- From: David Orchard via cvs-syncmail <cvsmail@w3.org>
- Date: Tue, 16 Jan 2007 22:09:38 +0000
- To: public-ws-policy-eds@w3.org
Update of /sources/public/2006/ws/policy
In directory hutz:/tmp/cvs-serv29274
Modified Files:
ws-policy-attachment.html ws-policy-attachment.xml
Log Message:
Bug 4211 resolution
Index: ws-policy-attachment.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-attachment.xml,v
retrieving revision 1.74
retrieving revision 1.75
diff -u -d -r1.74 -r1.75
--- ws-policy-attachment.xml 8 Jan 2007 17:20:45 -0000 1.74
+++ ws-policy-attachment.xml 16 Jan 2007 22:09:36 -0000 1.75
@@ -477,13 +477,13 @@
at different points in a WSDL description that apply to one policy
subject, and other attachments may be made by UDDI and other
mechanisms.</p>
-<p>When multiple attachments are made, <termdef id="effective_policy" term="effective policy">the
+<p>When multiple attachments are made, their relevent policies can be combined. <termdef id="effective_policy" term="effective policy">The
<term>effective policy</term>, for a given <termref def="policy_subject">policy subject</termref>, is the
combination of relevant policies. The relevant policies are those
attached to <termref def="policy_scope">policy scopes</termref> that
contain the <termref def="policy_subject">policy subject</termref>.</termdef>
</p>
-<p>This combination can be achieved by: <termdef id="merge" term="merge">a <term>merge</term>
+<p>This combination can be achieved through a merge. <termdef id="merge" term="merge">A <term>merge</term>
consists of serializing each policy as a
<termref def="policy_expression">policy expression</termref>, replacing their
<el>wsp:Policy</el> element with a
@@ -2266,8 +2266,7 @@
</div1>
<div1 id="SecurityConsiderations">
<head>Security Considerations</head>
-<p>It is <rfc2119>RECOMMENDED</rfc2119> that <termref def="policy_attachment">policy attachments</termref> be
-signed to prevent tampering. This also provides a mechanism for
+<p>It is <rfc2119>RECOMMENDED</rfc2119> that <termref def="policy_attachment">policy attachments</termref> be integrity protected to permit the detection of tampering. This can be done using a technology such as XML DSig [<bibref ref="XML-Signature" />], SSL/TLS [<bibref ref="RFC2246"/>], or WS-Security 2004 [<bibref ref="WS-Security"/>]. This also provides a mechanism for
authenticating <termref def="policy_attachment">policy attachments</termref> by determining if the signer has the
right to "speak for" the scope of the <termref def="policy_attachment">policy attachment</termref>.</p>
<p>Policies <rfc2119>SHOULD NOT</rfc2119> be accepted unless they are
@@ -2477,6 +2476,10 @@
<div2 id="Informative-References">
<head>Other References</head>
<blist>
+ <bibl key="IETF RFC 3023"
+ href="http://www.ietf.org/rfc/rfc2246.txt" id="RFC2246">IETF
+ "RFC 2246: The TLS Protocol", T. Dierks, C. Allen, January
+ 1999.</bibl>
<bibl key="MTOM" id="MTOM" href="http://www.w3.org/TR/2005/REC-soap12-mtom-20050125/">
<titleref>SOAP Message Transmission Optimization Mechanism</titleref>, M. Gudgin, N.
Mendelsohn, M. Nottingham and H. Ruellan, Editors. World Wide Web Consortium, 25 January
@@ -3124,7 +3127,15 @@
<td>ASV</td>
<td>Reset Section <specref ref="change-description"/>.
</td>
- </tr>
+ </tr>
+ <tr>
+ <td>20070116</td>
+ <td>DBO</td>
+ <td>Completed action item:
+ <loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/116">116</loc> and
+ <loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/124">124</loc>
+ Resolution for issue <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4211">4211</loc></td>
+ </tr>
</tbody>
</table>
</inform-div1>
Index: ws-policy-attachment.html
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-attachment.html,v
retrieving revision 1.74
retrieving revision 1.75
diff -u -d -r1.74 -r1.75
--- ws-policy-attachment.html 8 Jan 2007 17:20:45 -0000 1.74
+++ ws-policy-attachment.html 16 Jan 2007 22:09:36 -0000 1.75
@@ -65,7 +65,7 @@
</p></div><div>
<h2><a name="status">Status of this Document</a></h2><p><strong>This document is an editors' copy that has
no official standing.</strong></p><p></p></div><hr><div class="toc">
-<h2><a name="contents">Table of Contents</a></h2><p class="toc">1. <a href="#tocRange">Introduction</a><br>2. <a href="#NotationsTerminology">Notations and Terminology</a><br> 2.1 <a href="#NotationalConventions">Notational Conventions</a><br> 2.2 <a href="#XMLNamespaces">XML Namespaces</a><br> 2.3 <a href="#Glossary">Terminology</a><br> 2.4 <a href="#Example">Example</a><br>3. <a href="#rPolicyAttachment">Policy Attachment</a><br> 3.1 <a href="#rEffectivePolicy">Effective Policy</a><br> 3.2 <a href="#PolicyAttachmentMechanisms">Policy Attachment Mechanisms</a><br> 3.3 <a href="#XMLElementAttachement">XML Element Attachment</a><br> 3.4 <a href="#ExternalPolicyAttachment">External Policy Attachment</a><br> 3.4.1 <a href="#uri-domain-expression">URI Domain Expression</a><br> &bsp; 3.5 <a href="#IRI_Policy_Attachment">Use of IRIs in Policy Attachment</a><br>4. <a href="#AttachingPolicyUsingWSDL1.1">Attaching Policies Using WSDL 1.1</a><br> 4.1 <a href="#CalculatingEffectivyPolicywithWSDL1.1">Calculating Effective Policy in WSDL 1.1</a><br> 4.1.1 <a href="#ServicePolicySubject">Service Policy Subject</a><br> 4.1.2 <a href="#EndpointPolicySubject">Endpoint Policy Subject</a><br> 4.1.3 <a href="#OperationPolicySubject">Operation Policy Subject</a><br> 4.1.4 <a href="#MessagePolicySubject">Message Policy Subject</a><br> 4.1.5 <a href="#Example2">Example</a><br>5. <a href="#ws-policy-attachment-for-wsdl20">WS-Policy Attachment for WSDL 2.0</a><br> 5.1 <a href="#wsdl20-example">Example</a><br> nbsp; 5.2 <a href="#attaching-policy-expressions">Attaching Policy Expressions</a><br> 5.3 <a href="#extension-to-wsdl-component-model">Extension to WSDL Component Model</a><br> 5.4 <a href="#effective-policy">Effective Policy</a><br> 5.4.1 <a href="#service-policy-subject">Service Policy Subject</a><br> 5.4.2 <a href="#endpoint-policy-subject">Endpoint Policy Subject</a><br> 5.4.3 <a href="#operation-policy-subject">Operation Policy Subject</a><br> 5.4.4 <a href="#message-policy-subject-input">Message Policy Subject (input message)</a><br> 5.4.5 <a href="#message-policy-subject-output">Message Policy Subject (output message)</a><br> 5.4.6 <a href="#message-policy-subject-inut-fault">Message Policy Subject (input fault message)</a><br> 5.4.7 <a href="#message-policy-subject-output-fault">Message Policy Subject (output fault message)</a><br>6. <a href="#AttachingPoliciesUsingUDDI">Attaching Policies Using UDDI</a><br> 6.1 <a href="#CalculatingEffectivePolicyElementPolicyUDDI">Calculating Effective Policy and Element Policy in UDDI</a><br> 6.1.1 <a href="#ServiceProviderPolicySubjectUDDI">Service Provider Policy Subject</a><br> 6.1.2 <a href="#ServicePolicySubjectUDDI">Service Policy Subject</a><br> 6.1.3 <a href="#EndpointPolicySubjectUDDI">Endpoint Policy Subject</a><br> 6.2 <a href="#ReferencingRemotePolicyExpressions">Referencing Remote Policy Expressions</a><br> 6.3 <a href="#RegisteringReusablePolicyExpressions">Registerng Reusable Policy Expressions</a><br> 6.4 <a href="#RegisteringPoliciesUDDIVersion3">Registering Policies in UDDI Version 3</a><br>7. <a href="#SecurityConsiderations">Security Considerations</a><br>8. <a href="#Conformance">Conformance</a><br> 8.1 <a href="#d3e3965">External Policy Attachment Conformance</a><br> 8.2 <a href="#d3e3977">WSDL 1.1 Attachment Conformance</a><br> 8.3 <a href="#d3e3986">WSDL 2.0 Attachment Conformance</a><br></p>
+<h2><a name="contents">Table of Contents</a></h2><p class="toc">1. <a href="#tocRange">Introduction</a><br>2. <a href="#NotationsTerminology">Notations and Terminology</a><br> 2.1 <a href="#NotationalConventions">Notational Conventions</a><br> 2.2 <a href="#XMLNamespaces">XML Namespaces</a><br> 2.3 <a href="#Glossary">Terminology</a><br> 2.4 <a href="#Example">Example</a><br>3. <a href="#rPolicyAttachment">Policy Attachment</a><br> 3.1 <a href="#rEffectivePolicy">Effective Policy</a><br> 3.2 <a href="#PolicyAttachmentMechanisms">Policy Attachment Mechanisms</a><br> 3.3 <a href="#XMLElementAttachement">XML Element Attachment</a><br> 3.4 <a href="#ExternalPolicyAttachment">External Policy Attachment</a><br> 3.4.1 <a href="#uri-domain-expression">URI Domain Expression</a><br> &bsp; 3.5 <a href="#IRI_Policy_Attachment">Use of IRIs in Policy Attachment</a><br>4. <a href="#AttachingPolicyUsingWSDL1.1">Attaching Policies Using WSDL 1.1</a><br> 4.1 <a href="#CalculatingEffectivyPolicywithWSDL1.1">Calculating Effective Policy in WSDL 1.1</a><br> 4.1.1 <a href="#ServicePolicySubject">Service Policy Subject</a><br> 4.1.2 <a href="#EndpointPolicySubject">Endpoint Policy Subject</a><br> 4.1.3 <a href="#OperationPolicySubject">Operation Policy Subject</a><br> 4.1.4 <a href="#MessagePolicySubject">Message Policy Subject</a><br> 4.1.5 <a href="#Example2">Example</a><br>5. <a href="#ws-policy-attachment-for-wsdl20">WS-Policy Attachment for WSDL 2.0</a><br> 5.1 <a href="#wsdl20-example">Example</a><br> nbsp; 5.2 <a href="#attaching-policy-expressions">Attaching Policy Expressions</a><br> 5.3 <a href="#extension-to-wsdl-component-model">Extension to WSDL Component Model</a><br> 5.4 <a href="#effective-policy">Effective Policy</a><br> 5.4.1 <a href="#service-policy-subject">Service Policy Subject</a><br> 5.4.2 <a href="#endpoint-policy-subject">Endpoint Policy Subject</a><br> 5.4.3 <a href="#operation-policy-subject">Operation Policy Subject</a><br> 5.4.4 <a href="#message-policy-subject-input">Message Policy Subject (input message)</a><br> 5.4.5 <a href="#message-policy-subject-output">Message Policy Subject (output message)</a><br> 5.4.6 <a href="#message-policy-subject-inut-fault">Message Policy Subject (input fault message)</a><br> 5.4.7 <a href="#message-policy-subject-output-fault">Message Policy Subject (output fault message)</a><br>6. <a href="#AttachingPoliciesUsingUDDI">Attaching Policies Using UDDI</a><br> 6.1 <a href="#CalculatingEffectivePolicyElementPolicyUDDI">Calculating Effective Policy and Element Policy in UDDI</a><br> 6.1.1 <a href="#ServiceProviderPolicySubjectUDDI">Service Provider Policy Subject</a><br> 6.1.2 <a href="#ServicePolicySubjectUDDI">Service Policy Subject</a><br> 6.1.3 <a href="#EndpointPolicySubjectUDDI">Endpoint Policy Subject</a><br> 6.2 <a href="#ReferencingRemotePolicyExpressions">Referencing Remote Policy Expressions</a><br> 6.3 <a href="#RegisteringReusablePolicyExpressions">Registerng Reusable Policy Expressions</a><br> 6.4 <a href="#RegisteringPoliciesUDDIVersion3">Registering Policies in UDDI Version 3</a><br>7. <a href="#SecurityConsiderations">Security Considerations</a><br>8. <a href="#Conformance">Conformance</a><br> 8.1 <a href="#d3e3972">External Policy Attachment Conformance</a><br> 8.2 <a href="#d3e3984">WSDL 1.1 Attachment Conformance</a><br> 8.3 <a href="#d3e3993">WSDL 2.0 Attachment Conformance</a><br></p>
<h3><a name="appendix" id="appendix">Appendices</a></h3><p class="toc">A. <a href="#References">References</a><br> A.1 <a href="#Normative-References">Normative References</a><br> A.2 <a href="#Informative-References">Other References</a><br>B. <a href="#AppendixA">UDDI tModel Definitions</a><br> B.1 <a href="#RemotePolicyReferenceCategorySystem">Remote Policy Reference Category System</a><br> B.1.1 <a href="#DesigGoals1">Design Goals</a><br> B.1.2 <a href="#tModelDefinition1">tModel Definition</a><br> B.1.3 <a href="#ModelStructure1">tModel Structure</a><br> B.2 <a href="#WS-PolicyTypesCategorySystem">Web Services Policy Types Category System</a><br> B.2.1 <a href="#DesignGoals2">Design Goals</a><br> &bsp; B.2.2 <a href="#tModelDefinition2">tModel Definition</a><br> B.2.3 <a href="#ModelStructure2">tModel Structure</a><br> B.3 <a href="#LocalPolicyReferenceCategorySystem">Local Policy Reference Category System</a><br> B.3.1 <a href="#DesignGoals3">Design Goals</a><br> B.3.2 <a href="#tModelDefinition3">tModel Definition</a><br> B.3.3 <a href="#ModelStructure3">tModel Structure</a><br>C. <a href="#acknowledgments">Acknowledgements</a> (Non-Normative)<br>D. <a href="#change-description">Changes in this Version of the Document</a> (Non-Normative)<br>E. <a href="#change-log">Web Services Policy 1.5 - Attachment Change Log</a> (Non-Normative)<br></p></div><hr><div class="body"><div class="div1">
<h2><a name="tocRange"></a>1. Introduction</h2><p>
The Web Services Policy 1.5 - Framework [<cite><a href="#WS-Policy">Web Services Policy Framework</a></cite>]
@@ -187,7 +187,7 @@
interpreted as described in RFC 2119 [<cite><a href="#RFC2119">IETF RFC 2119</a></cite>].
</p><p>We introduce the following terms that are used throughout this document:</p><dl><dt class="label">
<a href="#effective_policy">effective policy</a>
- </dt><dd><p>the
+ </dt><dd><p>The
<b>effective policy</b>, for a given <a title="" href="#policy_subject">policy subject</a>, is the
combination of relevant policies. The relevant policies are those
attached to <a title="" href="#policy_scope">policy scopes</a> that
@@ -202,7 +202,7 @@
an assertion that may be ignored for policy intersection (as defined in
<a href="http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-framework.html?content-type=text/html;charset=utf-8#Policy_Intersection">4.5 Policy Intersection</a>).</p></dd><dt class="label">
<a href="#merge">merge</a>
- </dt><dd><p>a <b>merge</b>
+ </dt><dd><p>A <b>merge</b>
consists of serializing each policy as a
<a title="" href="#policy_expression">policy expression</a>, replacing their
<code class="elt">wsp:Policy</code> element with a
@@ -314,12 +314,12 @@
attachments</a>. For example, there may be attachments
at different points in a WSDL description that apply to one policy
subject, and other attachments may be made by UDDI and other
- mechanisms.</p><p>When multiple attachments are made, [<a name="effective_policy" title="effective policy">Definition</a>: the
+ mechanisms.</p><p>When multiple attachments are made, their relevent policies can be combined. [<a name="effective_policy" title="effective policy">Definition</a>: The
<b>effective policy</b>, for a given <a title="" href="#policy_subject">policy subject</a>, is the
combination of relevant policies. The relevant policies are those
attached to <a title="" href="#policy_scope">policy scopes</a> that
contain the <a title="" href="#policy_subject">policy subject</a>.]
-</p><p>This combination can be achieved by: [<a name="merge" title="merge">Definition</a>: a <b>merge</b>
+</p><p>This combination can be achieved through a merge. [<a name="merge" title="merge">Definition</a>: A <b>merge</b>
consists of serializing each policy as a
<a title="" href="#policy_expression">policy expression</a>, replacing their
<code class="elt">wsp:Policy</code> element with a
@@ -1358,8 +1358,7 @@
digitally sign their <a title="" href="#policy_expression">policy expression</a> tModels or <a title="" href="#policy_expression">policy expression</a>
references in UDDI <span class="rfc2119">MUST</span> use the Schema-centric
canonicalization algorithm [<cite><a href="#SCC14N">SCC14N</a></cite>].</p></div></div><div class="div1">
-<h2><a name="SecurityConsiderations"></a>7. Security Considerations</h2><p>It is <span class="rfc2119">RECOMMENDED</span> that <a title="" href="#policy_attachment">policy attachments</a> be
-signed to prevent tampering. This also provides a mechanism for
+<h2><a name="SecurityConsiderations"></a>7. Security Considerations</h2><p>It is <span class="rfc2119">RECOMMENDED</span> that <a title="" href="#policy_attachment">policy attachments</a> be integrity protected to permit the detection of tampering. This can be done using a technology such as XML DSig [<cite><a href="#XML-Signature">XML-Signature</a></cite>], SSL/TLS [<cite><a href="#RFC2246">IETF RFC 3023</a></cite>], or WS-Security 2004 [<cite><a href="#WS-Security">WS-Security 2004</a></cite>]. This also provides a mechanism for
authenticating <a title="" href="#policy_attachment">policy attachments</a> by determining if the signer has the
right to "speak for" the scope of the <a title="" href="#policy_attachment">policy attachment</a>.</p><p>Policies <span class="rfc2119">SHOULD NOT</span> be accepted unless they are
signed and have an associated security token to specify the signer has
@@ -1368,11 +1367,11 @@
Security Considerations section of the Web Services Policy 1.5 - Framework document [<cite><a href="#WS-Policy">Web Services Policy Framework</a></cite>].
</p></div><div class="div1">
<h2><a name="Conformance"></a>8. Conformance</h2><div class="div2">
-<h3><a name="d3e3965"></a>8.1 External Policy Attachment Conformance</h3><p>An element information item whose namespace name is "http://www.w3.org/@@@@/@@/ws-policy" and whose local part is PolicyAttachment conforms to this specification if it is valid according to the XML Schema [<cite><a href="#XMLSchemaPart1">XML Schema Structures</a></cite>] for that element as defined by this specification (<a href="http://www.w3.org/@@@@/@@/ws-policy.xsd">http://www.w3.org/@@@@/@@/ws-policy.xsd</a>) and additionally adheres to all the constraints contained in Section <a href="#ExternalPolicyAttachment"><b>3.4 External Policy Attachment</b></a> of this specification. Such a conformant element information item constitutes an external policy attachment. </p></div><div class="div2">
-<h3><a name="d3e3977"></a>8.2 WSDL 1.1 Attachment Conformance</h3><p>
+<h3><a name="d3e3972"></a>8.1 External Policy Attachment Conformance</h3><p>An element information item whose namespace name is "http://www.w3.org/@@@@/@@/ws-policy" and whose local part is PolicyAttachment conforms to this specification if it is valid according to the XML Schema [<cite><a href="#XMLSchemaPart1">XML Schema Structures</a></cite>] for that element as defined by this specification (<a href="http://www.w3.org/@@@@/@@/ws-policy.xsd">http://www.w3.org/@@@@/@@/ws-policy.xsd</a>) and additionally adheres to all the constraints contained in Section <a href="#ExternalPolicyAttachment"><b>3.4 External Policy Attachment</b></a> of this specification. Such a conformant element information item constitutes an external policy attachment. </p></div><div class="div2">
+<h3><a name="d3e3984"></a>8.2 WSDL 1.1 Attachment Conformance</h3><p>
A WSDL 1.1 [<cite><a href="#WSDL11">WSDL 1.1</a></cite>] description conforms to this specification when it incorporates one or more element policies and additionally adheres to all the constraints contained in section <a href="#AttachingPolicyUsingWSDL1.1"><b>4. Attaching Policies Using WSDL 1.1</b></a>
</p></div><div class="div2">
-<h3><a name="d3e3986"></a>8.3 WSDL 2.0 Attachment Conformance</h3><p>
+<h3><a name="d3e3993"></a>8.3 WSDL 2.0 Attachment Conformance</h3><p>
A WSDL 2.0 [<cite><a href="#WSDL20">WSDL 2.0 Core Language</a></cite>] description conforms to this specification when it incorporates one or more element policies and additionally adheres to all the constraints contained in section <a href="#ws-policy-attachment-for-wsdl20"><b>5. WS-Policy Attachment for WSDL 2.0</b></a>
</p></div></div></div><div class="back"><div class="div1">
<h2><a name="References"></a>A. References</h2><div class="div2">
@@ -1504,7 +1503,9 @@
Schema Part 1</a> is available at
http://www.w3.org/TR/xmlschema-1.
</dd></dl></div><div class="div2">
-<h3><a name="Informative-References"></a>A.2 Other References</h3><dl><dt class="label"><a name="MTOM"></a>[MTOM] </dt><dd>
+<h3><a name="Informative-References"></a>A.2 Other References</h3><dl><dt class="label"><a name="RFC2246"></a>[IETF RFC 3023] </dt><dd>IETF
+ "RFC 2246: The TLS Protocol", T. Dierks, C. Allen, January
+ 1999. (See <cite><a href="http://www.ietf.org/rfc/rfc2246.txt">http://www.ietf.org/rfc/rfc2246.txt</a></cite>.)</dd><dt class="label"><a name="MTOM"></a>[MTOM] </dt><dd>
<cite><a href="http://www.w3.org/TR/2005/REC-soap12-mtom-20050125/">SOAP Message Transmission Optimization Mechanism</a></cite>, M. Gudgin, N.
Mendelsohn, M. Nottingham and H. Ruellan, Editors. World Wide Web Consortium, 25 January
2005. This version of the SOAP Message Transmission Optimization Mechanism Recommendation
@@ -1806,4 +1807,7 @@
issue <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4039">4039</a>)
to section <a href="#IRI_Policy_Attachment"><b>3.5 Use of IRIs in Policy Attachment</b></a>.
</td></tr><tr><td rowspan="1" colspan="1">20070108</td><td rowspan="1" colspan="1">ASV</td><td rowspan="1" colspan="1">Reset Section <a href="#change-description"><b>D. Changes in this Version of the Document</b></a>.
- </td></tr></tbody></table><br></div></div></body></html>
\ No newline at end of file
+ </td></tr><tr><td rowspan="1" colspan="1">20070116</td><td rowspan="1" colspan="1">DBO</td><td rowspan="1" colspan="1">Completed action item:
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/116">116</a> and
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/124">124</a>
+ Resolution for issue <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4211">4211</a></td></tr></tbody></table><br></div></div></body></html>
\ No newline at end of file
Received on Tuesday, 16 January 2007 22:09:55 UTC