- From: Asir Vedamuthu via cvs-syncmail <cvsmail@w3.org>
- Date: Wed, 30 May 2007 05:03:17 +0000
- To: public-ws-policy-eds@w3.org
Update of /sources/public/2006/ws/policy
In directory hutz:/tmp/cvs-serv10996
Modified Files:
ws-policy-framework.xml ws-policy-framework.html
Log Message:
Implemented the resolution for issue 4577. Editors' action 274.
Implemented the resolution for issue 4579. Editors' action 312.
Index: ws-policy-framework.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-framework.xml,v
retrieving revision 1.140
retrieving revision 1.141
diff -u -d -r1.140 -r1.141
--- ws-policy-framework.xml 29 May 2007 22:19:00 -0000 1.140
+++ ws-policy-framework.xml 30 May 2007 05:03:14 -0000 1.141
@@ -270,6 +270,15 @@
<code>wsp</code>
</td>
<td>
+ <code>http://www.w3.org/2007/05/addressing/metadata</code>
+ </td>
+ <td>[<bibref ref="WS-AddressingMetadata"/>]</td>
+ </tr>
+ <tr>
+ <td>
+ <code>wsp</code>
+ </td>
+ <td>
<code>&nsuri;</code>
</td>
<td>This specification</td>
@@ -397,9 +406,14 @@
ref="rPolicy_Expression"/>) as one of its <emph role="infoset-property"
>children</emph>. <termref def="nested_policy_expression">Nested policy
expression(s)</termref> are used by authors to further qualify one or more
- specific aspects of the original assertion. For example, security policy authors
+ specific aspects of the parent policy assertion. The qualification may indicate
+ a relationship or context between the parent policy assertion and
+ a nested policy expression. For example within a security domain, security policy
+ authors
may define an assertion describing a set of security algorithms to qualify the
- specific behavior of a security binding assertion. </p>
+ specific behavior of a security binding assertion. A parent policy assertion
+ of one domain may also serve as a container for the nested policy expression
+ from another domain.</p>
<p>The XML Infoset of a <termref def="policy_assertion">policy assertion</termref>
<rfc2119>MAY</rfc2119> contain a non-empty <emph role="infoset-property"
@@ -450,7 +464,8 @@
assertions (and their Post-Schema-Validation Infoset (PSVI) (See XML Schema Part
1 [<bibref ref="XMLSchemaPart1"/>]) content, if any) are specific to the
assertion type and are outside the scope of this document.</p>
- <p>Note: Depending on the semantics of the domain specific policy assertions a
+ <p>Note: Depending on the semantics of the domain specific policy assertions
+ regardless if they are qualified by nested policy expressions, a
combination of the policy assertions can be required to specify a particular
behavior. For example, a combination of two or three assertions from the
WS-SecurityPolicy [<bibref ref="WS-SecurityPolicy"/>] specification is used to indicate message-level
@@ -853,7 +868,7 @@
expression), the assertion <rfc2119>MUST</rfc2119> include an
empty <code><wsp:Policy/></code> Element
Information Item in its <emph role="infoset-property"
- >children</emph> property; as explained in Section <specref
+ >children</emph> property. As explained in Section <specref
ref="Policy_Operators"/>, this is equivalent to a nested
policy expression with a single alternative that has zero
assertions.</p>
@@ -1870,6 +1885,57 @@
the <el>sp:SignedParts</el> assertion. To leverage intersection, assertion
authors are encouraged to factor assertions such that two assertions of the same
assertion type are always (or at least typically) compatible.</p>
+ <p>As another example of intersection of WS-Addressing assertions that utilize the framework intersection algorithm, consider two input policies:</p>
+
+<eg xml:space="preserve" role="needs-numbering"><wsp:Policy
+ xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" >
+ <wsp:ExactlyOne>
+ <wsp:All> <!-- Alternative A5 -->
+ <wsam:Addressing>
+ <wsp:Policy/>
+ </wsam:Addressing>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy></eg>
+
+ <p>Lines (04)-(06) in the above policy expression contain an addressing
+ policy assertion with the empty <code><wsp:Policy/></code> in line (05).
+ The empty <code><wsp:Policy/></code> is a nested policy expression with an
+ alternative that has zero assertions. In the example above, the addressing
+ assertion indicates the use of addressing without any restriction.</p>
+
+<eg xml:space="preserve" role="needs-numbering"><wsp:Policy
+ xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" >
+ <wsp:ExactlyOne>
+ <wsp:All> <!-- Alternative A6 -->
+ <wsam:Addressing>
+ <wsp:Policy>
+ <wsam:AnonymousResponses/>
+ </wsp:Policy>
+ </wsam:Addressing>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy></eg>
+
+ <p>Lines (04)-(08) in the above policy expression contain an addressing
+ policy assertion with a nested policy expression in lines (05)-(06).
+ The nested policy expression indicates that the provider requires request
+ messages to use response endpoint EPRs that contain the anonymous URI.
+ The nested policy expression contains an alternative that has one
+ assertion, <code>wsam:AnonymousResponses</code>.</p>
+
+ <p>The two assertions in alternatives A5 and A6 have the same assertion type
+ and have nested policy expressions. The nested policy expression within
+ the addressing assertion in the alternative A5 contains an alternative
+ that has zero assertions. The nested policy expression within the
+ addressing assertion in the alternative A6 contains an alternative
+ that has one assertion. The nested policy expressions within these
+ two assertions are incompatible because the alternative in one is
+ incompatible with the alternative in the other.</p>
+
+ <p>Therefore, the two assertions are incompatible and hence the two alternatives are incompatible.</p>
</div2>
<div2 id="IRI_Policy_Expressions">
<head>Use of IRIs in Policy Expressions</head>
@@ -2314,6 +2380,14 @@
http://uddi.org/pubs/uddi-v3.0.1-20031014.htm. The <loc
href="http://uddi.org/pubs/uddi_v3.htm">latest version of the UDDI
3.0</loc> specification is available at http://uddi.org/pubs/uddi_v3.htm. </bibl>
+ <bibl key="WS-Addressing Metadata" id="WS-AddressingMetadata"
+ href="http://www.w3.org/TR/2007/WD-ws-addr-metadata-20070516/">
+ <titleref>Web Services Addressing 1.0 - Metadata</titleref>, M. Gudgin, M. Hadley, T.
+ Rogers and Ü. Yalçinalp, Editors. World Wide Web Consortium, 16 May 2007. This version of
+ the Web Services Addressing 1.0 - Metadata is
+ http://www.w3.org/TR/2007/WD-ws-addr-metadata-20070516/. The <loc
+ href="http://www.w3.org/TR/ws-addr-metadata">latest version of Web Services Addressing 1.0 -
+ Metadata</loc> is available at http://www.w3.org/TR/ws-addr-metadata. </bibl>
<bibl id="WS-SecurityPolicy" key="WS-SecurityPolicy"
href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<titleref>WS-SecurityPolicy v1.0</titleref>, A. Nadalin, M. Gudgin, A.
@@ -2370,8 +2444,8 @@
<ulist>
<item>
<p>Editorial changes to align with the OASIS WS-SecurityPolicy specification.</p>
- <p>Updated meaning of intersection result and removed vocabulary terms, bug 4554</p>
</item>
+ <item><p>Clarified the meaning of a policy intersection result.</p></item>
</ulist>
</inform-div1>
<inform-div1 id="change-log">
@@ -3231,6 +3305,24 @@
Editors' action <loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/280">280</loc>.
</td>
</tr>
+ <tr>
+ <td>20070529</td>
+ <td>ASV</td>
+ <td>Implemented the <loc href="http://lists.w3.org/Archives/Public/public-ws-policy/2007May/0210.html">resolution</loc>
+ for issue <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4577">4577</loc>.
+ Editors' action
+ <loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/274">274</loc>.
+ </td>
+ </tr>
+ <tr>
+ <td>20070529</td>
+ <td>ASV</td>
+ <td>Implemented the <loc href="http://lists.w3.org/Archives/Public/public-ws-policy/2007May/att-0274/ws-policyframework-context-draft-mm1-051507-1.htm__charset_UTF-8">resolution</loc>
+ for issue <loc href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4579">4579</loc>.
+ Editors' action
+ <loc href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/312">312</loc>.
+ </td>
+ </tr>
</tbody>
</table>
</inform-div1>
Index: ws-policy-framework.html
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-framework.html,v
retrieving revision 1.115
retrieving revision 1.116
diff -u -d -r1.115 -r1.116
--- ws-policy-framework.html 29 May 2007 22:19:00 -0000 1.115
+++ ws-policy-framework.html 30 May 2007 05:03:14 -0000 1.116
@@ -238,6 +238,10 @@
</td><td rowspan="1" colspan="1">[<cite><a href="#WS-SecurityPolicy">WS-SecurityPolicy</a></cite>]</td></tr><tr><td rowspan="1" colspan="1">
<code>wsp</code>
</td><td rowspan="1" colspan="1">
+ <code>http://www.w3.org/2007/05/addressing/metadata</code>
+ </td><td rowspan="1" colspan="1">[<cite><a href="#WS-AddressingMetadata">WS-Addressing Metadata</a></cite>]</td></tr><tr><td rowspan="1" colspan="1">
+ <code>wsp</code>
+ </td><td rowspan="1" colspan="1">
<code>http://www.w3.org/ns/ws-policy</code>
</td><td rowspan="1" colspan="1">This specification</td></tr><tr><td rowspan="1" colspan="1">
<code>wsu</code>
@@ -347,9 +351,14 @@
interpreted independent of their <a title="policy subject" href="#policy_subject">policy
subjects</a>.</p><p>Authors <span class="rfc2119">MAY</span> define that an assertion contains a <a title="policy expression" href="#policy_expression">policy expression</a> (as defined in <a href="#rPolicy_Expression"><b>4. Policy Expression</b></a>) as one of its <strong>[children]</strong>. <a title="nested policy expression" href="#nested_policy_expression">Nested policy
expression(s)</a> are used by authors to further qualify one or more
- specific aspects of the original assertion. For example, security policy authors
+ specific aspects of the parent policy assertion. The qualification may indicate
+ a relationship or context between the parent policy assertion and
+ a nested policy expression. For example within a security domain, security policy
+ authors
may define an assertion describing a set of security algorithms to qualify the
- specific behavior of a security binding assertion. </p><p>The XML Infoset of a <a title="policy assertion" href="#policy_assertion">policy assertion</a>
+ specific behavior of a security binding assertion. A parent policy assertion
+ of one domain may also serve as a container for the nested policy expression
+ from another domain.</p><p>The XML Infoset of a <a title="policy assertion" href="#policy_assertion">policy assertion</a>
<span class="rfc2119">MAY</span> contain a non-empty <strong>[attributes]</strong> property and/or a non-empty <strong>[children]</strong> property. Such properties, excluding the Attribute and
Element Information Items from the WS-Policy language XML namespace name are
<a title="policy assertion parameter" href="#policy_assertion_parameter">policy assertion
@@ -380,7 +389,8 @@
same type. Mechanisms for determining the aggregate behavior indicated by the
assertions (and their Post-Schema-Validation Infoset (PSVI) (See XML Schema Part
1 [<cite><a href="#XMLSchemaPart1">XML Schema Structures</a></cite>]) content, if any) are specific to the
- assertion type and are outside the scope of this document.</p><p>Note: Depending on the semantics of the domain specific policy assertions a
+ assertion type and are outside the scope of this document.</p><p>Note: Depending on the semantics of the domain specific policy assertions
+ regardless if they are qualified by nested policy expressions, a
combination of the policy assertions can be required to specify a particular
behavior. For example, a combination of two or three assertions from the
WS-SecurityPolicy [<cite><a href="#WS-SecurityPolicy">WS-SecurityPolicy</a></cite>] specification is used to indicate message-level
@@ -610,7 +620,7 @@
(i.e., no assertions are needed in the nested policy
expression), the assertion <span class="rfc2119">MUST</span> include an
empty <code><wsp:Policy/></code> Element
- Information Item in its <strong>[children]</strong> property; as explained in Section <a href="#Policy_Operators"><b>4.3.3 Policy Operators</b></a>, this is equivalent to a nested
+ Information Item in its <strong>[children]</strong> property. As explained in Section <a href="#Policy_Operators"><b>4.3.3 Policy Operators</b></a>, this is equivalent to a nested
policy expression with a single alternative that has zero
assertions.</p><p>Note: This specification does not define processing for arbitrary
<code>wsp:Policy</code> Element Information Items in the
@@ -1189,7 +1199,45 @@
these two assertions are compatible depends on the domain-specific semantics of
the <code>sp:SignedParts</code> assertion. To leverage intersection, assertion
authors are encouraged to factor assertions such that two assertions of the same
- assertion type are always (or at least typically) compatible.</p></div><div class="div2">
+ assertion type are always (or at least typically) compatible.</p><p>As another example of intersection of WS-Addressing assertions that utilize the framework intersection algorithm, consider two input policies:</p><div class="exampleInner"><pre>(01) <wsp:Policy
+ xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" >
+(02) <wsp:ExactlyOne>
+(03) <wsp:All> <!-- Alternative A5 -->
+(04) <wsam:Addressing>
+(05) <wsp:Policy/>
+(06) </wsam:Addressing>
+(07) </wsp:All>
+(08) </wsp:ExactlyOne>
+(09) </wsp:Policy></pre></div><p>Lines (04)-(06) in the above policy expression contain an addressing
+ policy assertion with the empty <code><wsp:Policy/></code> in line (05).
+ The empty <code><wsp:Policy/></code> is a nested policy expression with an
+ alternative that has zero assertions. In the example above, the addressing
+ assertion indicates the use of addressing without any restriction.</p><div class="exampleInner"><pre>(01) <wsp:Policy
+ xmlns:wsp="http://www.w3.org/ns/ws-policy"
+ xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" >
+(02) <wsp:ExactlyOne>
+(03) <wsp:All> <!-- Alternative A6 -->
+(04) <wsam:Addressing>
+(05) <wsp:Policy>
+(06) <wsam:AnonymousResponses/>
+(07) </wsp:Policy>
+(08) </wsam:Addressing>
+(09) </wsp:All>
+(10) </wsp:ExactlyOne>
+(11) </wsp:Policy></pre></div><p>Lines (04)-(08) in the above policy expression contain an addressing
+ policy assertion with a nested policy expression in lines (05)-(06).
+ The nested policy expression indicates that the provider requires request
+ messages to use response endpoint EPRs that contain the anonymous URI.
+ The nested policy expression contains an alternative that has one
+ assertion, <code>wsam:AnonymousResponses</code>.</p><p>The two assertions in alternatives A5 and A6 have the same assertion type
+ and have nested policy expressions. The nested policy expression within
+ the addressing assertion in the alternative A5 contains an alternative
+ that has zero assertions. The nested policy expression within the
+ addressing assertion in the alternative A6 contains an alternative
+ that has one assertion. The nested policy expressions within these
+ two assertions are incompatible because the alternative in one is
+ incompatible with the alternative in the other.</p><p>Therefore, the two assertions are incompatible and hence the two alternatives are incompatible.</p></div><div class="div2">
<h3><a name="IRI_Policy_Expressions" id="IRI_Policy_Expressions"></a>4.6 Use of IRIs in Policy Expressions</h3><p>Policy expressions use IRIs for some identifiers. This document does not define a
base URI but relies on the mechanisms defined in XML Base [<cite><a href="#XMLBASE">XML BASE</a></cite>] and RFCs 3023 [<cite><a href="#RFC3023">IETF RFC 3023</a></cite>], 3986 [<cite><a href="#RFC3986">IETF RFC 3986</a></cite>] and
3987 [<cite><a href="#RFC3987">IETF RFC 3987</a></cite>] for establishing a base URI against which
@@ -1368,7 +1416,6 @@
and A. Malhotra, Editors. World Wide Web Consortium, 2 May 2001, revised 28
October 2004. This version of the XML Schema Part 2 Recommendation is
http://www.w3.org/TR/2004/REC-xmlschema-2-20041028. The <a href="http://www.w3.org/TR/xmlschema-2/">latest version of XML Schema
-
Part 2</a> is available at http://www.w3.org/TR/xmlschema-2. </dd><dt class="label"><a name="RFC3023"></a>[IETF RFC 3023] </dt><dd>IETF "RFC 3023: XML Media Types", M. Murata, S. St. Laurent, D.
Kohn, July 1998. (See <cite><a href="http://www.ietf.org/rfc/rfc3023.txt">http://www.ietf.org/rfc/rfc3023.txt</a></cite>.)</dd></dl></div><div class="div2">
<h3><a name="Informative-References" id="Informative-References"></a>B.2 Other References</h3><dl><dt class="label"><a name="C14NNOTE"></a>[C14N 1.0 Note] </dt><dd>
@@ -1404,7 +1451,12 @@
Editors. Organization for the Advancement of Structured Information
Standards, 14 October 2003. This version of the UDDI Version 3.0 is
http://uddi.org/pubs/uddi-v3.0.1-20031014.htm. The <a href="http://uddi.org/pubs/uddi_v3.htm">latest version of the UDDI
- 3.0</a> specification is available at http://uddi.org/pubs/uddi_v3.htm. </dd><dt class="label"><a name="WS-SecurityPolicy"></a>[WS-SecurityPolicy] </dt><dd>
+ 3.0</a> specification is available at http://uddi.org/pubs/uddi_v3.htm. </dd><dt class="label"><a name="WS-AddressingMetadata"></a>[WS-Addressing Metadata] </dt><dd>
+ <cite><a href="http://www.w3.org/TR/2007/WD-ws-addr-metadata-20070516/">Web Services Addressing 1.0 - Metadata</a></cite>, M. Gudgin, M. Hadley, T.
+ Rogers and Ü. Yalçinalp, Editors. World Wide Web Consortium, 16 May 2007. This version of
+ the Web Services Addressing 1.0 - Metadata is
+ http://www.w3.org/TR/2007/WD-ws-addr-metadata-20070516/. The <a href="http://www.w3.org/TR/ws-addr-metadata">latest version of Web Services Addressing 1.0 -
+ Metadata</a> is available at http://www.w3.org/TR/ws-addr-metadata. </dd><dt class="label"><a name="WS-SecurityPolicy"></a>[WS-SecurityPolicy] </dt><dd>
<cite><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">WS-SecurityPolicy v1.0</a></cite>, A. Nadalin, M. Gudgin, A.
Barbir, and H. Granqvist, Editors. Organization for the Advancement of
Structured Information Standards, 8 December 2005. Available at
@@ -1450,7 +1502,7 @@
acknowledged.
</p></div><div class="div1">
<h2><a name="change-description" id="change-description"></a>D. Changes in this Version of the Document (Non-Normative)</h2><p>A list of major editorial changes since the Working Draft dated 30 March, 2007 is
- below:</p><ul><li><p>Editorial changes to align with the OASIS WS-SecurityPolicy specification.</p><p>Updated meaning of intersection result and removed vocabulary terms, bug 4554</p></li></ul></div><div class="div1">
+ below:</p><ul><li><p>Editorial changes to align with the OASIS WS-SecurityPolicy specification.</p></li><li><p>Clarified the meaning of a policy intersection result.</p></li></ul></div><div class="div1">
<h2><a name="change-log" id="change-log"></a>E. Web Services Policy 1.5 - Framework Change Log (Non-Normative)</h2><a name="ws-policy-framework-changelog-table"></a><table border="1"><tbody><tr><th rowspan="1" colspan="1">Date</th><th rowspan="1" colspan="1">Author</th><th rowspan="1" colspan="1">Description</th></tr><tr><td rowspan="1" colspan="1">20060712</td><td rowspan="1" colspan="1">ASV</td><td rowspan="1" colspan="1">Updated the list of editors. Completed action items <a href="http://www.w3.org/2006/07/12-ws-policy-minutes.html#action12">12</a>, <a href="http://www.w3.org/2006/07/12-ws-policy-minutes.html#action16">16</a> and <a href="http://www.w3.org/2006/07/12-ws-policy-minutes.html#action20">20</a> from the Austin F2F.</td></tr><tr><td rowspan="1" colspan="1">20060718</td><td rowspan="1" colspan="1">DBO</td><td rowspan="1" colspan="1">Completed action items: RFC2606 for domain names <a href="http://www.w3.org/2006/07/12-ws-policy-minutes.html#action09">09</a> (note: PLH had already done but it ddn't show up in the
change log) </td></tr><tr><td rowspan="1" colspan="1">20060726</td><td rowspan="1" colspan="1">ASV</td><td rowspan="1" colspan="1">Incorporated the <a href="http://lists.w3.org/Archives/Public/public-ws-policy/2006Jul/0107.html">XML namespace URI versioning policy</a> adopted by the WG. </td></tr><tr><td rowspan="1" colspan="1">20060803</td><td rowspan="1" colspan="1">PY</td><td rowspan="1" colspan="1">Completed Issue: <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=3551">3551</a>
Misc updates throughout. </td></tr><tr><td rowspan="1" colspan="1">20060808</td><td rowspan="1" colspan="1">PY</td><td rowspan="1" colspan="1">Completed action item: <a href="http://www.w3.org/2006/07/13-ws-policy-minutes.html#action20">20</a> to highlight infoset terms uniformly. </td></tr><tr><td rowspan="1" colspan="1">20060808</td><td rowspan="1" colspan="1">DBO</td><td rowspan="1" colspan="1">Completed action items: <a href="http://www.w3.org/2006/07/12-ws-policy-minutes.html#action15">15</a> as early as possible in the doc, use the definition that
@@ -1532,4 +1584,12 @@
</td></tr><tr><td rowspan="1" colspan="1">20070529</td><td rowspan="1" colspan="1">PY</td><td rowspan="1" colspan="1">Implemented the changes proposed at the Ottawa F2F
for issue <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4554">4554</a>.
Editors' action <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/280">280</a>.
+ </td></tr><tr><td rowspan="1" colspan="1">20070529</td><td rowspan="1" colspan="1">ASV</td><td rowspan="1" colspan="1">Implemented the <a href="http://lists.w3.org/Archives/Public/public-ws-policy/2007May/0210.html">resolution</a>
+ for issue <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4577">4577</a>.
+ Editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/274">274</a>.
+ </td></tr><tr><td rowspan="1" colspan="1">20070529</td><td rowspan="1" colspan="1">ASV</td><td rowspan="1" colspan="1">Implemented the <a href="http://lists.w3.org/Archives/Public/public-ws-policy/2007May/att-0274/ws-policyframework-context-draft-mm1-051507-1.htm__charset_UTF-8">resolution</a>
+ for issue <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4579">4579</a>.
+ Editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/312">312</a>.
</td></tr></tbody></table><br></div></div></body></html>
\ No newline at end of file
Received on Wednesday, 30 May 2007 05:03:39 UTC