Policy_Inclusion">Policy Inclusion</a><br> 4.4 <a href="#Policy_Intersection">Policy Intersection</a><br>5. <a href="#Security_Considerations">Security Considerations</a><br>6. <a href="#Conformance">Conformance</a><br></p>
<h3><a name="appendix" id="appendix">Appendices</a></h3><p class="toc">A. <a href="#References">References</a><br> A.1 <a href="#Normative-References">Normative References</a><br> A.2 <a href="#Informative-References">Other References</a><br>B. <a href="#acknowledgments">Acknowledgements</a> (Non-Normative)<br>C. <a href="#change-description">Changes in this Version of the Document</a> (Non-Normative)<br>D. <a href="#change-log">Web Services Policy 1.5 - Framework Change Log</a> (Non-Normative)<br></p></div><hr><div class="body">
<div class="div1">
@@ -207,8 +207,7 @@
<ul>
<li>
<p>An element extensibility point is referred to using {any} in place of the element name. This
-indicates that any element name can be used, from any namespace other than the http://www.w3.org/@@@@/@@/ws-policy
-namespace. </p>
+indicates that any element name can be used, from any namespace. </p>
</li>
<li>
<p>An attribute extensibility point is referred to using @{any} in place of the attribute name. This
@@ -235,7 +234,7 @@
or <strong>[owner]</strong> property of the extension. If an
Attribute Information Item is not recognized, it <span class="rfc2119">SHOULD</span>
be ignored; if an Element Information Item is not recognized, it
- <span class="rfc2119">SHOULD</span> be treated as an assertion.</p>
+ <span class="rfc2119">MUST</span> be treated as an assertion.</p>
</div>
<div class="div2">
@@ -300,11 +299,12 @@
<li>
<p>Modifications to the pattern facet of a type definition for which the
value-space of the previous definition remains valid or for
- which the value-space of the preponderance of
- instance would remain valid.</p></li>
+ which the value-space of the vast majority of
+ instances would remain valid.</p></li>
<li>
- <p>Modifications to the cardinality of elements for which the
- value-space of possible instance documents conformant to
+ <p>Modifications to the cardinality of elements
+ (i.e. modifications to minOccurs or maxOccurs attribute value of an element declaration)
+ for which the value-space of possible instance documents conformant to
the previous revision of the schema would still be valid
with regards to the revised cardinality rule.</p></li>
</ul>
@@ -462,45 +462,45 @@
specification.</p>
</div>
<div class="div2">
-
-<h3><a name="Web_services"></a>3.4 Web services</h3>
+
+<h3><a name="Web_services"></a>3.4 Policies of Entities in a Web Services Based System</h3>
- <p>Applied in the Web services model, <a title="policy" href="#policy">policy</a> is used to convey conditions
- on an interaction between a Web service requestor and a Web service provider. Satisfying assertions in the policy usually
- results in behavior that reflects these
- conditions. Typically, the provider of a Web service
- exposes a policy to convey conditions under which it
- provides the service. A requester might use this policy to
- decide whether or not to use the service. A requester may
- choose any alternative since each is a valid configuration
- for interaction with the service, but a requester
+ <p>Applied in the Web services based system, <a title="policy" href="#policy">policy</a> is used to convey conditions
+ on an interaction between entities (requester application,
+ provider service, Web infrastructure component, etc). Any entity in a
+ Web services based system may expose a policy to convey conditions under
+ which it functions. Satisfying assertions in the policy usually results
+ in behavior that reflects these conditions. For example, if two entities
+ - requester and provider - expose their policies, a requester might use
+ the policy of the provider to decide whether or not to use the service.
+ A requester may choose any alternative since each is a valid
+ configuration for interaction with the service, but a requester
<span class="rfc2119">MUST</span> choose only a single alternative
for an interaction with a service since each represents an
alternative configuration.</p>
<p>A <a title="policy assertion" href="#policy_assertion">policy
- assertion</a> is supported by a
- requester if and only if the requester satisfies the
- requirement (or accommodates the capability) corresponding
- to the assertion. A <a title="policy alternative" href="#policy_alternative">policy alternative</a> is
- supported by a requester if and only if the
- requester supports all the assertions in the
- alternative. And, a <a title="policy" href="#policy">policy</a>
- is supported by a requester if and only if
- the requester supports at least one of the alternatives in
- the policy. Note that although policy alternatives are
- meant to be mutually exclusive, it cannot be decided in
- general whether or not more than one alternative can be
+ assertion</a> is supported by an entity in the web services
+ based system if and only if the entity satisfies the requirement
+ (or accommodates the capability) corresponding to the assertion.
+ A <a title="policy alternative" href="#policy_alternative">policy alternative</a>
+ is supported by an entity if and only if the entity supports
+ all the assertions in the alternative. And, a <a title="policy" href="#policy">policy</a>
+ is supported by an entity if and only if the entity supports
+ at least one of the alternatives in the policy. Note that although
+ policy alternatives are meant to be mutually exclusive, it cannot
+ be decided in general whether or not more than one alternative can be
supported at the same time.</p>
- <p>Note that a requester may be able to support a policy
- even if the requester does not understand the <a title="policy assertion type" href="#policy_assertion_type">type</a> of each assertion in
+ <p>Note that an entity may be able to support a policy
+ even if the entity does not understand the <a title="policy assertion type" href="#policy_assertion_type">type</a> of each assertion in
the <a title="policy vocabulary" href="#policy_vocabulary">vocabulary of the
- policy</a>; the requester only has to understand the
- type of each assertion in the vocabulary of a <a title="policy alternative" href="#policy_alternative">policy alternative</a> the requester supports. This characteristic is crucial to
+ policy</a>; the entity only has to understand the
+ type of each assertion in the vocabulary of a <a title="policy alternative" href="#policy_alternative">policy alternative</a>
+ the entity supports. This characteristic is crucial to
versioning and incremental deployment of new assertions
because this allows a provider's policy to include new
- assertions in new alternatives while allowing requesters
+ assertions in new alternatives while allowing entities
to continue to use old alternatives in a
backward-compatible manner.</p>
</div>
@@ -514,6 +514,13 @@
normal form policy expression is the most straightforward
Infoset; equivalent, alternative Infosets allow compactly
expressing a policy through a number of constructs.</p>
+
+ <p>This specification does not define processing for arbitrary <code class="elt">wsp:Policy</code>
+ Element Information Items in any context other than as an Element Information Item
+ in the <strong>[children]</strong> property of an Element
+ Information Item that is in the <strong>[children]</strong>
+ property of an element Information Item defined in section 4.1 below.
+ </p>
<div class="div2">
@@ -703,21 +710,21 @@
<h4><a name="Optional_Policy_Assertions"></a>4.3.1 Optional Policy Assertions</h4>
<p>To indicate that a <a title="policy assertion" href="#policy_assertion">policy
-assertion</a> is optional, this specification defines an
-attribute that is a syntactic shortcut for expressing policy
-alternatives with and without the assertion. The schema outline for
+assertion</a> is optional, this specification defines an attribute
+that is a compact authoring style for expressing a pair of policy alternatives,
+one with and one without that assertion. The schema outline for
this attribute is as follows:</p>
<div class="exampleInner"><pre><<em>Assertion</em> ( wsp:Optional="<em>xs:boolean</em>" )? …> … </<em>Assertion</em>></pre></div>
<p>The following describes the Attribute Information Item defined in
the schema outline above:</p>
<dl>
<dt class="label"><code class="attr">/Assertion/@wsp:Optional</code> </dt>
-<dd><p>If true, the expression of the assertion is semantically equivalent to the following:</p>
+ <dd><p>If the actual value (See XML Schema Part 1 [<cite><a href="#XMLSchemaPart1">XML Schema Structures</a></cite>]) is true, the expression of the assertion is semantically equivalent to the following:</p>
<div class="exampleInner"><pre><wsp:ExactlyOne>
<wsp:All> <<em>Assertion</em> …> … </<em>Assertion</em>> </wsp:All>
<wsp:All />
</wsp:ExactlyOne></pre></div>
-<p>If false, the expression of the assertion is semantically equivalent to the following:</p>
+ <p>If the actual value (See XML Schema Part 1 [<cite><a href="#XMLSchemaPart1">XML Schema Structures</a></cite>]) is false, the expression of the assertion is semantically equivalent to the following:</p>
<div class="exampleInner"><pre><wsp:ExactlyOne>
<wsp:All> <<em>Assertion</em> …> … </<em>Assertion</em>> </wsp:All>
</wsp:ExactlyOne></pre></div>
@@ -783,17 +790,16 @@
<code><wsp:Policy/></code> Element Information Item in its <strong>[children]</strong> property; as explained in
Section <a href="#Policy_Operators"><b>4.3.3 Policy Operators</b></a>, this is equivalent to a
nested policy expression with a single alternative that has zero
-assertions. If this is not done then two assertions of the same type
-will not be compatible and intersection may fail (see Section <a href="#Policy_Intersection"><b>4.4 Policy Intersection</b></a>).</p></dd>
-
-
-<dt class="label">/Assertion/*/wsp:Policy</dt>
+assertions. The reason for requring least an empty <code><wsp:Policy/></code>
+Element above is to ensure that two assertions of the same type will always be
+compatible and an intersection would not fail
+(see Section <a href="#Policy_Intersection"><b>4.4 Policy Intersection</b></a>).</p></dd>
-<dd><p>This specification does not define processing for arbitrary
+<p>Note: This specification does not define processing for arbitrary
<code class="elt">wsp:Policy</code> Element Information Items in the descendants
-of an assertion, e.g., in the <strong>[children]</strong> property of one of the <strong>[children]</strong> as in
+of an assertion parameter, e.g., in the <strong>[children]</strong> property of one of the <strong>[children]</strong> as in
<code><Lorem><Ipsum><wsp:Policy> …
-</wsp:Policy></Ipsum></Lorem></code>.</p></dd>
+</wsp:Policy></Ipsum></Lorem></code>.</p>
</dl>
<p>Policy assertions containing a nested policy expression are
@@ -810,7 +816,8 @@
branches have branches etc, in the normal form, a policy is a stump
with straight vines.</p>
-<p>For example, consider the following compact nested policy expression:</p>
+<p>For example, consider the following policy expression with
+nested policy expressions in a compact form:</p>
<div class="exampleInner"><pre>(01) <wsp:Policy
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
xmlns:wsp="http://www.w3.org/@@@@/@@/ws-policy" >
@@ -842,7 +849,7 @@
indicated by the transport binding assertion requires the behavior
indicated by one of the assertions within the algorithm suite
assertion.</p>
-<p>The normalized form of this policy is equivalent to the following:</p>
+<p>The normalized form of the example above is equivalent to the following:</p>
<div class="exampleInner"><pre>(01) <wsp:Policy
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
xmlns:wsp="http://www.w3.org/@@@@/@@/ws-policy" >
@@ -989,7 +996,7 @@
<em> <!-- assertion 2 --></em>
</wsp:All>
</wsp:ExactlyOne></pre></div>
-<p>Similarly,</p>
+<p>Similarly by repeatedly distributing wsp:All over wsp:ExactlyOne,</p>
<div class="exampleInner"><pre><wsp:All>
<wsp:ExactlyOne>
<em> <!-- assertion 1 --></em>
@@ -1089,7 +1096,9 @@
<wsp:PolicyReference
URI="<em>xs:anyURI</em>"
( Digest="<em>xs:base64Binary</em>" ( DigestAlgorithm="<em>xs:anyURI</em>" )? )?
- … />
+ … >
+ …
+ </wsp:PolicyReference>
…
</wsp:Policy> </pre></div>
<p>The following describes the Attribute and Element Information Items defined in the schema outline above:</p>
@@ -1143,6 +1152,15 @@
<span class="rfc2119">SHOULD</span> be ignored.</p>
</dd>
+
+<dt class="label"><code class="elt">/wsp:Policy/…/wsp:PolicyReference/{any}</code> </dt>
+<dd><p>Additional elements <span class="rfc2119">MAY</span> be specified but
+<span class="rfc2119">MUST NOT</span> contradict the semantics of the
+ <strong>[parent element]</strong>;
+ if an element is not recognized, it
+<span class="rfc2119">SHOULD</span> be ignored.</p>
+</dd>
+
</dl>
<p>In the example below two policies include and extend a common policy. In the first example there is a single policy document containing two policy assertions. The expression is given an identifier but not a fully qualified location. The second and third expressions reference the first expression by URI indicating the referenced expression is within the document. </p>
@@ -1722,6 +1740,85 @@
<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/11">11</a>.
</td>
</tr>
+ <tr>
+ <td rowspan="1" colspan="1">20060918</td>
+ <td rowspan="1" colspan="1">PY</td>
+ <td rowspan="1" colspan="1">Completed action item:
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/16">16</a>.
+ </td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="1">20060918</td>
+ <td rowspan="1" colspan="1">PY</td>
+ <td rowspan="1" colspan="1">Completed action item:
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/17">17</a>.
+ </td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="1">20060918</td>
+ <td rowspan="1" colspan="1">PY</td>
+ <td rowspan="1" colspan="1">Completed action item:
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/23">23</a>
+ for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3617">3617</a>,
+ Namespace URI versioning Policy is not clear.
+ </td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="1">20060918</td>
+ <td rowspan="1" colspan="1">PY</td>
+ <td rowspan="1" colspan="1">Completed action item:
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/33">33</a>
+ for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3672">3672</a>,
+ Clarify the policy model for Web Services.
+ </td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="1">20060918</td>
+ <td rowspan="1" colspan="1">PY</td>
+ <td rowspan="1" colspan="1">Completed action item:
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/34">34</a>
+ for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3703">3703</a>,
+ Element within policy expression must be an assertion.
+ </td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="1">20060918</td>
+ <td rowspan="1" colspan="1">PY</td>
+ <td rowspan="1" colspan="1">Completed action item:
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/39">39</a>
+ for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3710">3710</a>,
+ Clarify that policy assertion parameters are opaque to framework processing.
+ </td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="1">20060918</td>
+ <td rowspan="1" colspan="1">PY</td>
+ <td rowspan="1" colspan="1">Completed action item:
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/40">40</a>
+ for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3711">3711</a>,
+ Add Cross-Product description to 4.3.3 in Framework.
+ </td>
+ </tr>
+ <tr>
+ <td rowspan="1" colspan="1">20060920</td>
+ <td rowspan="1" colspan="1">DBO</td>
+ <td rowspan="1" colspan="1">Completed action item:
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/24">24</a>
+ for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3662">3662</a>,
+ Add PolicyReference extensibility as ##any.
+
+ and <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/25">25</a>
+ for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3590">3590</a>,
+ Add PolicyReference extensibility.
+ </td>
+ </tr>
</tbody>
</table><br>
</div>
Received on Wednesday, 20 September 2006 22:27:36 UTC