- From: Frederick Hirsch via cvs-syncmail <cvsmail@w3.org>
- Date: Fri, 13 Jul 2007 20:06:01 +0000
- To: public-ws-policy-eds@w3.org
Update of /sources/public/2006/ws/policy
In directory hutz:/tmp/cvs-serv32614
Modified Files:
ws-policy-guidelines.html ws-policy-guidelines.xml
Log Message:
Restructured and updated 5.8 Interrelated domains to use Architecture of WWW format and add example, according to Editors' action 309. Updated the WSDL 20 reference [WSDL 2.0 Core Language] and WS-SecurityPolicy reference [WS-SecurityPolicy] for issue 4831. Editors' action 326
Removed one lone sug-heading for example, making document consistent.
Index: ws-policy-guidelines.html
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-guidelines.html,v
retrieving revision 1.78
retrieving revision 1.79
diff -u -d -r1.78 -r1.79
--- ws-policy-guidelines.html 19 Jun 2007 06:47:47 -0000 1.78
+++ ws-policy-guidelines.html 13 Jul 2007 20:05:58 -0000 1.79
@@ -141,7 +141,6 @@
5.6 <a href="#optional-policy-assertion">Designating Optional Behaviors</a><br>
5.6.1 <a href="#d3e783">Optional behavior in Compact authoring</a><br>
5.6.2 <a href="#d3e823">Optional behavior at runtime</a><br>
- 5.6.2.1 <a href="#d3e868">Example</a><br>
5.7 <a href="#levels-of-abstraction">Considerations for Policy Attachment in WSDL </a><br>
5.8 <a href="#interrelated-domains">Interrelated domains</a><br>
6. <a href="#versioning-policy-assertions">Versioning Policy Assertions</a><br>
@@ -924,8 +923,7 @@
Framework).
</p><div class="boxedtext"><p><a name="bp-indicate-optional-assertion-use" id="bp-indicate-optional-assertion-use"></a><span class="practicelab">Best
Practice 20: Indicate use of an Optional Assertion</span></p><p class="practice">When a given behavior may be optional, it must be possible for both message participants to determine that the assertion is selected by both parties,
- either out of band or as reflected by the message content.</p></div><div class="div4">
-<h5><a name="d3e868" id="d3e868"></a>5.6.2.1 Example</h5><p>
+ either out of band or as reflected by the message content.</p></div><p>
The <cite><a href="#WS-Policy-Primer">Web Services Policy Primer</a></cite> document contains an example that outlines the
use of
<cite><a href="#MTOM">MTOM</a></cite> as an optional behavior that can be engaged by a consumer.
@@ -950,7 +948,7 @@
optional assertion where it may not be clear whether it is to apply in a message
exchange when optionally used in part of that exchange
(<a href="#bp-entire-mep-for-optional">Best Practice: Consider entire message exchange pattern when specifying Assertions that may be optional</a>).
- </p></div></div></div><div class="div2">
+ </p></div></div><div class="div2">
<h3><a name="levels-of-abstraction" id="levels-of-abstraction"></a>5.7 Considerations for Policy Attachment in WSDL </h3><p>A behavior identified by a policy assertion applies to the
associated policy subject. If a policy assertion is to be used
within WSDL, Assertion Authors should specify a WSDL
@@ -1053,20 +1051,26 @@
when there are multiple instances of a policy assertion type in the same
policy alternative.
</p></div></div><div class="div2">
-<h3><a name="interrelated-domains" id="interrelated-domains"></a>5.8 Interrelated domains</h3><table border="1" summary="Editorial note"><tr><td align="left" valign="top" width="50%"><b>Editorial note</b></td><td align="right" valign="top" width="50%"> </td></tr><tr><td colspan="2" align="left" valign="top">To be re-structured to use the format in the Architecture of the WWW doc.</td></tr></table><p>Assertion Authors need to be clear about how assertions defined in
- their domain may fit with assertions for interrelated domains. A
- classic example of such an interrelated domain is security, because
- security tends to
- cut across all aspects of a solution.</p><p> One example is the definition
- of additional assertions
- related to the interrelated security domain [<cite><a href="#WS-SecurityPolicy">WS-SecurityPolicy</a></cite>] in
- Web Services Reliable Messaging Policy
- Assertions [<cite><a href="#WS-RM-Policy">Web Services Reliable Messaging Policy</a></cite>]. </p><p>Assertion Authors should not duplicate existing
+<h3><a name="interrelated-domains" id="interrelated-domains"></a>5.8 Interrelated domains</h3><p>Assertion Authors need to be clear about how assertions defined in
+ their domain may fit with assertions for interrelated domains. Assertion Authors should not duplicate existing
assertions and should also make sure that when adding assertions those new assertions are consistent
with pre-existing assertions of any
interrelated domain. </p><div class="boxedtext"><p><a name="bp-specify-composition" id="bp-specify-composition"></a><span class="practicelab">Best
Practice 26: Specify Composition with Related Assertions</span></p><p class="practice">Assertion authors should clearly specify how an assertion
- may compose with other related assertions, if any.</p></div></div></div><div class="div1">
+ may compose with other related assertions, if any.</p></div><p> A
+ classic example of such an interrelated domain is security, because
+ security tends to
+ cut across all aspects of a solution.
+ Web Services Reliable Messaging Policy
+ Assertions [<cite><a href="#WS-RM-Policy">Web Services Reliable Messaging Policy</a></cite>] defines
+ additional assertions
+ related to [<cite><a href="#WS-SecurityPolicy">WS-SecurityPolicy</a></cite>], an interrelated security domain. One such additional assertion
+ specifies the use of transport security to protect a message sequence, for example.</p><div class="exampleOuter">
+<p style="text-align: left" class="exampleHead"><i><span>Example 5-10. </span>Reliable Message Sequence Security</i></p><div class="exampleInner"><pre><wsrmp:SequenceTransportSecurity [wsp:Optional="true"]? ... /></pre></div></div><p>The Reliable Message Policy specification states
+ "This assertion is effectively meaningless unless it occurs in conjunction with the
+ RMAssertion and a sp:TransportBinding assertion that requires the use of some transport-level
+ security mechanism (e.g. sp:HttpsToken).".
+ </p></div></div><div class="div1">
<h2><a name="versioning-policy-assertions" id="versioning-policy-assertions"></a>6. Versioning Policy Assertions</h2><p>Assertion Authors need to consider not just the expression of the current set of requirements but
how they anticipate new assertions being added to the set. There are three aspects to versioning policy assetions:</p><ul><li><p> Assertion Extensibility </p></li><li><p> Policy Language Extensibility </p><p>Over time, the Policy WG or third parties can version or extend the Policy Language with new
or modified constructs. These constructs may be compatible or incompatible with previous versions.
@@ -1421,14 +1425,13 @@
<cite><a href="http://www.w3.org/TR/2001/NOTE-wsdl-20010315">Web Services Description Language (WSDL) 1.1</a></cite>, E. Christensen, et al,
Authors. World Wide Web Consortium, March 2001. Available at
http://www.w3.org/TR/2001/NOTE-wsdl-20010315. </dd><dt class="label"><a name="WSDL20"></a>[WSDL 2.0 Core Language] </dt><dd>
- <cite><a href="http://www.w3.org/TR/2006/CR-wsdl20-20060327/">Web Services Description Language (WSDL) Version
- 2.0 Part 1: Core Language</a></cite>, R. Chinnici,
- J. J. Moreau, A. Ryman, S. Weerawarana, Editors. World Wide
- Web Consortium, 27 March 2006. This version of the WSDL 2.0
- specification is
- http://www.w3.org/TR/2006/CR-wsdl20-20060327. The <a href="http://www.w3.org/TR/wsdl20/">latest version of WSDL
- 2.0</a> is available at http://www.w3.org/TR/wsdl20.
- </dd><dt class="label"><a name="WS-Policy"></a>[Web Services Policy Framework] </dt><dd>
+ <cite><a href="http://www.w3.org/TR/2006/CR-wsdl20-20060327/">Web Services Description Language (WSDL) Version 2.0 Part 1: Core
+ Language</a></cite>,
+ R. Chinnici, J. J. Moreau, A. Ryman, S.
+ Weerawarana, Editors. World Wide Web Consortium, 26 June 2007. This version
+ of the WSDL 2.0 specification is
+ http://www.w3.org/TR/2007/REC-wsdl20-20070626/. The <a href="http://www.w3.org/TR/wsdl20/">latest version of WSDL 2.0</a> is
+ available at http://www.w3.org/TR/wsdl20/. </dd><dt class="label"><a name="WS-Policy"></a>[Web Services Policy Framework] </dt><dd>
<cite><a href="http://www.w3.org/TR/ws-policy/">Web Services Policy 1.5 - Framework</a></cite>, A. S. Vedamuthu, D. Orchard, F. Hirsch, M. Hondo, P. Yendluri, T. Boubez and Ü. Yalçinalp, Editors. World Wide Web Consortium, @@,
@@@@ @@@@. This version of the
Web Services Policy 1.5 - Framework specification is at http://www.w3.org/TR/ws-policy/.
@@ -1457,10 +1460,11 @@
R. Monzillo, Editors. Organization for the Advancement of
Structured Information Standards, March 2004. Available at
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. </dd><dt class="label"><a name="WS-SecurityPolicy"></a>[WS-SecurityPolicy] </dt><dd>
- <cite><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">WS-SecurityPolicy v1.0</a></cite>, A. Nadalin,
- M. Gudgin, A. Barbir, and H. Granqvist,
- Editors. Organization for the Advancement of Structured
- Information Standards, 8 December 2005. Available at
+ <cite><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf">WS-SecurityPolicy v1.2</a></cite>, A. Nadalin, M. Goodner, M. Gudgin, A.
+ Barbir, and H. Granqvist, Editors. Organization for the Advancement of
+ Structured Information Standards, 1 July 2007. Available at
+ http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf.
+ Namespace document available at
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702. </dd><dt class="label"><a name="WS-Trust"></a>[WS-Trust] </dt><dd>
<cite><a href="http://schemas.xmlsoap.org/ws/2005/02/trust">Web Services Trust Language (WS-Trust)</a></cite>,
S. Anderson, et al, Authors. Actional Corporation, BEA
@@ -1726,4 +1730,11 @@
<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/295">295</a>.
</td></tr><tr><td rowspan="1" colspan="1">200706018</td><td rowspan="1" colspan="1">TIB</td><td rowspan="1" colspan="1">Implemented place holder for Editors' action
<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/249">249</a> for locking the document.
+ </td></tr><tr><td rowspan="1" colspan="1">20070713</td><td rowspan="1" colspan="1">FJH</td><td rowspan="1" colspan="1">Restructured and updated <a href="#interrelated-domains"><b>5.8 Interrelated domains</b></a>
+ to use Architecture of WWW format and add example, according to
+ Editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/309">309</a>.
+ Updated the WSDL 20 reference [<cite><a href="#WSDL20">WSDL 2.0 Core Language</a></cite>] and WS-SecurityPolicy reference [<cite><a href="#WS-SecurityPolicy">WS-SecurityPolicy</a></cite>]
+ for issue <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4831">4831</a>.
+ Editors' action <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/326">326</a>
</td></tr></tbody></table><br></div></div></body></html>
\ No newline at end of file
Index: ws-policy-guidelines.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-guidelines.xml,v
retrieving revision 1.93
retrieving revision 1.94
diff -u -d -r1.93 -r1.94
--- ws-policy-guidelines.xml 19 Jun 2007 06:47:47 -0000 1.93
+++ ws-policy-guidelines.xml 13 Jul 2007 20:05:58 -0000 1.94
@@ -1189,8 +1189,6 @@
<quote>When a given behavior may be optional, it must be possible for both message participants to determine that the assertion is selected by both parties,
either out of band or as reflected by the message content.</quote>
</p>
- <div4>
- <head>Example</head>
<p>
The <bibref ref="WS-Policy-Primer"/> document contains an example that outlines the
use of
@@ -1217,7 +1215,6 @@
exchange when optionally used in part of that exchange
(<loc href="#bp-entire-mep-for-optional">Best Practice: Consider entire message exchange pattern when specifying Assertions that may be optional</loc>).
</p>
- </div4>
</div3>
</div2>
@@ -1386,21 +1383,9 @@
</div2>
<div2 id="interrelated-domains">
- <head>Interrelated domains</head>
- <ednote>
- <edtext>To be re-structured to use the format in the Architecture of the WWW doc.</edtext>
- </ednote>
+ <head>Interrelated domains</head>
<p>Assertion Authors need to be clear about how assertions defined in
- their domain may fit with assertions for interrelated domains. A
- classic example of such an interrelated domain is security, because
- security tends to
- cut across all aspects of a solution.</p>
- <p> One example is the definition
- of additional assertions
- related to the interrelated security domain [<bibref ref="WS-SecurityPolicy"/>] in
- Web Services Reliable Messaging Policy
- Assertions [<bibref ref="WS-RM-Policy"/>]. </p>
- <p>Assertion Authors should not duplicate existing
+ their domain may fit with assertions for interrelated domains. Assertion Authors should not duplicate existing
assertions and should also make sure that when adding assertions those new assertions are consistent
with pre-existing assertions of any
interrelated domain. </p>
@@ -1409,6 +1394,24 @@
<quote>Assertion authors should clearly specify how an assertion
may compose with other related assertions, if any.</quote>
</p>
+ <p> A
+ classic example of such an interrelated domain is security, because
+ security tends to
+ cut across all aspects of a solution.
+ Web Services Reliable Messaging Policy
+ Assertions [<bibref ref="WS-RM-Policy"/>] defines
+ additional assertions
+ related to [<bibref ref="WS-SecurityPolicy"/>], an interrelated security domain. One such additional assertion
+ specifies the use of transport security to protect a message sequence, for example.</p>
+ <example>
+ <head>Reliable Message Sequence Security</head>
+ <eg xml:space="preserve"><wsrmp:SequenceTransportSecurity [wsp:Optional="true"]? ... /></eg>
+ </example>
+ <p>The Reliable Message Policy specification states
+ <quote>This assertion is effectively meaningless unless it occurs in conjunction with the
+ RMAssertion and a sp:TransportBinding assertion that requires the use of some transport-level
+ security mechanism (e.g. sp:HttpsToken).</quote>.
+ </p>
</div2>
</div1>
<div1 id="versioning-policy-assertions">
@@ -1961,17 +1964,16 @@
<titleref>Web Services Description Language (WSDL) 1.1</titleref>, E. Christensen, et al,
Authors. World Wide Web Consortium, March 2001. Available at
http://www.w3.org/TR/2001/NOTE-wsdl-20010315. </bibl>
-
- <bibl key="WSDL 2.0 Core Language" id="WSDL20" href="http://www.w3.org/TR/2006/CR-wsdl20-20060327/">
- <titleref>Web Services Description Language (WSDL) Version
- 2.0 Part 1: Core Language</titleref>, R. Chinnici,
- J. J. Moreau, A. Ryman, S. Weerawarana, Editors. World Wide
- Web Consortium, 27 March 2006. This version of the WSDL 2.0
- specification is
- http://www.w3.org/TR/2006/CR-wsdl20-20060327. The <loc
- href="http://www.w3.org/TR/wsdl20/">latest version of WSDL
- 2.0</loc> is available at http://www.w3.org/TR/wsdl20.
- </bibl>
+ <bibl key="WSDL 2.0 Core Language" id="WSDL20"
+ href="http://www.w3.org/TR/2006/CR-wsdl20-20060327/">
+ <titleref>Web Services Description Language (WSDL) Version 2.0 Part 1: Core
+ Language</titleref>,
+ R. Chinnici, J. J. Moreau, A. Ryman, S.
+ Weerawarana, Editors. World Wide Web Consortium, 26 June 2007. This version
+ of the WSDL 2.0 specification is
+ http://www.w3.org/TR/2007/REC-wsdl20-20070626/. The <loc
+ href="http://www.w3.org/TR/wsdl20/">latest version of WSDL 2.0</loc> is
+ available at http://www.w3.org/TR/wsdl20/. </bibl>
<bibl id="WS-Policy" key="Web Services Policy Framework"
href="http://www.w3.org/TR/ws-policy/">
@@ -2008,11 +2010,13 @@
R. Monzillo, Editors. Organization for the Advancement of
Structured Information Standards, March 2004. Available at
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. </bibl>
- <bibl id="WS-SecurityPolicy" key="WS-SecurityPolicy" href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
- <titleref>WS-SecurityPolicy v1.0</titleref>, A. Nadalin,
- M. Gudgin, A. Barbir, and H. Granqvist,
- Editors. Organization for the Advancement of Structured
- Information Standards, 8 December 2005. Available at
+ <bibl id="WS-SecurityPolicy" key="WS-SecurityPolicy"
+ href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf">
+ <titleref>WS-SecurityPolicy v1.2</titleref>, A. Nadalin, M. Goodner, M. Gudgin, A.
+ Barbir, and H. Granqvist, Editors. Organization for the Advancement of
+ Structured Information Standards, 1 July 2007. Available at
+ http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf.
+ Namespace document available at
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702. </bibl>
<bibl id="WS-Trust" key="WS-Trust" href="http://schemas.xmlsoap.org/ws/2005/02/trust">
<titleref>Web Services Trust Language (WS-Trust)</titleref>,
@@ -2706,7 +2710,19 @@
<td>Implemented place holder for Editors' action
<loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/249">249</loc> for locking the document.
</td>
- </tr>
+ </tr>
+ <tr>
+ <td>20070713</td>
+ <td>FJH</td>
+ <td>Restructured and updated <specref ref="interrelated-domains" />
+ to use Architecture of WWW format and add example, according to
+ Editors' action
+ <loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/309">309</loc>.
+ Updated the WSDL 20 reference [<bibref ref="WSDL20"/>] and WS-SecurityPolicy reference [<bibref ref="WS-SecurityPolicy"/>]
+ for issue <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4831">4831</loc>.
+ Editors' action <loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/326">326</loc>
+ </td>
+ </tr>
</tbody>
</table>
</inform-div1>
Received on Friday, 13 July 2007 20:06:06 UTC