- From: Asir Vedamuthu via cvs-syncmail <cvsmail@w3.org>
- Date: Sat, 27 Oct 2007 01:42:48 +0000
- To: public-ws-policy-eds@w3.org
Update of /sources/public/2006/ws/policy
In directory hutz:/tmp/cvs-serv13538
Modified Files:
ws-policy-guidelines-diff20070928.xml
ws-policy-primer-diff20070928.xml
ws-policy-primer-diff20070928.html
ws-policy-guidelines-diff20070928.html
Log Message:
Generated diff versions ...
Index: ws-policy-primer-diff20070928.html
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-primer-diff20070928.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- ws-policy-primer-diff20070928.html 22 Oct 2007 04:24:33 -0000 1.1
+++ ws-policy-primer-diff20070928.html 27 Oct 2007 01:42:46 -0000 1.2
@@ -147,7 +147,7 @@
3.7 <a href="#combine-policies">Combine Policies</a><br>
3.8 <a href="#extensibility-and-versioning">Extensibility and Versioning</a><br>
3.8.1 <a href="#ext-vers-policylanguage">Policy Language</a><br>
- 3.8.2 <a href="#d4e1463">Policy Expressions</a><br>
+ 3.8.2 <a href="#d4e1505">Policy Expressions</a><br>
3.8.3 <a href="#ignorable-and-versioning">Use of Ignorable attribute and an alternative Versioning Scenario</a><br>
3.8.4 <a href="#ignorable-and-optional-and-versioning">Use of Ignorable and Optional attributes</a><br>
3.9 <a href="#parts-of-a-policy-assertion">Parts of a Policy Assertion</a><br>
@@ -590,15 +590,39 @@
</Policy></pre></div></div><p>The <code>Name</code> attribute is an alternate mechanism to identify a policy
expression. The value of the <code>Name</code> attribute is an absolute IRI and is
independent of the location of the XML document where the identified policy expression
- resides in. As such, referencing a policy expression using the <code>Name</code> attribute
- relies on additional out of band information. In the example below, the <code>Name</code>
+ resides in. As such, referencing a policy expression using the Name attribute relies on
+ additional out of band <span class="diff-add"><span>information and is outside the scope of the Web Services Policy
+ Framework and Attachment (See </span></span><span class="diff-add"><a href="#policy-retrieval"><b>3.6 Policy Retrieval</b></a></span><span class="diff-add"><span>).</span></span><span class="diff-del"><span>information. </span></span>In the example below, the <code>Name</code>
attribute identifies the policy expression. The IRI of this policy expression is
<code>http://x.example.com/policy/common</code>.</p><div class="exampleOuter">
<p style="text-align: left" class="exampleHead"><i><span>Example 2-19. </span>Common Policy Expression</i></p><div class="exampleInner"><pre><Policy Name=”http://x.example.com/policy/common”>
<mtom:OptimizedMimeSerialization wsp:Optional="true"/>
<wsam:Addressing>…</wsam:Addressing>
</Policy></pre></div></div><p>The example below is a policy expression that re-uses the common policy expression above.</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 2-20. </span>PolicyReference to Common Policy Expression</i></p><div class="exampleInner"><pre><PolicyReference URI="http://x.example.com/policy/common"/></pre></div></div><p>As policy expressions are composed from other policy expressions and
+<p style="text-align: left" class="exampleHead"><i><span>Example 2-20. </span>PolicyReference to Common Policy Expression</i></p><div class="exampleInner"><pre><PolicyReference URI="http://x.example.com/policy/common"/></pre></div></div><div class="diff-add"><p class="diff-add">
+ <span class="diff-add"><span>The following example shows a policy expression identified using a UDDI key, which may refer to a tModel that references the reusable policy expression as described in section 6.3 of </span></span><cite><a href="#WS-PolicyAttachment">Web Services Policy Attachment</a></cite><span class="diff-add"><span>. </span></span></p></div><div class="diff-add"><div class="exampleOuter">
+<p style="text-align: left" class="exampleHead"><i><span>Example 2-21. </span><span class="diff-add"><span>PolicyReference to Reusable Policy Expression in UDDI</span></span></i></p><div class="exampleInner"><pre><PolicyReference URI="uddi:3bed4710-1f46-11dc-899e-391cf3b1899c"/>
+</pre></div></div></div><div class="diff-add"><p class="diff-add"><span class="diff-add"><span>The reusable policy expression could be registered in UDDI using a tModel as shown below</span></span></p></div><div class="diff-add"><div class="exampleOuter">
+<p style="text-align: left" class="exampleHead"><i><span>Example 2-22. </span><span class="diff-add"><span>UDDI tModel for a Reusable Policy Expression</span></span></i></p><div class="exampleInner"><pre><tModel tModelKey="uddi:3bed4710-1f46-11dc-899e-391cf3b1899c">
+ <name>…</name>
+ <description xml:lang="EN">
+Policy Expression for example's Web services
+ </description>
+ <overviewDoc>
+ <description xml:lang="EN">Web Services Policy Expression</description>
+ <overviewURL>http://repository.example.com/policy/common</overviewURL>
+ </overviewDoc>
+ <categoryBag>
+ <keyedReference
+ keyName="Reusable policy Expression"
+ keyValue="policy"
+ tModelKey="uddi:w3.org:ws-policy:v1.5:attachment:policytypes" />
+ <keyedReference
+ keyName="Policy Expression for example's Web services"
+ keyValue="http://x.example.com/policy/common"
+ tModelKey="uddi:w3.org:ws-policy:v1.5:attachment:remotepolicyreference" />
+ </categoryBag>
+</tModel></pre></div></div></div><p>As policy expressions are composed from other policy expressions and
assertions from different domains are used in a policy expression,
complex expressions will emerge. Naming parts of complex expressions for
reuse and building more complex policies through referencing enables
@@ -622,7 +646,7 @@
any message exchange associated with any <code>port</code> that supports this binding
description. This includes all the message exchanges described by operations in the
<code>RealTimeDataInterface</code>.</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 2-21. </span>Secure Policy Expression Attached to WSDL Binding</i></p><div class="exampleInner"><pre><wsdl:binding name="SecureBinding" type="tns:RealTimeDataInterface" >
+<p style="text-align: left" class="exampleHead"><i><span>Example 2-23. </span>Secure Policy Expression Attached to WSDL Binding</i></p><div class="exampleInner"><pre><wsdl:binding name="SecureBinding" type="tns:RealTimeDataInterface" >
<PolicyReference URI="#secure" />
<wsdl:operation name="GetRealQuote">…</wsdl:operation>
…
@@ -633,7 +657,7 @@
<code>GetSymbol</code> and <code>GetSymbols</code>). Company-X does not require the use of
security for these services, but requires the use of addressing and allows the use of
optimization.</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 2-22. </span>Open Policy Expression Attached to WSDL Binding</i></p><div class="exampleInner"><pre><wsdl:binding name="OpenBinding" type="tns:DelayedDataInterface" >
+<p style="text-align: left" class="exampleHead"><i><span>Example 2-24. </span>Open Policy Expression Attached to WSDL Binding</i></p><div class="exampleInner"><pre><wsdl:binding name="OpenBinding" type="tns:DelayedDataInterface" >
<PolicyReference URI="#common" />
<wsdl:operation name="GetDelayedQuote">…</wsdl:operation>
…
@@ -942,7 +966,7 @@
requester may use either a "lax" or "strict" mode of the intersection algorithm.
</p><p>
In the strict intersection mode two policy alternatives are compatible when each assertion in one is compatible with an
- assertion in the other, and vice <span class="diff-add"><span>versa (See section 4.5, Web Services Policy 1.5 - Framework).</span></span><span class="diff-del"><span>versa. </span></span>For this to be possible they must <span class="diff-chg"><span>contain </span></span>the same policy <span class="diff-chg"><span>assertion types.
+ assertion in the other, and vice <span class="diff-add"><span>versa (See</span></span><span class="diff-del"><span>versa. </span></span><span class="diff-add"><span>section 4.5, Web Services Policy 1.5 - Framework). </span></span>For this to be possible they must <span class="diff-chg"><span>contain </span></span>the same policy <span class="diff-chg"><span>assertion types.
</span></span>The strict intersection mode is the mode of intersection discussed in the previous sections of this document.
</p><p>
When using the strict intersection mode <span class="diff-add"><span>compatibility is computed for </span></span>all assertions <span class="diff-add"><span>that </span></span>are part of the policy <span class="diff-add"><span>alternative,</span></span><span class="diff-del"><span>alternative vocabulary,
@@ -1022,7 +1046,7 @@
are:</p><ul><li><p>Do nothing. A policy expression with the referenced IRI is already known to be
available in a local cache or chip (embedded systems).</p></li><li><p>Use the referenced IRI and retrieve an existing policy expression from the containing
XML document: a policy element with an XML ID.</p></li><li><p>Use the referenced IRI and retrieve a policy expression from some policy repository
- (local or remote) or catalog. Policy tools may use any protocols (say Web Services
+ (local or <span class="diff-chg"><span>remote), </span></span><span class="diff-add"><span>registry </span></span>or catalog. Policy tools <span class="diff-add"><span>or policy-aware clients </span></span>may use any protocols (say <span class="diff-add"><span>UDDI or </span></span>Web Services
Metadata Exchange) for such metadata retrieval. These protocols may require additional
out of band information.</p></li><li><p>Attempt to resolve the referenced IRI on the Web. This may resolve to a policy
element or a resource that contains a policy element.</p></li></ul><p>If the referenced policy expression is in the same XML document as the reference, then
@@ -1109,7 +1133,7 @@
and treats unknown children of the <code>Policy</code>, <code>ExactlyOne</code>, <code>All</code>
elements as policy assertions. The child elements of <code>wsp:PolicyReference</code> are ignored.
</p><p>The <code>PolicyReference</code> element allows element and attribute extensibility.</p></div><div class="div3">
-<h4><a name="d4e1463" id="d4e1463"></a>3.8.2 Policy Expressions</h4><p>Services that use the Web Services Policy language for policy expression enable simple versioning practices that allow requesters to
+<h4><a name="d4e1505" id="d4e1505"></a>3.8.2 Policy Expressions</h4><p>Services that use the Web Services Policy language for policy expression enable simple versioning practices that allow requesters to
continue the use of older policy alternatives in a backward compatible manner. This
versioning practice allows service providers, like Company-X, to deploy new behaviors using additional (or new) policy
assertions without breaking compatibility with clients that rely on any older policy
@@ -1295,19 +1319,16 @@
</wsp:ExactlyOne>
</wsp:Policy></pre></div></div><p>Because the wsp16:Choice alternative isn't understood in either normalized form, it will not be chosen as one of the alternatives and will effectively be ignored. Policy intersection may be more difficult with such compatible extensions. For example, the previous will "look"
like it has a wsp16:Choice typed assertion. To determine intersection with a Policy that does not have the wsp16:Choice type assertion, domain specific processing would have to be done. However, there is an alternative that does not have the wsp16:Choice, so intersection would yield the expected result.
- </p><p>Note: it is possible to add new names to the existing namespace, such as: </p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 4-5. </span>Policy containing 1.5 and 1.6 Policies all in the 1.5 namespace</i></p><div class="exampleInner"><pre><wsp:Policy>
- <wsp:ExactlyOne>
- <wsp:Choice wsp:minOccurs="1" wsp:maxOccurs="2">
- ...
- </wsp:Choice>
- <wsp:All>
- ...
- </wsp:All>
- </wsp:ExactlyOne>
-</wsp:Policy></pre></div></div><p>Notice that using a new namespace can result in backwards and forwards compatibility if normalization results in an optional alternative. </p><p>Best practice: insert new elements in an optional alternative or mark with wsp:Optional="true". </p><p>Incompatible versions of the Policy language may be indicated by a new namespace name for at least the new and/or incompatible elements or attributes. Imagine that the Choice operator is required by a future version of Policy, then there will be a new namespace for the Policy element. We use the wsp20 prefix to indicate a hypothetical Policy Language 2.0 that is intended to be incompatible with Policy Language
+ </p><div class="diff-del"><p class="diff-del">Note: it is possible to add new names to the existing namespace, such as:
+ Policy containing 1.5 and 1.6 Policies all in the 1.5 namespace
+
+
+
+ Notice that using a new namespace can result in backwards and forwards compatibility if normalization results in an optional alternative.
+
+ </p></div><p>Best practice: insert new elements in an optional alternative or mark with wsp:Optional="true". </p><p>Incompatible versions of the Policy language may be indicated by a new namespace name for at least the new and/or incompatible elements or attributes. Imagine that the Choice operator is required by a future version of Policy, then there will be a new namespace for the Policy element. We use the wsp20 prefix to indicate a hypothetical Policy Language 2.0 that is intended to be incompatible with Policy Language
1.5:</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 4-6. </span>Policy containing 2.0 only Policies.</i></p><div class="exampleInner"><pre><wsp20:Policy>
+<p style="text-align: left" class="exampleHead"><i><span>Example 4-5. </span>Policy containing 2.0 only Policies.</i></p><div class="exampleInner"><pre><wsp20:Policy>
<wsp20:ExactlyOne>
<wsp20:Choice wsp:minOccurs="1" wsp:maxOccurs="2">
...
@@ -1316,13 +1337,13 @@
</wsp20:ExactlyOne>
</wsp20:Policy> </pre></div></div><p>The new Policy operator could be embedded inside an existing Policy
element:</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 4-7. </span>Policy containing 2.0 (incompatible with 1.5) Policies embedded in wsp 1.5 Policy.</i></p><div class="exampleInner"><pre><wsp:Policy>
+<p style="text-align: left" class="exampleHead"><i><span>Example 4-6. </span>Policy containing 2.0 (incompatible with 1.5) Policies embedded in wsp 1.5 Policy.</i></p><div class="exampleInner"><pre><wsp:Policy>
<wsp20:Choice wsp:minOccurs="1" wsp:maxOccurs="2">
...
</wsp20:Choice>
...
</wsp20:Policy> </pre></div></div><p>This will be treated as an Assertion for normalization and intersection computation. This will result in only one alternative that requires the wsp20:Choice, the intended behaviour for incompatible changes.</p><p>Best practice: use a new namespace for new incompatible construct and insert inside either: new Policy element OR existing All for future incompatible policy extensions.</p><p>A future version of WS-Policy could support the current operators in the existing namespace, such as:</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 4-8. </span>Policy containing 1.5 operator in 2.0 Policy</i></p><div class="exampleInner"><pre><wsp20:Policy>
+<p style="text-align: left" class="exampleHead"><i><span>Example 4-7. </span>Policy containing 1.5 operator in 2.0 Policy</i></p><div class="exampleInner"><pre><wsp20:Policy>
<wsp:ExactlyOne>
<wsp20:Choice wsp:minOccurs="1" wsp:maxOccurs="2">
...
@@ -1332,7 +1353,7 @@
</wsp20:Policy> </pre></div></div><p>It is difficult to predict whether this functionality would be useful. The future version of WS-Policy doesn't appear to be precluded from doing this.</p></div><div class="div2">
<h3><a name="versioning-policy-attachment" id="versioning-policy-attachment"></a>4.2 Policy Attachment</h3><p>Policy attachment provides WSDL 1.1 and UDDI attachment points. It appears that exchange of Policy will be in the context of WSDL or UDDI.
WRT WSDL, the policy model is an extension of the WSDL definition. As such, it is likely that future versions of Policy will be exchanged as multiple Policy expressions within a WSDL. One alternative is that there would be a separate WSDL for each version of Policy. The problem of how to specify and query for compound documents is very difficult, so it is more likely that each version of Policy will be exchanged within a WSDL. </p><p>We show an example of a new version of policy that allows QName reference to Policies in the PolicyReference:</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 4-9. </span>WSDL containing 1.5 and 2.0 (compatible with 2.0) Policy References.</i></p><div class="exampleInner"><pre><wsdl11:binding name="StockQuoteSoapBinding" type="fab:Quote" >
+<p style="text-align: left" class="exampleHead"><i><span>Example 4-8. </span>WSDL containing 1.5 and <span class="diff-chg"><span>1.6 </span></span>(compatible with <span class="diff-chg"><span>1.5) </span></span>Policy References.</i></p><div class="exampleInner"><pre><wsdl11:binding name="StockQuoteSoapBinding" type="fab:Quote" >
<wsoap12:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http" />
<wsp:Policy>
@@ -1344,9 +1365,9 @@
wsdl11:required="true" />
</wsp:All>
<wsp:All>
- <wsp:PolicyReferenceByQName ref="rmp:RMAssertion"
+ <wsp16:PolicyReferenceByQName ref="rmp:RMAssertion"
wsdl11:required="true" />
- <wsp:PolicyReferenceByQName ref="sp:AsymmetricBinding"
+ <wsp16:PolicyReferenceByQName ref="sp:AsymmetricBinding"
wsdl11:required="true" />
</wsp:All>
</wsp:ExactlyOne>
@@ -1354,7 +1375,7 @@
<wsdl11:operation name="GetLastTradePrice" > ....
...</pre></div></div><p>The PolicyReference element is element or attribute extensible.
One example of an addition is a list of backup URIs for the PolicyReference:</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 4-10. </span>WSDL containing 1.5 and 2.0 (compatible with 2.0) Policy References.</i></p><div class="exampleInner"><pre><wsdl11:binding name="StockQuoteSoapBinding" type="fab:Quote" >
+<p style="text-align: left" class="exampleHead"><i><span>Example 4-9. </span>WSDL containing 1.5 and <span class="diff-chg"><span>1.6 </span></span>(compatible with <span class="diff-chg"><span>1.5) </span></span>Policy References.</i></p><div class="exampleInner"><pre><wsdl11:binding name="StockQuoteSoapBinding" type="fab:Quote" >
<wsoap12:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http" />
<wsp:Policy>
@@ -1386,7 +1407,7 @@
<code>soap</code>
</td><td colspan="1" rowspan="1">
<code>http://www.w3.org/2003/05/soap-envelope</code>
- </td><td colspan="1" rowspan="1">[<cite><a href="#SOAP12">SOAP 1.2 Messaging Framework</a></cite>]</td></tr><tr><td colspan="1" rowspan="1">
+ </td><td colspan="1" rowspan="1">[<cite><a href="#SOAP12">SOAP 1.2 Messaging Framework (Second Edition)</a></cite>]</td></tr><tr><td colspan="1" rowspan="1">
<code>sp</code>
</td><td colspan="1" rowspan="1">
<code>http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702</code>
@@ -1413,17 +1434,17 @@
</td><td colspan="1" rowspan="1">[<cite><a href="#WS-Security2004">WS-Security 2004</a></cite>]</td></tr><tr><td colspan="1" rowspan="1">
<code>wst</code>
</td><td colspan="1" rowspan="1">
- <code>http://schemas.xmlsoap.org/ws/2005/02/trust</code>
+ <code><span class="diff-chg"><span>http://docs.oasis-open.org/ws-sx/ws-trust/200512</span></span></code>
</td><td colspan="1" rowspan="1">[<cite><a href="#WS-Trust">WS-Trust</a></cite>]</td></tr><tr><td colspan="1" rowspan="1">
<code>wsu</code>
</td><td colspan="1" rowspan="1">
<code>http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</code>
</td><td colspan="1" rowspan="1">[<cite><a href="#WS-Security2004">WS-Security 2004</a></cite>]</td></tr></tbody></table><br></div><div class="div1">
-<h2><a name="references" id="references"></a>C. References</h2><dl><dt class="label"><a name="C14NNOTE"></a>[C14N 1.0 Note] </dt><dd>
- <cite><a href="http://www.w3.org/2006/04/c14n-note/c14n-note.html">Known Issues with Canonical XML 1.0 (C14N/1.0)</a></cite>,
+<h2><a name="references" id="references"></a>C. References</h2><dl><dt class="label"><span class="diff-chg"><a name="C14NNOTE"></a>C14N 1.0 Note</span></dt><dd><div class="diff-chg">
+ <cite><a href="http://www.w3.org/TR/2006/NOTE-C14N-issues-20061220/">Known Issues with Canonical XML 1.0 (C14N/1.0)</a></cite>,
J. Kahan and K. Lanz, Editors. World Wide Web
- Consortium, 17 August 2006.
- Available at http://www.w3.org/2006/04/c14n-note/c14n-note.html.> </dd><dt class="label"><a name="MTOM"></a>[MTOM] </dt><dd>
+ Consortium, <span class="diff-chg"><span>20 December </span></span>2006.
+ Available at <span class="diff-chg"><span>http:/www.w3.org/TR/2006/NOTE-C14N-issues-20061220/>. </span></span> (See http://www.w3.org/TR/2006/NOTE-C14N-issues-20061220/.)</div></dd><dt class="label"><a name="MTOM"></a>[MTOM] </dt><dd>
<cite><a href="http://www.w3.org/TR/2005/REC-soap12-mtom-20050125/">SOAP Message Transmission Optimization Mechanism</a></cite>, M. Gudgin, N.
Mendelsohn, M. Nottingham and H. Ruellan, Editors. World Wide Web Consortium, 25 January
2005. This version of the SOAP Message Transmission Optimization Mechanism Recommendation
@@ -1436,12 +1457,15 @@
</dd><dt class="label"><a name="SOAP11"></a>[SOAP 1.1] </dt><dd>
<cite><a href="http://www.w3.org/TR/2000/NOTE-SOAP-20000508/">Simple Object Access Protocol (SOAP) 1.1</a></cite>, D. Box, et al, Editors.
World Wide Web Consortium, 8 May 2000. Available at
- http://www.w3.org/TR/2000/NOTE-SOAP-20000508/. </dd><dt class="label"><a name="SOAP12"></a>[SOAP 1.2 Messaging Framework] </dt><dd>
- <cite><a href="http://www.w3.org/TR/2003/REC-soap12-part1-20030624/">SOAP Version 1.2 Part 1: Messaging Framework</a></cite>, M. Gudgin, M. Hadley,
- N. Mendelsohn, J-J. Moreau, H. Frystyk Nielsen, Editors. World Wide Web Consortium, 24
- June 2003. This version of the SOAP Version 1.2 Part 1: Messaging Framework Recommendation
- is http://www.w3.org/TR/2003/REC-soap12-part1-20030624/. The <a href="http://www.w3.org/TR/soap12-part1/">latest version of SOAP Version 1.2 Part 1:
- Messaging Framework</a> is available at http://www.w3.org/TR/soap12-part1/. </dd><dt class="label"><a name="SecSpecMaintWG"></a>[SecSpecMaintWG] </dt><dd>
+ http://www.w3.org/TR/2000/NOTE-SOAP-20000508/. </dd><dt class="label"><span class="diff-chg"><a name="SOAP12"></a>SOAP 1.2 Messaging Framework (Second Edition)</span></dt><dd><div class="diff-chg">
+ <cite><a href="http://www.w3.org/TR/2007/REC-soap12-part1-20070427/">SOAP Version 1.2 Part 1: Messaging Framework <span class="diff-add"><span>(Second Edition)</span></span></a></cite>, M. Gudgin, M. Hadley,
+ N. Mendelsohn, J-J. Moreau, H. Frystyk Nielsen, <span class="diff-add"><span>A. Karmarkar, and Y. Lafon,</span></span>Editors.
+ World Wide Web Consortium, <span class="diff-add"><span>27</span></span><span class="diff-del"><span>24
+ June </span></span><span class="diff-chg"><span>April </span></span><span class="diff-add"><span>2007.
+ </span></span>This version of the SOAP Version 1.2 Part 1: Messaging Framework Recommendation
+ is <span class="diff-chg"><span>http://www.w3.org/TR/2007/REC-soap12-part1-20070427/. </span></span>The <a href="http://www.w3.org/TR/soap12-part1/">latest
+ version of SOAP Version
+ 1.2 Part 1: Messaging Framework</a> is available at http://www.w3.org/TR/soap12-part1/. (See http://www.w3.org/TR/2007/REC-soap12-part1-20070427/.)</div></dd><dt class="label"><a name="SecSpecMaintWG"></a>[SecSpecMaintWG] </dt><dd>
<cite><a href="http://www.w3.org/2007/xmlsec">XML Security Specifications Maintenance Working Group </a></cite>,
See http://www.w3.org/2007/xmlsec.</dd><dt class="label"><a name="WS-Addressing"></a>[WS-Addressing Core] </dt><dd>
<cite><a href="http://www.w3.org/TR/2006/REC-ws-addr-core-20060509/">Web Services Addressing 1.0 - Core</a></cite>, M. Gudgin, M. Hadley, and T.
@@ -1453,15 +1477,23 @@
Rogers and Ü. Yalçinalp, Editors. World Wide Web Consortium, 4 September 2007. This version of
the Web Services Addressing 1.0 - Metadata W3C Recommendation is
http://www.w3.org/TR/2007/REC-ws-addr-metadata-20070904/. The <a href="http://www.w3.org/TR/ws-addr-metadata">latest version of Web Services Addressing 1.0 -
- Metadata</a> is available at http://www.w3.org/TR/ws-addr-metadata. </dd><dt class="label"><a name="WS-Atomic"></a>[Web Services Atomic Transaction] </dt><dd>
- <cite><a href="http://schemas.xmlsoap.org/ws/2004/10/wsat/">Web Services Atomic Transaction</a></cite>, L. P. Cabrera, et al, Authors.
- Arjuna Technologies, Inc., BEA Systems, Inc., Hitachi Software, Inc., IONA Technologies, Inc.,
- International Business Machines Corporation, and Microsoft Corporation,
- February 2005. Available at http://schemas.xmlsoap.org/ws/2004/10/wsat/.</dd><dt class="label"><a name="WS-BA"></a>[Web Services Business Activity Framework] </dt><dd>
- <cite><a href="http://schemas.xmlsoap.org/ws/2004/10/wsba/">Web Services Business Activity Framework</a></cite>, L. P. Cabrera, et al, Authors.
- Arjuna Technologies, Inc., BEA Systems, Inc., Hitachi Software, Inc., IONA Technologies, Inc.,
- International Business Machines Corporation, and Microsoft Corporation,
- February 2005. Available at http://schemas.xmlsoap.org/ws/2004/10/wsba/.</dd><dt class="label"><a name="WS-Device"></a>[Devices Profile for Web Services] </dt><dd>
+ Metadata</a> is available at http://www.w3.org/TR/ws-addr-metadata. </dd><dt class="label"><span class="diff-chg"><a name="WS-Atomic"></a>Web Services Atomic Transaction</span></dt><dd><div class="diff-chg">
+ <cite><a href="http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html">Web Services Atomic Transaction<span class="diff-del"><span>, </span></span><span class="diff-chg"><span>(WS-AtomicTransaction) Version </span></span><span class="diff-add"><span>1.1</span></span></a></cite><span class="diff-add"><span>,</span></span><span class="diff-del"><span>Cabrera, </span></span><span class="diff-chg"><span>M. Little, </span></span><span class="diff-add"><span>A.</span></span><span class="diff-del"><span>Authors.
+ Arjuna </span></span><span class="diff-chg"><span>Wilkinson, </span></span><span class="diff-add"><span>Editors. Organization</span></span><span class="diff-del"><span>Inc., </span></span><span class="diff-chg"><span>for the Advancement of </span></span><span class="diff-add"><span>Structured
+ Information</span></span><span class="diff-del"><span>Software, </span></span><span class="diff-chg"><span>Standards, OASIS Standard, </span></span><span class="diff-add"><span>16</span></span><span class="diff-del"><span>Inc.,
+ International </span></span><span class="diff-chg"><span>April 2007. This version available </span></span><span class="diff-add"><span>at
+ http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html.
+ Namespace</span></span><span class="diff-del"><span>Corporation,
+ February </span></span><span class="diff-chg"><span>document </span></span><span class="diff-add"><span>is available</span></span><span class="diff-del"><span>Available </span></span>at <div class="diff-add"><a href="http://docs.oasis-open.org/ws-tx/wsat/2006/06"><span class="diff-add"><span>http://docs.oasis-open.org/ws-tx/wsat/2006/06</span></span></a></div><span class="diff-add"><span>.</span></span> (See http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html.)</div></dd><dt class="label"><span class="diff-add"><a name="WS-BA"></a>Web Services Business Activity Framework</span></dt><dd><div class="diff-add"><span class="diff-del"><span>http://schemas.xmlsoap.org/ws/2004/10/wsat/.
+
+ </span></span><cite><a href="http://docs.oasis-open.org/ws-tx/wstx-wsba-1.1-spec-os/wstx-wsba-1.1-spec-os.html">Web Services Business Activity <span class="diff-add"><span>(WS-BusinessActivity)</span></span><span class="diff-del"><span>Framework, </span></span><span class="diff-chg"><span>Version </span></span><span class="diff-add"><span>1.1</span></span></a></cite><span class="diff-add"><span>,</span></span><span class="diff-del"><span>P. </span></span><span class="diff-chg"><span>T. Freund, M. Little,
+ Editors. Organization for the Advancement of Structured Information Standards, </span></span><span class="diff-add"><span>OASIS
+ Standard,</span></span><span class="diff-del"><span>IONA </span></span><span class="diff-chg"><span>16 </span></span><span class="diff-add"><span>April</span></span><span class="diff-del"><span>Inc.,
+ International </span></span><span class="diff-chg"><span>2007. This version available </span></span><span class="diff-add"><span>at
+ http://docs.oasis-open.org/ws-tx/wstx-wsba-1.1-spec-os/wstx-wsba-1.1-spec-os.html.
+ Namespace</span></span><span class="diff-del"><span>Microsoft </span></span><span class="diff-add"><span>document</span></span><span class="diff-del"><span>Corporation,
+ February </span></span><span class="diff-chg"><span>is available </span></span>at <a href="http://docs.oasis-open.org/ws-tx/wsba/2006/06">http://docs.oasis-open.org/ws-tx/wsba/2006/06</a><span class="diff-add"><span>.</span></span> (See http://docs.oasis-open.org/ws-tx/wstx-wsba-1.1-spec-os/wstx-wsba-1.1-spec-os.html.)</div></dd><span class="diff-del"><span>http://schemas.xmlsoap.org/ws/2004/10/wsba/.
+ </span></span><dt class="label"><a name="WS-Device"></a>[Devices Profile for Web Services] </dt><dd>
<cite><a href="http://schemas.xmlsoap.org/ws/2006/02/devprof/">Devices Profile for Web Services</a></cite>, S. Chan, et al, Authors.
Intel Corporation, Lexmark, Inc., Microsoft Corporation, and Richo Software, Inc.,
February 2006. Available at http://schemas.xmlsoap.org/ws/2006/02/devprof/.</dd><dt class="label"><a name="WS-MetadataExchange"></a>[WS-MetadataExchange] </dt><dd>
@@ -1479,12 +1511,13 @@
Web Services Policy 1.5 - Attachment</a> is available at
http://www.w3.org/TR/ws-policy-attach/. </dd><dt class="label"><a name="WS-RM-Policy"></a>[Web Services Reliable Messaging Policy Assertion] </dt><dd>
<cite><a href="http://docs.oasis-open.org/ws-rx/wsrmp/200702/wsrmp-1.1-spec-os-01.pdf">Web Services Reliable Messaging Policy Assertion
- (WS-RM Policy) Version 1.1</a></cite>, D. David, A. Kamarkar, G. Pilz, and
+ (WS-RM Policy) Version 1.1</a></cite>, D. <span class="diff-chg"><span>Davis, </span></span>A. Kamarkar, G. Pilz, and
Ü. Yalçinalp, Editors.
Organization for the Advancement of Structured Information Standards,
OASIS Standard, 14 June 2007. This version available at
http://docs.oasis-open.org/ws-rx/wsrmp/200702/wsrmp-1.1-spec-os-01.pdf.
- </dd><dt class="label"><a name="WSDL11"></a>[WSDL 1.1] </dt><dd>
+ <span class="diff-add"><span>Namespace document is available at </span></span><div class="diff-add"><a href="http://docs.oasis-open.org/ws-rx/wsrmp/200702"><span class="diff-add"><span>http://docs.oasis-open.org/ws-rx/wsrmp/200702</span></span></a></div><span class="diff-add"><span>.
+ </span></span></dd><dt class="label"><a name="WSDL11"></a>[WSDL 1.1] </dt><dd>
<cite><a href="http://www.w3.org/TR/2001/NOTE-wsdl-20010315">Web Services Description Language (WSDL) 1.1</a></cite>, E. Christensen, et al,
Authors. World Wide Web Consortium, March 2001. Available at
http://www.w3.org/TR/2001/NOTE-wsdl-20010315. </dd><dt class="label"><a name="WSDL20"></a>[WSDL 2.0 Core Language] </dt><dd>
@@ -1496,17 +1529,24 @@
<cite><a href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf">Web Services Security: SOAP Message Security 1.0</a></cite>, A. Nadalin, C.
Kaler, P. Hallam-Baker and R. Monzillo, Editors. Organization for the Advancement of
Structured Information Standards, March 2004. Available at
- http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. </dd><dt class="label"><a name="WS-SecurityPolicy"></a>[WS-SecurityPolicy] </dt><dd>
- <cite><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">WS-SecurityPolicy v1.0</a></cite>, A. Nadalin, M. Gudgin, A. Barbir, and H.
+ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. </dd><dt class="label"><span class="diff-chg"><a name="WS-SecurityPolicy"></a>WS-SecurityPolicy</span></dt><dd><div class="diff-chg">
+ <cite><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf">WS-SecurityPolicy <span class="diff-chg"><span>v1.2</span></span></a></cite>, A. Nadalin, M. <span class="diff-add"><span>Goodner, M. </span></span>Gudgin, A. Barbir, and H.
Granqvist, Editors. Organization for the Advancement of Structured Information Standards,
- 8 December 2005. Available at
- http://www.oasis-open.org/committees/download.php/15979/oasis-wssx-ws-securitypolicy-1.0.pdf. </dd><dt class="label"><a name="WS-Trust"></a>[WS-Trust] </dt><dd>
- <cite><a href="http://schemas.xmlsoap.org/ws/2005/02/trust">Web Services Trust Language (WS-Trust)</a></cite>, S. Anderson, et al, Authors.
- Actional Corporation, BEA Systems, Inc., Computer Associates International, Inc.,
- International Business Machines Corporation, Layer 7 Technologies, Microsoft Corporation,
- Oblix Inc., OpenNetwork Technologies Inc., Ping Identity Corporation, Reactivity Inc., RSA
- Security Inc., and VeriSign Inc., February 2005. Available at
- http://schemas.xmlsoap.org/ws/2005/02/trust. </dd><dt class="label"><a name="XMLID"></a>[XML ID] </dt><dd>
+ <span class="diff-chg"><span>1 July 2007. </span></span>Available at
+ <span class="diff-add"><span>http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf.
+ Namespace document is available</span></span><span class="diff-del"><span>http://www.oasis-open.org/committees/download.php/15979/oasis-wssx-ws-securitypolicy-1.0.pdf. </span></span><span class="diff-add"><span>at
+ </span></span><div class="diff-add"><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"><span class="diff-add"><span>http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702</span></span></a></div><span class="diff-add"><span>.</span></span> (See http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf.)</div></dd><dt class="label"><span class="diff-chg"><a name="WS-Trust"></a>WS-Trust</span></dt><dd><div class="diff-chg">
+ <cite><a href="http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf">Web Services <span class="diff-add"><span>Atomic</span></span><span class="diff-del"><span>Trust Language (WS-Trust), S. Anderson, et al, Authors.
+ Actional Corporation, BEA Systems, Inc., Computer Associates International, </span></span><span class="diff-add"><span>Transaction</span></span><span class="diff-del"><span>Inc.,
+ International </span></span><span class="diff-chg"><span>(WS-AtomicTransaction) Version </span></span><span class="diff-add"><span>1.1</span></span></a></cite><span class="diff-add"><span>,</span></span><span class="diff-del"><span>Corporation, </span></span><span class="diff-chg"><span>M. Little, A. </span></span><span class="diff-add"><span>Wilkinson,
+ Editors. Organization</span></span><span class="diff-del"><span>Microsoft </span></span><span class="diff-add"><span>for</span></span><span class="diff-del"><span>Corporation,
+ Oblix </span></span><span class="diff-chg"><span>the Advancement of Structured Information Standards, OASIS </span></span><span class="diff-add"><span>Standard,
+ 16</span></span><span class="diff-del"><span>Reactivity </span></span><span class="diff-chg"><span>April </span></span><span class="diff-add"><span>2007.</span></span><span class="diff-del"><span>RSA
+ Security </span></span><span class="diff-chg"><span>This version available </span></span><span class="diff-add"><span>at
+ http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html.
+ Namespace</span></span><span class="diff-del"><span>Inc., </span></span><span class="diff-chg"><span>document is available </span></span>at
+ <span class="diff-del"><span>http://schemas.xmlsoap.org/ws/2005/02/trust. </span></span><div class="diff-add"><a href=""><span class="diff-add"><span>http://docs.oasis-open.org/ws-tx/wsat/2006/06</span></span></a></div>.
+ (See http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf.)</div></dd><dt class="label"><a name="XMLID"></a>[XML ID] </dt><dd>
<cite><a href="http://www.w3.org/TR/2005/REC-xml-id-20050909/">xml:id Version 1.0</a></cite>,
J. Marsh, D. Veillard and N. Walsh, Editors. World Wide Web Consortium,
9 September 2005. This version of
@@ -1541,7 +1581,8 @@
on public-ws-policy@w3.org</a> are also gratefully
acknowledged.
</p></div><div class="div1">
-<h2><a name="change-description" id="change-description"></a>E. Changes in this Version of the Document (Non-Normative)</h2><p>A list of editorial changes since the Working Draft dated 10 August, 2007 is below:</p><ul><li><p>Added another example to <a href="#compatible-policies"><b>3.4 Compatible Policies</b></a>.</p></li><li><p>Dropped the editorial note in <a href="#versioning-policy-language"><b>4. Versioning Policy Language</b></a>.</p></li><li><p>Updated references: [<cite><a href="#WS-AddressingMetadata">WS-Addressing Metadata</a></cite>], [<cite><a href="#WS-Policy">Web Services Policy Framework</a></cite>] and [<cite><a href="#WS-PolicyAttachment">Web Services Policy Attachment</a></cite>].</p></li></ul></div><div class="div1">
+<h2><a name="change-description" id="change-description"></a>E. Changes in this Version of the Document (Non-Normative)</h2><p>A list of editorial changes since the Working Draft dated <span class="diff-chg"><span>28 September, </span></span>2007 is below:</p><ul><li><p>Added <span class="diff-add"><span>a UDDI</span></span><span class="diff-del"><span>another </span></span>example to <span class="diff-chg"><a href="#Referencing_Policy_Expressions"><b>2.10 Referencing Policy Expressions</b></a></span>.</p></li><li><p>Dropped the <span class="diff-chg"><span>terms policy vocabulary </span></span><span class="diff-add"><span>and policy alternative vocabulary.</span></span><span class="diff-del"><span>.</span></span></p></li><li><p><span class="diff-chg"><span>Dropped an </span></span><span class="diff-add"><span>incorrect</span></span><span class="diff-del"><span>[], </span></span><span class="diff-add"><span>wsp:Choice example</span></span><span class="diff-del"><span>[] </span></span>and <span class="diff-dd"><span>changed wsp to wsp16 prefix
+ in </span></span><span class="diff-add"><a href="#versioning-policy-language"><b>4. Versioning Policy Language</b></a></span><span class="diff-add"><span>.</span></span></p></li><div class="diff-add"><li class="diff-add"><p><span class="diff-add"><span>Updated </span></span><a href="#references"><b>C. References</b></a><span class="diff-add"><span>.</span></span><span class="diff-del"><span>[].</span></span></p></li></div></ul></div><div class="div1">
<h2><a name="change-log" id="change-log"></a>F. Web Services Policy 1.5 - Primer Change Log (Non-Normative)</h2><a name="ws-policy-primer-changelog-table"></a><table border="1"><tbody><tr><th colspan="1" rowspan="1">Date</th><th colspan="1" rowspan="1">Author</th><th colspan="1" rowspan="1">Description</th></tr><tr><td colspan="1" rowspan="1">20060816</td><td colspan="1" rowspan="1">ASV</td><td colspan="1" rowspan="1">Created first draft per action item <a href="http://www.w3.org/2006/07/12-ws-policy-minutes.html#action02">2</a> from the
Austin F2F. This draft is based on a <a href="http://lists.w3.org/Archives/Public/public-ws-policy/2006Jul/0001.html">contribution</a> from Microsoft.</td></tr><tr><td colspan="1" rowspan="1">20060829</td><td colspan="1" rowspan="1">ASV</td><td colspan="1" rowspan="1">Implemented the
<a href="http://www.w3.org/2006/08/23-ws-policy-minutes.html#action06">resolution</a>
@@ -1709,4 +1750,28 @@
</td></tr><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071017</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">FJH</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Implemented the resolution for issue
<a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5204"><span class="diff-add"><span>5204</span></span></a>. Editors' action
<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/370"><span class="diff-add"><span>370</span></span></a>.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071023</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">DBO</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Implemented the resolution for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5188"><span class="diff-add"><span>5188</span></span></a>. Editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/369"><span class="diff-add"><span>369</span></span></a>.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071024</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">TIB</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Implemented the resolution for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5187"><span class="diff-add"><span>5187</span></span></a>. Editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/368"><span class="diff-add"><span>368</span></span></a>.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">DBO</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Implemented the resolution for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5226"><span class="diff-add"><span>5226</span></span></a>. Editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/377"><span class="diff-add"><span>377</span></span></a>.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">DBO</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Implemented the resolution for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5219"><span class="diff-add"><span>5219</span></span></a>. Editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/378"><span class="diff-add"><span>378</span></span></a>.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">ASV</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Applied missed changes (re <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5219"><span class="diff-add"><span>5219</span></span></a> and
+ editors' action <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/378"><span class="diff-add"><span>378</span></span></a>) to
+ <a href="#policy-retrieval"><b>3.6 Policy Retrieval</b></a>. s/(local or remote) or catalog/(local or remote), registry, or catalog/ and
+ s/Policy tools may use any/Policy tools or policy-aware clients may use any/.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">ASV</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Applied missed changes (re <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5187"><span class="diff-add"><span>5187</span></span></a> and
+ editors' action <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/368"><span class="diff-add"><span>368</span></span></a>) to
+ <a href="#xml-namespaces"><b>B. XML Namespaces</b></a> and <a href="#references"><b>C. References</b></a>. Fixed C14N 1.0 Note, SOAP 1.2, Web Services
+ Atomic Transaction, Web Services Business Activity Framework, Web Services Reliable Messaging Policy Assertion,
+ WS-SecurityPolicy and WS-Trust references.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">ASV</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Fixed … in <a href="#Referencing_Policy_Expressions"><b>2.10 Referencing Policy Expressions</b></a> (re <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5219"><span class="diff-add"><span>5219</span></span></a> and
+ editors' action <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/378"><span class="diff-add"><span>378</span></span></a>).
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">ASV</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Updated <a href="#change-description"><b>E. Changes in this Version of the Document</b></a>.
</td></div></tr></div></tbody></table><br></div></div></body></html>
\ No newline at end of file
Index: ws-policy-primer-diff20070928.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-primer-diff20070928.xml,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- ws-policy-primer-diff20070928.xml 22 Oct 2007 04:24:33 -0000 1.1
+++ ws-policy-primer-diff20070928.xml 27 Oct 2007 01:42:46 -0000 1.2
@@ -407,13 +407,35 @@
</Policy></eg></example><p>The <code>Name</code> attribute is an alternate mechanism to identify a policy
expression. The value of the <code>Name</code> attribute is an absolute IRI and is
independent of the location of the XML document where the identified policy expression
- resides in. As such, referencing a policy expression using the <code>Name</code> attribute
- relies on additional out of band information. In the example below, the <code>Name</code>
+ resides in. As such, referencing a policy expression using the Name attribute relies on
+ additional out of band <phrase diff="add">information and is outside the scope of the Web Services Policy
+ Framework and Attachment (See </phrase><specref diff="add" ref="policy-retrieval"/><phrase diff="add">).</phrase><phrase diff="del">information. </phrase>In the example below, the <code>Name</code>
attribute identifies the policy expression. The IRI of this policy expression is
<code>http://x.example.com/policy/common</code>.</p><example><head>Common Policy Expression</head><eg xml:space="preserve"><Policy Name=”http://x.example.com/policy/common”>
<mtom:OptimizedMimeSerialization wsp:Optional="true"/>
<wsam:Addressing>…</wsam:Addressing>
-</Policy></eg></example><p>The example below is a policy expression that re-uses the common policy expression above.</p><example><head>PolicyReference to Common Policy Expression</head><eg xml:space="preserve"><PolicyReference URI="http://x.example.com/policy/common"/></eg></example><p>As policy expressions are composed from other policy expressions and
+</Policy></eg></example><p>The example below is a policy expression that re-uses the common policy expression above.</p><example><head>PolicyReference to Common Policy Expression</head><eg xml:space="preserve"><PolicyReference URI="http://x.example.com/policy/common"/></eg></example><p diff="add">
+ <phrase diff="add">The following example shows a policy expression identified using a UDDI key, which may refer to a tModel that references the reusable policy expression as described in section 6.3 of </phrase><bibref ref="WS-PolicyAttachment"/><phrase diff="add">. </phrase></p><example diff="add"><head><phrase diff="add">PolicyReference to Reusable Policy Expression in UDDI</phrase></head><eg xml:space="preserve"><PolicyReference URI="uddi:3bed4710-1f46-11dc-899e-391cf3b1899c"/>
+</eg></example><p diff="add"><phrase diff="add">The reusable policy expression could be registered in UDDI using a tModel as shown below</phrase></p><example diff="add"><head><phrase diff="add">UDDI tModel for a Reusable Policy Expression</phrase></head><eg xml:space="preserve"><tModel tModelKey="uddi:3bed4710-1f46-11dc-899e-391cf3b1899c">
+ <name>…</name>
+ <description xml:lang="EN">
+Policy Expression for example's Web services
+ </description>
+ <overviewDoc>
+ <description xml:lang="EN">Web Services Policy Expression</description>
+ <overviewURL>http://repository.example.com/policy/common</overviewURL>
+ </overviewDoc>
+ <categoryBag>
+ <keyedReference
+ keyName="Reusable policy Expression"
+ keyValue="policy"
+ tModelKey="uddi:w3.org:ws-policy:v1.5:attachment:policytypes" />
+ <keyedReference
+ keyName="Policy Expression for example's Web services"
+ keyValue="http://x.example.com/policy/common"
+ tModelKey="uddi:w3.org:ws-policy:v1.5:attachment:remotepolicyreference" />
+ </categoryBag>
+</tModel></eg></example><p>As policy expressions are composed from other policy expressions and
assertions from different domains are used in a policy expression,
complex expressions will emerge. Naming parts of complex expressions for
reuse and building more complex policies through referencing enables
@@ -738,7 +760,7 @@
requester may use either a "lax" or "strict" mode of the intersection algorithm.
</p><p>
In the strict intersection mode two policy alternatives are compatible when each assertion in one is compatible with an
- assertion in the other, and vice <phrase diff="add">versa (See section 4.5, Web Services Policy 1.5 - Framework).</phrase><phrase diff="del">versa. </phrase>For this to be possible they must <phrase diff="chg">contain </phrase>the same policy <phrase diff="chg">assertion types.
+ assertion in the other, and vice <phrase diff="add">versa (See</phrase><phrase diff="del">versa. </phrase><phrase diff="add">section 4.5, Web Services Policy 1.5 - Framework). </phrase>For this to be possible they must <phrase diff="chg">contain </phrase>the same policy <phrase diff="chg">assertion types.
</phrase>The strict intersection mode is the mode of intersection discussed in the previous sections of this document.
</p><p>
When using the strict intersection mode <phrase diff="add">compatibility is computed for </phrase>all assertions <phrase diff="add">that </phrase>are part of the policy <phrase diff="add">alternative,</phrase><phrase diff="del">alternative vocabulary,
@@ -815,7 +837,7 @@
are:</p><ulist><item><p>Do nothing. A policy expression with the referenced IRI is already known to be
available in a local cache or chip (embedded systems).</p></item><item><p>Use the referenced IRI and retrieve an existing policy expression from the containing
XML document: a policy element with an XML ID.</p></item><item><p>Use the referenced IRI and retrieve a policy expression from some policy repository
- (local or remote) or catalog. Policy tools may use any protocols (say Web Services
+ (local or <phrase diff="chg">remote), </phrase><phrase diff="add">registry </phrase>or catalog. Policy tools <phrase diff="add">or policy-aware clients </phrase>may use any protocols (say <phrase diff="add">UDDI or </phrase>Web Services
Metadata Exchange) for such metadata retrieval. These protocols may require additional
out of band information.</p></item><item><p>Attempt to resolve the referenced IRI on the Web. This may resolve to a policy
element or a resource that contains a policy element.</p></item></ulist><p>If the referenced policy expression is in the same XML document as the reference, then
@@ -1070,16 +1092,14 @@
</wsp:ExactlyOne>
</wsp:Policy></eg></example><p>Because the wsp16:Choice alternative isn't understood in either normalized form, it will not be chosen as one of the alternatives and will effectively be ignored. Policy intersection may be more difficult with such compatible extensions. For example, the previous will "look"
like it has a wsp16:Choice typed assertion. To determine intersection with a Policy that does not have the wsp16:Choice type assertion, domain specific processing would have to be done. However, there is an alternative that does not have the wsp16:Choice, so intersection would yield the expected result.
- </p><p>Note: it is possible to add new names to the existing namespace, such as: </p><example><head>Policy containing 1.5 and 1.6 Policies all in the 1.5 namespace</head><eg xml:space="preserve"><wsp:Policy>
- <wsp:ExactlyOne>
- <wsp:Choice wsp:minOccurs="1" wsp:maxOccurs="2">
- ...
- </wsp:Choice>
- <wsp:All>
- ...
- </wsp:All>
- </wsp:ExactlyOne>
-</wsp:Policy></eg></example><p>Notice that using a new namespace can result in backwards and forwards compatibility if normalization results in an optional alternative. </p><p>Best practice: insert new elements in an optional alternative or mark with wsp:Optional="true". </p><p>Incompatible versions of the Policy language may be indicated by a new namespace name for at least the new and/or incompatible elements or attributes. Imagine that the Choice operator is required by a future version of Policy, then there will be a new namespace for the Policy element. We use the wsp20 prefix to indicate a hypothetical Policy Language 2.0 that is intended to be incompatible with Policy Language
+ </p><p diff="del">Note: it is possible to add new names to the existing namespace, such as:
+ Policy containing 1.5 and 1.6 Policies all in the 1.5 namespace
+
+
+
+ Notice that using a new namespace can result in backwards and forwards compatibility if normalization results in an optional alternative.
+
+ </p><p>Best practice: insert new elements in an optional alternative or mark with wsp:Optional="true". </p><p>Incompatible versions of the Policy language may be indicated by a new namespace name for at least the new and/or incompatible elements or attributes. Imagine that the Choice operator is required by a future version of Policy, then there will be a new namespace for the Policy element. We use the wsp20 prefix to indicate a hypothetical Policy Language 2.0 that is intended to be incompatible with Policy Language
1.5:</p><example><head>Policy containing 2.0 only Policies.</head><eg xml:space="preserve"><wsp20:Policy>
<wsp20:ExactlyOne>
<wsp20:Choice wsp:minOccurs="1" wsp:maxOccurs="2">
@@ -1101,7 +1121,7 @@
...
</wsp:ExactlyOne>
</wsp20:Policy> </eg></example><p>It is difficult to predict whether this functionality would be useful. The future version of WS-Policy doesn't appear to be precluded from doing this.</p></div2><div2 id="versioning-policy-attachment"><head>Policy Attachment</head><p>Policy attachment provides WSDL 1.1 and UDDI attachment points. It appears that exchange of Policy will be in the context of WSDL or UDDI.
- WRT WSDL, the policy model is an extension of the WSDL definition. As such, it is likely that future versions of Policy will be exchanged as multiple Policy expressions within a WSDL. One alternative is that there would be a separate WSDL for each version of Policy. The problem of how to specify and query for compound documents is very difficult, so it is more likely that each version of Policy will be exchanged within a WSDL. </p><p>We show an example of a new version of policy that allows QName reference to Policies in the PolicyReference:</p><example><head>WSDL containing 1.5 and 2.0 (compatible with 2.0) Policy References.</head><eg xml:space="preserve"><wsdl11:binding name="StockQuoteSoapBinding" type="fab:Quote" >
+ WRT WSDL, the policy model is an extension of the WSDL definition. As such, it is likely that future versions of Policy will be exchanged as multiple Policy expressions within a WSDL. One alternative is that there would be a separate WSDL for each version of Policy. The problem of how to specify and query for compound documents is very difficult, so it is more likely that each version of Policy will be exchanged within a WSDL. </p><p>We show an example of a new version of policy that allows QName reference to Policies in the PolicyReference:</p><example><head>WSDL containing 1.5 and <phrase diff="chg">1.6 </phrase>(compatible with <phrase diff="chg">1.5) </phrase>Policy References.</head><eg xml:space="preserve"><wsdl11:binding name="StockQuoteSoapBinding" type="fab:Quote" >
<wsoap12:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http" />
<wsp:Policy>
@@ -1113,16 +1133,16 @@
wsdl11:required="true" />
</wsp:All>
<wsp:All>
- <wsp:PolicyReferenceByQName ref="rmp:RMAssertion"
+ <wsp16:PolicyReferenceByQName ref="rmp:RMAssertion"
wsdl11:required="true" />
- <wsp:PolicyReferenceByQName ref="sp:AsymmetricBinding"
+ <wsp16:PolicyReferenceByQName ref="sp:AsymmetricBinding"
wsdl11:required="true" />
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl11:operation name="GetLastTradePrice" > ....
...</eg></example><p>The PolicyReference element is element or attribute extensible.
- One example of an addition is a list of backup URIs for the PolicyReference:</p><example><head>WSDL containing 1.5 and 2.0 (compatible with 2.0) Policy References.</head><eg xml:space="preserve"><wsdl11:binding name="StockQuoteSoapBinding" type="fab:Quote" >
+ One example of an addition is a list of backup URIs for the PolicyReference:</p><example><head>WSDL containing 1.5 and <phrase diff="chg">1.6 </phrase>(compatible with <phrase diff="chg">1.5) </phrase>Policy References.</head><eg xml:space="preserve"><wsdl11:binding name="StockQuoteSoapBinding" type="fab:Quote" >
<wsoap12:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http" />
<wsp:Policy>
@@ -1178,16 +1198,16 @@
</td><td colspan="1" rowspan="1">[<bibref ref="WS-Security2004"/>]</td></tr><tr><td colspan="1" rowspan="1">
<code>wst</code>
</td><td colspan="1" rowspan="1">
- <code>http://schemas.xmlsoap.org/ws/2005/02/trust</code>
+ <code><phrase diff="chg">http://docs.oasis-open.org/ws-sx/ws-trust/200512</phrase></code>
</td><td colspan="1" rowspan="1">[<bibref ref="WS-Trust"/>]</td></tr><tr><td colspan="1" rowspan="1">
<code>wsu</code>
</td><td colspan="1" rowspan="1">
<code>http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</code>
- </td><td colspan="1" rowspan="1">[<bibref ref="WS-Security2004"/>]</td></tr></tbody></table></div1><div1 id="references"><head>References</head><blist><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2006/04/c14n-note/c14n-note.html" id="C14NNOTE" key="C14N 1.0 Note" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ </td><td colspan="1" rowspan="1">[<bibref ref="WS-Security2004"/>]</td></tr></tbody></table></div1><div1 id="references"><head>References</head><blist><bibl xmlns:xlink="http://www.w3.org/1999/xlink" diff="chg" href="http://www.w3.org/TR/2006/NOTE-C14N-issues-20061220/" id="C14NNOTE" key="C14N 1.0 Note" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Known Issues with Canonical XML 1.0 (C14N/1.0)</titleref>,
J. Kahan and K. Lanz, Editors. World Wide Web
- Consortium, 17 August 2006.
- Available at http://www.w3.org/2006/04/c14n-note/c14n-note.html.> </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2005/REC-soap12-mtom-20050125/" id="MTOM" key="MTOM" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ Consortium, <phrase diff="chg">20 December </phrase>2006.
+ Available at <phrase diff="chg">http:/www.w3.org/TR/2006/NOTE-C14N-issues-20061220/>. </phrase></bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2005/REC-soap12-mtom-20050125/" id="MTOM" key="MTOM" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">SOAP Message Transmission Optimization Mechanism</titleref>, M. Gudgin, N.
Mendelsohn, M. Nottingham and H. Ruellan, Editors. World Wide Web Consortium, 25 January
2005. This version of the SOAP Message Transmission Optimization Mechanism Recommendation
@@ -1200,12 +1220,15 @@
</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2000/NOTE-SOAP-20000508/" id="SOAP11" key="SOAP 1.1" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Simple Object Access Protocol (SOAP) 1.1</titleref>, D. Box, et al, Editors.
World Wide Web Consortium, 8 May 2000. Available at
- http://www.w3.org/TR/2000/NOTE-SOAP-20000508/. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2003/REC-soap12-part1-20030624/" id="SOAP12" key="SOAP 1.2 Messaging Framework" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
- <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">SOAP Version 1.2 Part 1: Messaging Framework</titleref>, M. Gudgin, M. Hadley,
- N. Mendelsohn, J-J. Moreau, H. Frystyk Nielsen, Editors. World Wide Web Consortium, 24
- June 2003. This version of the SOAP Version 1.2 Part 1: Messaging Framework Recommendation
- is http://www.w3.org/TR/2003/REC-soap12-part1-20030624/. The <loc href="http://www.w3.org/TR/soap12-part1/" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">latest version of SOAP Version 1.2 Part 1:
- Messaging Framework</loc> is available at http://www.w3.org/TR/soap12-part1/. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2007/xmlsec" id="SecSpecMaintWG" key="SecSpecMaintWG" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ http://www.w3.org/TR/2000/NOTE-SOAP-20000508/. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" diff="chg" href="http://www.w3.org/TR/2007/REC-soap12-part1-20070427/" id="SOAP12" key="SOAP 1.2 Messaging Framework (Second Edition)" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">SOAP Version 1.2 Part 1: Messaging Framework <phrase diff="add">(Second Edition)</phrase></titleref>, M. Gudgin, M. Hadley,
+ N. Mendelsohn, J-J. Moreau, H. Frystyk Nielsen, <phrase diff="add">A. Karmarkar, and Y. Lafon,</phrase>Editors.
+ World Wide Web Consortium, <phrase diff="add">27</phrase><phrase diff="del">24
+ June </phrase><phrase diff="chg">April </phrase><phrase diff="add">2007.
+ </phrase>This version of the SOAP Version 1.2 Part 1: Messaging Framework Recommendation
+ is <phrase diff="chg">http://www.w3.org/TR/2007/REC-soap12-part1-20070427/. </phrase>The <loc href="http://www.w3.org/TR/soap12-part1/" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">latest
+ version of SOAP Version
+ 1.2 Part 1: Messaging Framework</loc> is available at http://www.w3.org/TR/soap12-part1/.</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2007/xmlsec" id="SecSpecMaintWG" key="SecSpecMaintWG" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">XML Security Specifications Maintenance Working Group </titleref>,
See http://www.w3.org/2007/xmlsec.</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2006/REC-ws-addr-core-20060509/" id="WS-Addressing" key="WS-Addressing Core" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Addressing 1.0 - Core</titleref>, M. Gudgin, M. Hadley, and T.
@@ -1217,15 +1240,23 @@
Rogers and Ü. Yalçinalp, Editors. World Wide Web Consortium, 4 September 2007. This version of
the Web Services Addressing 1.0 - Metadata W3C Recommendation is
http://www.w3.org/TR/2007/REC-ws-addr-metadata-20070904/. The <loc href="http://www.w3.org/TR/ws-addr-metadata" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">latest version of Web Services Addressing 1.0 -
- Metadata</loc> is available at http://www.w3.org/TR/ws-addr-metadata. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://schemas.xmlsoap.org/ws/2004/10/wsat/" id="WS-Atomic" key="Web Services Atomic Transaction" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
- <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Atomic Transaction</titleref>, L. P. Cabrera, et al, Authors.
- Arjuna Technologies, Inc., BEA Systems, Inc., Hitachi Software, Inc., IONA Technologies, Inc.,
- International Business Machines Corporation, and Microsoft Corporation,
- February 2005. Available at http://schemas.xmlsoap.org/ws/2004/10/wsat/.</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://schemas.xmlsoap.org/ws/2004/10/wsba/" id="WS-BA" key="Web Services Business Activity Framework" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
- <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Business Activity Framework</titleref>, L. P. Cabrera, et al, Authors.
- Arjuna Technologies, Inc., BEA Systems, Inc., Hitachi Software, Inc., IONA Technologies, Inc.,
- International Business Machines Corporation, and Microsoft Corporation,
- February 2005. Available at http://schemas.xmlsoap.org/ws/2004/10/wsba/.</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://schemas.xmlsoap.org/ws/2006/02/devprof/" id="WS-Device" key="Devices Profile for Web Services" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ Metadata</loc> is available at http://www.w3.org/TR/ws-addr-metadata. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" diff="chg" href="http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html" id="WS-Atomic" key="Web Services Atomic Transaction" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Atomic Transaction<phrase diff="del">, </phrase><phrase diff="chg">(WS-AtomicTransaction) Version </phrase><phrase diff="add">1.1</phrase></titleref><phrase diff="add">,</phrase><phrase diff="del">Cabrera, </phrase><phrase diff="chg">M. Little, </phrase><phrase diff="add">A.</phrase><phrase diff="del">Authors.
+ Arjuna </phrase><phrase diff="chg">Wilkinson, </phrase><phrase diff="add">Editors. Organization</phrase><phrase diff="del">Inc., </phrase><phrase diff="chg">for the Advancement of </phrase><phrase diff="add">Structured
+ Information</phrase><phrase diff="del">Software, </phrase><phrase diff="chg">Standards, OASIS Standard, </phrase><phrase diff="add">16</phrase><phrase diff="del">Inc.,
+ International </phrase><phrase diff="chg">April 2007. This version available </phrase><phrase diff="add">at
+ http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html.
+ Namespace</phrase><phrase diff="del">Corporation,
+ February </phrase><phrase diff="chg">document </phrase><phrase diff="add">is available</phrase><phrase diff="del">Available </phrase>at <loc diff="add" href="http://docs.oasis-open.org/ws-tx/wsat/2006/06" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">http://docs.oasis-open.org/ws-tx/wsat/2006/06</phrase></loc><phrase diff="add">.</phrase></bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" diff="add" href="http://docs.oasis-open.org/ws-tx/wstx-wsba-1.1-spec-os/wstx-wsba-1.1-spec-os.html" id="WS-BA" key="Web Services Business Activity Framework" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="del">http://schemas.xmlsoap.org/ws/2004/10/wsat/.
+
+ </phrase><titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Business Activity <phrase diff="add">(WS-BusinessActivity)</phrase><phrase diff="del">Framework, </phrase><phrase diff="chg">Version </phrase><phrase diff="add">1.1</phrase></titleref><phrase diff="add">,</phrase><phrase diff="del">P. </phrase><phrase diff="chg">T. Freund, M. Little,
+ Editors. Organization for the Advancement of Structured Information Standards, </phrase><phrase diff="add">OASIS
+ Standard,</phrase><phrase diff="del">IONA </phrase><phrase diff="chg">16 </phrase><phrase diff="add">April</phrase><phrase diff="del">Inc.,
+ International </phrase><phrase diff="chg">2007. This version available </phrase><phrase diff="add">at
+ http://docs.oasis-open.org/ws-tx/wstx-wsba-1.1-spec-os/wstx-wsba-1.1-spec-os.html.
+ Namespace</phrase><phrase diff="del">Microsoft </phrase><phrase diff="add">document</phrase><phrase diff="del">Corporation,
+ February </phrase><phrase diff="chg">is available </phrase>at <loc href="http://docs.oasis-open.org/ws-tx/wsba/2006/06" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"/><phrase diff="add">.</phrase></bibl><phrase diff="del">http://schemas.xmlsoap.org/ws/2004/10/wsba/.
+ </phrase><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://schemas.xmlsoap.org/ws/2006/02/devprof/" id="WS-Device" key="Devices Profile for Web Services" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Devices Profile for Web Services</titleref>, S. Chan, et al, Authors.
Intel Corporation, Lexmark, Inc., Microsoft Corporation, and Richo Software, Inc.,
February 2006. Available at http://schemas.xmlsoap.org/ws/2006/02/devprof/.</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://schemas.xmlsoap.org/ws/2004/09/mex/" id="WS-MetadataExchange" key="WS-MetadataExchange" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
@@ -1243,12 +1274,13 @@
Web Services Policy 1.5 - Attachment</loc> is available at
http://www.w3.org/TR/ws-policy-attach/. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://docs.oasis-open.org/ws-rx/wsrmp/200702/wsrmp-1.1-spec-os-01.pdf" id="WS-RM-Policy" key="Web Services Reliable Messaging Policy Assertion" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Reliable Messaging Policy Assertion
- (WS-RM Policy) Version 1.1</titleref>, D. David, A. Kamarkar, G. Pilz, and
+ (WS-RM Policy) Version 1.1</titleref>, D. <phrase diff="chg">Davis, </phrase>A. Kamarkar, G. Pilz, and
Ü. Yalçinalp, Editors.
Organization for the Advancement of Structured Information Standards,
OASIS Standard, 14 June 2007. This version available at
http://docs.oasis-open.org/ws-rx/wsrmp/200702/wsrmp-1.1-spec-os-01.pdf.
- </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2001/NOTE-wsdl-20010315" id="WSDL11" key="WSDL 1.1" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ <phrase diff="add">Namespace document is available at </phrase><loc diff="add" href="http://docs.oasis-open.org/ws-rx/wsrmp/200702" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">http://docs.oasis-open.org/ws-rx/wsrmp/200702</phrase></loc><phrase diff="add">.
+ </phrase></bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2001/NOTE-wsdl-20010315" id="WSDL11" key="WSDL 1.1" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Description Language (WSDL) 1.1</titleref>, E. Christensen, et al,
Authors. World Wide Web Consortium, March 2001. Available at
http://www.w3.org/TR/2001/NOTE-wsdl-20010315. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2007/REC-wsdl20-20070626/" id="WSDL20" key="WSDL 2.0 Core Language" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
@@ -1260,17 +1292,24 @@
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Security: SOAP Message Security 1.0</titleref>, A. Nadalin, C.
Kaler, P. Hallam-Baker and R. Monzillo, Editors. Organization for the Advancement of
Structured Information Standards, March 2004. Available at
- http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" id="WS-SecurityPolicy" key="WS-SecurityPolicy" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
- <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">WS-SecurityPolicy v1.0</titleref>, A. Nadalin, M. Gudgin, A. Barbir, and H.
+ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" diff="chg" href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf" id="WS-SecurityPolicy" key="WS-SecurityPolicy" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">WS-SecurityPolicy <phrase diff="chg">v1.2</phrase></titleref>, A. Nadalin, M. <phrase diff="add">Goodner, M. </phrase>Gudgin, A. Barbir, and H.
Granqvist, Editors. Organization for the Advancement of Structured Information Standards,
- 8 December 2005. Available at
- http://www.oasis-open.org/committees/download.php/15979/oasis-wssx-ws-securitypolicy-1.0.pdf. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://schemas.xmlsoap.org/ws/2005/02/trust" id="WS-Trust" key="WS-Trust" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
- <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Trust Language (WS-Trust)</titleref>, S. Anderson, et al, Authors.
- Actional Corporation, BEA Systems, Inc., Computer Associates International, Inc.,
- International Business Machines Corporation, Layer 7 Technologies, Microsoft Corporation,
- Oblix Inc., OpenNetwork Technologies Inc., Ping Identity Corporation, Reactivity Inc., RSA
- Security Inc., and VeriSign Inc., February 2005. Available at
- http://schemas.xmlsoap.org/ws/2005/02/trust. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2005/REC-xml-id-20050909/" id="XMLID" key="XML ID" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ <phrase diff="chg">1 July 2007. </phrase>Available at
+ <phrase diff="add">http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf.
+ Namespace document is available</phrase><phrase diff="del">http://www.oasis-open.org/committees/download.php/15979/oasis-wssx-ws-securitypolicy-1.0.pdf. </phrase><phrase diff="add">at
+ </phrase><loc diff="add" href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702</phrase></loc><phrase diff="add">.</phrase></bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" diff="chg" href="http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf" id="WS-Trust" key="WS-Trust" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services <phrase diff="add">Atomic</phrase><phrase diff="del">Trust Language (WS-Trust), S. Anderson, et al, Authors.
+ Actional Corporation, BEA Systems, Inc., Computer Associates International, </phrase><phrase diff="add">Transaction</phrase><phrase diff="del">Inc.,
+ International </phrase><phrase diff="chg">(WS-AtomicTransaction) Version </phrase><phrase diff="add">1.1</phrase></titleref><phrase diff="add">,</phrase><phrase diff="del">Corporation, </phrase><phrase diff="chg">M. Little, A. </phrase><phrase diff="add">Wilkinson,
+ Editors. Organization</phrase><phrase diff="del">Microsoft </phrase><phrase diff="add">for</phrase><phrase diff="del">Corporation,
+ Oblix </phrase><phrase diff="chg">the Advancement of Structured Information Standards, OASIS </phrase><phrase diff="add">Standard,
+ 16</phrase><phrase diff="del">Reactivity </phrase><phrase diff="chg">April </phrase><phrase diff="add">2007.</phrase><phrase diff="del">RSA
+ Security </phrase><phrase diff="chg">This version available </phrase><phrase diff="add">at
+ http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html.
+ Namespace</phrase><phrase diff="del">Inc., </phrase><phrase diff="chg">document is available </phrase>at
+ <phrase diff="del">http://schemas.xmlsoap.org/ws/2005/02/trust. </phrase><loc diff="add" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">http://docs.oasis-open.org/ws-tx/wsat/2006/06</phrase></loc>.
+ </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2005/REC-xml-id-20050909/" id="XMLID" key="XML ID" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">xml:id Version 1.0</titleref>,
J. Marsh, D. Veillard and N. Walsh, Editors. World Wide Web Consortium,
9 September 2005. This version of
@@ -1303,7 +1342,8 @@
The people who have contributed to <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://lists.w3.org/Archives/Public/public-ws-policy/" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">discussions
on public-ws-policy@w3.org</loc> are also gratefully
acknowledged.
- </p></inform-div1><inform-div1 id="change-description"><head>Changes in this Version of the Document</head><p>A list of editorial changes since the Working Draft dated 10 August, 2007 is below:</p><ulist><item><p>Added another example to <specref ref="compatible-policies"/>.</p></item><item><p>Dropped the editorial note in <specref ref="versioning-policy-language"/>.</p></item><item><p>Updated references: [<bibref ref="WS-AddressingMetadata"/>], [<bibref ref="WS-Policy"/>] and [<bibref ref="WS-PolicyAttachment"/>].</p></item></ulist></inform-div1><inform-div1 id="change-log"><head>Web Services Policy 1.5 - Primer Change Log</head><table border="1" id="ws-policy-primer-changelog-table"><tbody><tr><th colspan="1" rowspan="1">Date</th><th colspan="1" rowspan="1">Author</th><th colspan="1" rowspan="1">Description</th></tr><!-- template
+ </p></inform-div1><inform-div1 id="change-description"><head>Changes in this Version of the Document</head><p>A list of editorial changes since the Working Draft dated <phrase diff="chg">28 September, </phrase>2007 is below:</p><ulist><item><p>Added <phrase diff="add">a UDDI</phrase><phrase diff="del">another </phrase>example to <specref diff="chg" ref="Referencing_Policy_Expressions"/>.</p></item><item><p>Dropped the <phrase diff="chg">terms policy vocabulary </phrase><phrase diff="add">and policy alternative vocabulary.</phrase><phrase diff="del">.</phrase></p></item><item><p><phrase diff="chg">Dropped an </phrase><phrase diff="add">incorrect</phrase><phrase diff="del">[], </phrase><phrase diff="add">wsp:Choice example</phrase><phrase diff="del">[] </phrase>and <phrase diff="add">changed wsp to wsp16 prefix
+ in </phrase><specref diff="add" ref="versioning-policy-language"/><phrase diff="add">.</phrase></p></item><item diff="add"><p><phrase diff="add">Updated </phrase><specref ref="references"/><phrase diff="add">.</phrase><phrase diff="del">[].</phrase></p></item></ulist></inform-div1><inform-div1 id="change-log"><head>Web Services Policy 1.5 - Primer Change Log</head><table border="1" id="ws-policy-primer-changelog-table"><tbody><tr><th colspan="1" rowspan="1">Date</th><th colspan="1" rowspan="1">Author</th><th colspan="1" rowspan="1">Description</th></tr><!-- template
<tr>
<td>200505</td>
<td></td>
@@ -1476,4 +1516,28 @@
</td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071017</td><td colspan="1" diff="add" rowspan="1">FJH</td><td colspan="1" diff="add" rowspan="1">Implemented the resolution for issue
<loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5204" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5204</phrase></loc>. Editors' action
<loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/370" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">370</phrase></loc>.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071023</td><td colspan="1" diff="add" rowspan="1">DBO</td><td colspan="1" diff="add" rowspan="1">Implemented the resolution for issue
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5188" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5188</phrase></loc>. Editors' action
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/369" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">369</phrase></loc>.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071024</td><td colspan="1" diff="add" rowspan="1">TIB</td><td colspan="1" diff="add" rowspan="1">Implemented the resolution for issue
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5187" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5187</phrase></loc>. Editors' action
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/368" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">368</phrase></loc>.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">DBO</td><td colspan="1" diff="add" rowspan="1">Implemented the resolution for issue
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5226" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5226</phrase></loc>. Editors' action
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/377" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">377</phrase></loc>.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">DBO</td><td colspan="1" diff="add" rowspan="1">Implemented the resolution for issue
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5219" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5219</phrase></loc>. Editors' action
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/378" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">378</phrase></loc>.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">ASV</td><td colspan="1" diff="add" rowspan="1">Applied missed changes (re <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5219" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5219</phrase></loc> and
+ editors' action <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/378" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">378</phrase></loc>) to
+ <specref ref="policy-retrieval"/>. s/(local or remote) or catalog/(local or remote), registry, or catalog/ and
+ s/Policy tools may use any/Policy tools or policy-aware clients may use any/.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">ASV</td><td colspan="1" diff="add" rowspan="1">Applied missed changes (re <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5187" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5187</phrase></loc> and
+ editors' action <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/368" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">368</phrase></loc>) to
+ <specref ref="xml-namespaces"/> and <specref ref="references"/>. Fixed C14N 1.0 Note, SOAP 1.2, Web Services
+ Atomic Transaction, Web Services Business Activity Framework, Web Services Reliable Messaging Policy Assertion,
+ WS-SecurityPolicy and WS-Trust references.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">ASV</td><td colspan="1" diff="add" rowspan="1">Fixed … in <specref ref="Referencing_Policy_Expressions"/> (re <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5219" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5219</phrase></loc> and
+ editors' action <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/378" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">378</phrase></loc>).
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">ASV</td><td colspan="1" diff="add" rowspan="1">Updated <specref ref="change-description"/>.
</td></tr></tbody></table></inform-div1></back></spec>
\ No newline at end of file
Index: ws-policy-guidelines-diff20070928.html
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-guidelines-diff20070928.html,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- ws-policy-guidelines-diff20070928.html 24 Oct 2007 14:51:59 -0000 1.2
+++ ws-policy-guidelines-diff20070928.html 27 Oct 2007 01:42:46 -0000 1.3
@@ -141,24 +141,24 @@
5.3.2 <a href="#QName_and_XML_Information_Set_representation">QName and XML Information Set representation</a><br>
5.3.3 <a href="#self-describing"> Self Describing Messages </a><br>
5.3.4 <a href="#single-domains">Single Domains</a><br>
+ 5.3.5 <a href="#order-of-behaviors">Order of Behaviors</a><br>
5.4 <a href="#comparison">Comparison of Nested and Parameterized Assertions</a><br>
5.4.1 <a href="#parameterized-assertions">Assertions with Parameters</a><br>
5.4.2 <a href="#nested-assertions">Nested Assertions</a><br>
5.5 <a href="#Ignorable">Designating Ignorable Behavior</a><br>
- 5.5.1 <a href="#d4e879">Ignorable behavior in authoring</a><br>
- 5.5.2 <a href="#d4e892">Ignorable behavior at runtime</a><br>
+ 5.5.1 <a href="#d4e946">Ignorable behavior in authoring</a><br>
+ 5.5.2 <a href="#d4e959">Ignorable behavior at runtime</a><br>
5.6 <a href="#optional-policy-assertion">Designating Optional Behaviors</a><br>
- 5.6.1 <a href="#d4e907">Optional behavior at runtime</a><br>
+ 5.6.1 <a href="#d4e974">Optional behavior at runtime</a><br>
5.7 <a href="#levels-of-abstraction">Considerations for Policy Attachment</a><br>
- 5.7.1 <a href="#general-attachment-guidelines">General Guidelines</a><br>
+ 5.7.1 <a href="#general-attachment-guidelines">Generalimportant Guidelines</a><br>
5.7.2 <a href="#wsdl-attachment-guidelines">Considerations for Policy Attachment in WSDL</a><br>
5.7.3 <a href="#UDDI-attachment-guidelines">Considerations for Policy Attachment in UDDI</a><br>
5.8 <a href="#interrelated-domains">Interrelated domains</a><br>
6. <a href="#versioning-policy-assertions">Versioning Policy Assertions</a><br>
6.1 <a href="#Referencing_Policy_Expressions">Referencing Policy Expressions</a><br>
6.2 <a href="#extending-assertions"> Evolution of Assertions (Versioning and Compatibility)</a><br>
- 6.3 <a href="#supporting-new-policy-subjects">Supporting New Policy Subjects (see Section
- 6.3 Supporting New Policy Subjects)</a><br>
+ 6.3 <a href="#supporting-new-policy-subjects">Supporting New Policy Subjects</a><br>
</p>
<h3><a name="appendices" id="appendices"></a>Appendices</h3><p class="toc">A. <a href="#security-considerations">Security Considerations</a><br>
B. <a href="#xml-namespaces">XML Namespaces</a><br>
@@ -191,17 +191,28 @@
non-normative guidelines for WS-Policy Assertion Authors who
need to know the features of the language and understand the
requirements for describing policy assertions. Some of the
- guidance for WS-Policy Assertion Authors can also be helpful
- for:
+ guidance
+ for WS-Policy Assertion Authors can also be helpful
+ <span class="diff-del"><span>for:
- </p><ul><li><p>WS-Policy expression authors who need to understand
+
+
+
+ WS-Policy expression authors who need to understand
the syntax of the language and understand how to build consistent
policy expressions
- </p></li><li><p>Consumers of policy expressions who need to understand
- the requirements contained in policy assertions
- </p></li><li><p>Providers of policy expressions who need to understand
- how to use the assertions authored by Assertion Authors
- </p></li></ul><p>This document assumes a basic understanding of XML,
+
+
+
+ Consumers of </span></span><span class="diff-chg"><span>for those </span></span>who <span class="diff-add"><span>use
+ </span></span><span class="diff-del"><span>need to understand
+ </span></span>the <span class="diff-del"><span>requirements contained in policy assertions
+
+
+
+ Providers of </span></span>policy <span class="diff-del"><span>expressions who need to understand
+ how to use the </span></span>assertions <span class="diff-chg"><span>created </span></span>by Assertion <span class="diff-chg"><span>Authors.
+ </span></span></p><p>This document assumes a basic understanding of XML,
Namespaces in XML, WSDL, SOAP and the Web Services Policy language.
</p><p>This is a non-normative document and does
not provide a definitive specification of the Web Services
@@ -216,8 +227,9 @@
<h2><a name="best-practices-list" id="best-practices-list"></a>2. List of Best Practice Statements</h2><p>The following Best Practices appear in this document with discussion and examples, and are summarized here for quick reference:</p><ul><li><p><a href="#bp-compatibility-tests"><b>1. Define assertions relevant to compatibility tests</b></a></p></li><li><p><a href="#bp-ignorable-for-not-related-to-compatibility-tests"><b>2. Mark Ignorable Assertions not related to compatibility</b></a></p></li><li><p><a href="#bp-semantics-and-form"><b>3. Semantics Independent of the Form</b></a></p></li><li><p><a href="#bp-assertion-start"><b>4. Start with a Simple Assertion</b></a></p></li><li><p><a href="#bp-unique-qnames"><b>5. Use Unique QNames</b></a></p></li><li><p><a href="#XMLOutline"><b>6. Provide an XML definition</b></a></p></li><li><p><a href="#AssertionDefinitions"><b>7. Specify Semantics Clearly</b></a></p></li><li><p><a href="#DefineIgnorable"><b>8. Document Ignorable Behavior</b></a></p></li><li><p><a hrf="#ignorableAssertions"><b>9. Document Use of the Ignorable
Attribute in XML </b></a></p></li><li><p><a href="#bp-assertion-xml-allow-optional"><b>10. Assertion Authors should allow use of wsp:Optional</b></a></p></li><li><p><a href="#bp-not-necessary-to-understand-a-message"><b>11. Assertions should not describe message
semanticsonly</b></a></p></li><li><p><a href="#bp-assertion-duplication"><b>12. Avoid Duplication of Assertions</b></a></p></li><li><p><a href="#bp-assertion-parameters"><b>13. Use Parameters for Useful
- Information</b></a></p></li><li><p><a href="#bp-dependent-behaviors"><b>14. Use Nested Assertions for Dependent Behaviors</b></a></p></li><li><p><a href="#bp-declare-nested-assertions"><b>15. Enumerate Nested Assertions</b></a></p></li><li><p><a href="#bp-discourage-domain-specific-intersection"><b>16. Discourage Domain Specific Intersection</b></a></p></li><li><p><a href="#bp-limit-optional-assertions"><b>17. Limit use of Optional Assertions</b></a></p></li><li><p><a href="#bp-entire-mep-for-optional"><b>18. Consider entire message exchange pattern when specifying Assertions that may be optional</b></a></p></li><li><p><a href="#bp-indicate-optional-assertion-use"><b>19. Indicate use of an Optional Assertion</b></a></p></li><li><p><a href="#bp-assertion-semantics"><b>20. Semantics IndependentAssertions
- Assertion of Attachment Mechanisms</b></a></p></li><li><p><a href="#bp-semantics-multiple-same-type"><b>21. Describe Semantics of Multiple Assertions of Same Type</b></a></p></li><li><p><a href="#bp-leverage-defined-attachment-mechanisms"><b>22. Leverage Defined Attachment Mechanisms</b></a></p></li><li><p><a href="#bp-use-defined-policy-subjects"><b>23. Use Defined Policy Subjects</b></a></p></li><li><p><a href="#bp-identify-policy-subjects"><b>24. Identify Policy Subjects</b></a></p></li><li><p><a href="#bp-WSDL-policy-subject"><b>25. Specify WSDL Policy Subject(s)</b></a></p></li><li><p><a href="#bp-WSDL-consider-scope"><b>26. Consider Scope of Attachment Points</b></a></p></li><li><p><a href="#bp-WSDL-policy-subject-Granularity"><b>27. Choose the Most Granular WSDL Policy Subject</b></a></p></li><li><p><a href="#bp-WSDL-multiple-policy-subjects"><b>28. Define Rules for Attachment of an Assertion
+ Information</b></a></p></li><li><p><a href="#bp-dependent-behaviors"><b>14. Use Nested Assertions for Dependent Behaviors</b></a></p></li><li><p><a href="#bp-declare-nested-assertions"><b>15. Enumerate Nested Assertions</b></a></p></li><li><p><a href="#bp-discourage-domain-specific-intersection"><b>16. Discourage Domain Specific Intersection</b></a></p></li><li><p><a href="#bp-entire-mep-for-optional"><b>17. Consider entire message exchange pattern when specifying Assertions that representmay be optional behavior related
+ to a subset of that message exchange pattern when considering appropriate policy
+ subject attachment points </b></a></p></li><li><p><a href="#bp-limitoptional-assertion-use"><b>18. Limit use of an Optional Assertion</b></a></p></li><li><p><a href="#bp-indicate-optional-assertion-use"><b>19. Indicate use of an Optional Assertion</b></a></p></li><li><p><a href="#bp-assertion-semantics"><b>20. Semanticsalternatives. Independent of Attachment Mechanisms</b></a></p></li><li><p><a href="#bp-semantics-multiple-same-type"><b>21. Describe Semantics of Multiple Assertions of Same Type</b></a></p></li><li><p><a href="#bp-leverage-defined-attachment-mechanisms"><b>22. Leverage Defined Attachment Mechanisms</b></a></p></li><li><p><a href="#bp-use-defined-policy-subjects"><b>23. Use Defined Policy Subjects</b></a></p></li><li><p><a href="#bp-identify-policy-subjects"><b>24. Identify Policy Subjects</b></a></p></li><li><p><a href="#bp-WSDL-policy-subject"><b>25. Specify WSDL Policy Subject(s)</b></a></p></li><li><p><a href="#bp-WSDL-consider-scope"><b>26. Consider Scope of Attachment Points</b>/a></p></li><li><p><a href="#bp-WSDL-policy-subject-Granularity"><b>27. Choose the Most Granular WSDL Policy Subject</b></a></p></li><li><p><a href="#bp-WSDL-multiple-policy-subjects"><b>28. Define Rules for Attachment of an Assertion
type to Multiple WSDL policy subjects</b></a></p></li><li><p><a href="#bp-WSDL-preferred-attachment-point"><b>29. Specify Preferred WSDL Attachment Point</b></a></p></li><li><p><a href="#bp-UDDI-tmodels"><b>30. Use defined tModels when appropriate</b></a></p></li><li><p><a href="#bp-specify-composition"><b>31. Specify Composition with Related Assertions</b></a></p></li><li><p><a href="#bp-independent-assertions"><b>32. Independent Assertions for Different Versions of a
Behavior</b></a></p></li><li><p><a href="#bp-policy-subject-change"><b>33. Document changes to policy
subject</b></a></p></li></ul></div><div class="div1">
@@ -541,7 +553,7 @@
understand how policy expressions are used by a
framework implementation that has followed the specifications.
</p><p>The examples given in this document <span class="diff-add"><span>are
- based</span></span><span class="diff-del"><span>reference </span></span><span class="diff-chg"><span>on </span></span><span class="diff-add"><span>existing assertions such as</span></span><span class="diff-del"><span>like </span></span>WS-SecurityPolicy and WS-RM Policy.
+ based</span></span><span class="diff-del"><span>reference </span></span><span class="diff-chg"><span>on </span></span><span class="diff-add"><span>existing assertions such</span></span><span class="diff-del"><span>like </span></span><span class="diff-add"><span>as </span></span>WS-SecurityPolicy and WS-RM Policy.
These policy expressions represent web services message exchange requirements, but policy authoring can
be done by individual groups that wish to represent web services application requirements and
deployments that wish to reuse the WS-Policy framework in
@@ -726,7 +738,46 @@
</p><p>It is the responsibility of the Assertion Authors to avoid duplication of assertions.
A review by a broad community is the best way to ensure that the granularity of a set
of domain assertions is appropriate.</p><div class="boxedtext"><p><a name="bp-assertion-duplication" id="bp-assertion-duplication"></a><span class="practicelab">Best
-Practice 12: Avoid Duplication of Assertions</span></p><p class="practice">Assertion Authors should reuse an existing assertion (rather than create a new one) whenever possible.</p></div></div></div><div class="div2">
+Practice 12: Avoid Duplication of Assertions</span></p><p class="practice">Assertion Authors should reuse an existing assertion (rather than create a new one) whenever possible.</p></div></div><div class="diff-add"><div class="div3">
+<h4><a name="order-of-behaviors" id="order-of-behaviors"></a>5.3.5 <span class="diff-add"><span>Order of Behaviors</span></span></h4><p> <span class="diff-add"><span>A policy alternative is a collection of zero or more policy assertions.
+ Assertions within a policy alternative are not ordered.</span></span></p><p><span class="diff-add"><span>The order of assertions in a policy alternative and order in which behaviors
+ (indicated by assertions) are applied are two distinct concepts. The order of
+ assertions in a policy alternative has no bearing on the order in which behaviors are applied.</span></span></p><p><span class="diff-add"><span>Specifying the order in which behaviors are applied is outside the scope of the Web Services
+ Policy Framework. However, the Framework says that assertion authors can write assertions that
+ indicate the order in which behaviors are applied.</span></span></p><p><span class="diff-add"><span>According to the SOAP processing model, the order of headers and body processing
+ (for behaviors such as addressing, security, reliability and transaction) is at the discretion
+ of the SOAP node and SOAP-based protocols may be used to control the order of processing. </span></span></p><p><span class="diff-add"><span>The Web Services Security specification provides producers with a choice of signing a message
+ before encrypting or signing a message after encrypting. That is, WS-Security 1.1, section 8 says,
+ lines 1173-1183 - says "Finally, if a producer wishes to sign a message before encryption, then
+ following the ordering rules laid out in section 5, "Security Header", they SHOULD first prepend
+ the signature element to the </span></span><code><span class="diff-add"><span>wsse:Security</span></span></code> <span class="diff-add"><span>header, and then prepend the encryption element, ...
+ Likewise, if a producer wishes to sign a message after encryption, they SHOULD first prepend the
+ encryption element to the </span></span><code><span class="diff-add"><span>wsse:Security</span></span></code> <span class="diff-add"><span>header, and then prepend the signature element." </span></span></p><p><span class="diff-add"><span>The Web Services Security Policy specification provides assertions which let users control
+ whether to sign the message before encrypting or sign it after encrypting. </span></span></p><p><span class="diff-add"><span>In the example below, the SignBeforeEncrypting assertion requires producers to sign a message
+ before encrypting.</span></span></p><div class="exampleOuter">
+<p style="text-align: left" class="exampleHead"><i><span>Example 5-7. </span><span class="diff-add"><span>SignBeforeEncrypting assertion</span></span></i></p><div class="exampleInner"><pre><wsp:Policy>
+ <sp:AsymmetricBinding>
+ <wsp:Policy>
+ <sp:IncludeTimestamp />
+ <sp:SignBeforeEncrypting />
+ <sp:EncryptSignature />
+ <sp:ProtectTokens />
+ <wsp:Policy/>
+ </sp:AsymmetricBinding>
+ <wsam:Addressing>...</wsam:Addressing>
+</wsp:Policy> </pre></div></div><p><span class="diff-add"><span>In the example below, the EncryptBeforeSigning assertion requires producers
+ to sign a message after encrypting. </span></span></p><div class="exampleOuter">
+<p style="text-align: left" class="exampleHead"><i><span>Example 5-8. </span><span class="diff-add"><span>EncryptBeforeSigning assertion</span></span></i></p><div class="exampleInner"><pre><wsp:Policy>
+ <sp:AsymmetricBinding>
+ <wsp:Policy>
+ <sp:IncludeTimestamp />
+ <sp:EncryptBeforeSigning />
+ <sp:EncryptSignature />
+ <sp:ProtectTokens />
+ <wsp:Policy/>
+ </sp:AsymmetricBinding>
+ <wsam:Addressing>...</wsam:Addressing>
+</wsp:Policy> </pre></div></div></div></div></div><div class="div2">
<h3><a name="comparison" id="comparison"></a>5.4 Comparison of Nested and Parameterized Assertions</h3><p>There are two different ways to provide additional information
in an assertion beyond its type: assertion parameters and nested policy
expressions. We cover these two cases below followed by a comparison of these
@@ -755,7 +806,7 @@
These two parameters identify the parts of a wire message that should be
protected. These parameters carry additional useful information for
engaging the behavior.</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 5-7. </span>Policy Assertion with Assertion Parameters</i></p><div class="exampleInner"><pre><wsp:Policy>
+<p style="text-align: left" class="exampleHead"><i><span>Example 5-9. </span>Policy Assertion with Assertion Parameters</i></p><div class="exampleInner"><pre><wsp:Policy>
<sp:SignedParts>
<sp:Body/>
<sp:Header/>
@@ -829,7 +880,7 @@
already requires the use of transport-level security for
protecting messages).
</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 5-8. </span>Transport Security Policy Assertion</i></p><div class="exampleInner"><pre><sp:TransportBinding>
+<p style="text-align: left" class="exampleHead"><i><span>Example 5-10. </span>Transport Security Policy Assertion</i></p><div class="exampleInner"><pre><sp:TransportBinding>
<Policy>
<sp:TransportToken>
<Policy>
@@ -875,7 +926,7 @@
<code>HttpToken</code> is used with an empty nested policy in a policy expression
by a provider, it will indicate that none of the dependent behaviors
namely authentication or client certificate is required.</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 5-9. </span>Empty Nested Policy Expression</i></p><div class="exampleInner"><pre><sp:TransportToken>
+<p style="text-align: left" class="exampleHead"><i><span>Example 5-11. </span>Empty Nested Policy Expression</i></p><div class="exampleInner"><pre><sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy/>
@@ -885,70 +936,105 @@
certificate will not be able to use this provider solely on the basis
of intersection algorithm alone.</p></div></div><div class="div2">
<h3><a name="Ignorable" id="Ignorable"></a>5.5 Designating Ignorable Behavior</h3><div class="div3">
-<h4><a name="d4e879" id="d4e879"></a>5.5.1 Ignorable behavior in authoring</h4><p>
+<h4><a name="d4e946" id="d4e946"></a>5.5.1 Ignorable behavior in authoring</h4><p>
The Policy Framework provides an intersection algorithm that has two defined modes for processing (lax and strict). The Framework also defines an attribute (wsp:Ignorable) that can be used to influence whether assertions are part of the compatibility assessment between two alternatives. [see <cite><a href="#WS-Policy">Web Services Policy Framework</a></cite> and <cite><a href="#WS-Policy-Primer">Web Services Policy Primer</a></cite>]. Assertion authors should consider whether the behavior represented by the Assertion they are defining can be safely ignored for the purposes of intersection, and should follow <a href="#DefineIgnorable"><b>8. Document Ignorable Behavior</b></a> and <a href="#ignorableAssertions"><b>9. Document Use of the Ignorable
Attribute in XML </b></a> to include this guidance in the assertion's definition.</p></div><div class="div3">
-<h4><a name="d4e892" id="d4e892"></a>5.5.2 Ignorable behavior at runtime</h4><p>Regardless of whether the assertion allows the ignorable attribute, assertion authors should
+<h4><a name="d4e959" id="d4e959"></a>5.5.2 Ignorable behavior at runtime</h4><p>Regardless of whether the assertion allows the ignorable attribute, assertion authors should
indicate the semantic of the runtime behavior in the description of the assertion.
</p><p>
As said in <a href="ws-policy-primer.html#strict-lax-policy-intersection">section 3.4.1 Strict and Lax Policy Intersection</a> in <cite><a href="#WS-Policy-Primer">Web Services Policy Primer</a></cite>, "Regardless of the chosen intersection mode, ignorable assertions do not express any wire-level requirements on the behavior of consumers - in other words, a consumer could choose to ignore any such assertions that end up in the resulting policy after intersection, with no adverse effects on runtime interactions." Therefore, any assertion that is marked with ignorable should not impose any wire-level requirements on the part of consumers. Assertion Authors are reminded that regardless of whether an assertion is marked as ignorable, policy consumers using strict intersection will not 'ignore' the assertion.
</p></div></div><div class="div2">
<h3><a name="optional-policy-assertion" id="optional-policy-assertion"></a>5.6 Designating Optional Behaviors</h3><div class="div3">
-<h4><a name="d4e907" id="d4e907"></a>5.6.1 Optional behavior at runtime</h4><p>Since optional behaviors indicate optionality for
+<h4><a name="d4e974" id="d4e974"></a>5.6.1 Optional behavior at runtime</h4><p><span class="diff-del"><span>Since optional behaviors indicate optionality for
both the provider and the consumer, behaviors that must
always be engaged by a consumer must not be marked as
"optional" with a value "true" since this would allow the
consumer to select the policy alternative that does not contain the assertion,
and thus not engaging the behavior.
- </p><div class="boxedtext"><p><a name="bp-limit-optional-assertions" id="bp-limit-optional-assertions"></a><span class="practicelab">Best
-Practice 17: Limit use of Optional Assertions</span></p><p class="practice">Assertion Authors should not use optional assertions for behaviors that must be present
- in compatible policy expressions.</p></div><p> The target scope of an optional assertion is an important factor for
+
+
+ Limit use of Optional Assertions
+ Assertion Authors should not use optional assertions for behaviors that must be present
+ in compatible policy expressions.
+
+ </span></span>The target scope of an <span class="diff-del"><span>optional </span></span>assertion is an important factor for
Assertion Authors to consider as it determines the
- <em>granularity</em> where the behavior is optionally
- engaged. For example, if the assertion is targeted for an
- endpoint policy subject, it is expected to govern all the
- messages that are indicated by the specific endpoint when
- optional behavior is <em> engaged </em>. Since the
- behavior would be applicable to policy subject that is
- designated, it is important for the Assertion Authors
- to choose the appropriate level of granularity for optional
- behaviors, to consider whether a specific message or all messages, etc. are targeted.
- </p><p>
- When optional behaviors are indicated by attaching assertions with
+ <em>granularity</em> <span class="diff-chg"><span>of </span></span>the <span class="diff-add"><span>scope for which the</span></span>behavior
+ is <span class="diff-add"><span>to be </span></span><span class="diff-del"><span>optionally
+ </span></span>engaged. For example, if <span class="diff-chg"><span>an </span></span>assertion <span class="diff-chg"><span>has a scope of
+ </span></span>endpoint policy <span class="diff-add"><span>subject</span></span><span class="diff-del"><span>subject, it </span></span><span class="diff-chg"><span>the behavior indicated by that assertion
+ applies to all , messages exchanged in both </span></span><span class="diff-add"><span>directions</span></span><span class="diff-del"><span>when
+ optional </span></span><span class="diff-chg"><span>(e.g. </span></span><span class="diff-add"><span>both
+ request</span></span><span class="diff-del"><span>is </span></span><span class="diff-add"><span>and </span></span><span class="diff-chg"><span>response </span></span><span class="diff-add"><span>messages)</span></span><span class="diff-del"><span>. </span></span><span class="diff-chg"><span>with </span></span>the
+ <span class="diff-del"><span>behavior </span></span><span class="diff-add"><span>specific</span></span><span class="diff-del"><span>would be applicable </span></span><span class="diff-add"><span>endpoint </span></span>to <span class="diff-add"><span>which
+ the </span></span>policy <span class="diff-add"><span>alternative including</span></span><span class="diff-del"><span>subject </span></span>that <span class="diff-add"><span>assertion </span></span>is <span class="diff-add"><span>attached.
+ </span></span></p><div class="diff-add"><p class="diff-add"><span class="diff-del"><span>designated, </span></span><span class="diff-chg"><span>Certain behaviors might provide in their </span></span><span class="diff-add"><span>specification</span></span><span class="diff-del"><span>Authors
+ to </span></span><span class="diff-chg"><span>for </span></span>the
+ <span class="diff-chg"><span>optional use </span></span>of <span class="diff-chg"><span>that behavior </span></span><span class="diff-add"><span>in</span></span><span class="diff-del"><span>optional
+ behaviors, </span></span><span class="diff-chg"><span>the context of </span></span>a <span class="diff-add"><span>subset</span></span><span class="diff-del"><span>specific message or </span></span><span class="diff-chg"><span>of </span></span><span class="diff-add"><span>a
+ given</span></span><span class="diff-del"><span>messages, </span></span><span class="diff-add"><span>interaction.</span></span><span class="diff-del"><span>etc. are targeted.
+
+
+ </span></span>When <span class="diff-add"><span>such </span></span>optional behaviors are indicated by attaching assertions with
only one side of an interaction, such as an inbound message of a
- request-response, the engagement of the rest of the interaction will
+ request-response, the engagement <span class="diff-add"><span>in the context </span></span>of the rest of the interaction
+ <span class="diff-add"><span>such as the outbound message, </span></span>will
be undefined. Therefore, the Assertion Authors are encouraged to
- consider how the attachment on a message policy subject on a response
- message should be treated when optional behaviors are specified for
- message exchanges within a request response for response messages,
- using message policy subject. Leaving the semantics not specified or
- incompletely specified may result in providers making assumptions.
- Similarly, if engagement of a behavior is only specified for an
- outbound message, the Assertion Authors should consider describing
- the semantics if the incoming messages also utilized the behavior.
- This is especially important if the assertion is applicable to more
- than one specific policy subject. One approach that is currently taken
- by WS-RM Policy [<cite><a href="#WS-RM-Policy">Web Services Reliable Messaging Policy Assertion</a></cite>] is to
- introduce both message and endpoint policy subjects for one of its
- assertions and require the use of endpoint policy subject
- when message policy subject is used via attachment.
- </p><div class="boxedtext"><p><a name="bp-entire-mep-for-optional" id="bp-entire-mep-for-optional"></a><span class="practicelab">Best
-Practice 18: Consider entire message exchange pattern when specifying Assertions that may be optional</span></p><p class="practice">Assertion Authors should associate optional assertions with the appropriate endpoint and use the smallest
- possible granularity to limit the degree to which optionality applies.</p></div><p>
- Behaviors must be engaged
- with respect to messages that are targeted to the provider
- so that the provider can determine that the optional
- behavior is engaged. In other words, the need for self
- describing messages [<a href="#self-describing"><b>5.3.3 Self Describing Messages </b></a>] should
- not be forgotten.
- An explicit, out of band mechanism might be necessary to enable a
- client to indicate that
- the optional behavior is engaged.
- (Such an out of band mechanism is outside the scope of WS-Policy
- Framework).
- </p><div class="boxedtext"><p><a name="bp-indicate-optional-assertion-use" id="bp-indicate-optional-assertion-use"></a><span class="practicelab">Best
-Practice 19: Indicate use of an Optional Assertion</span></p><p class="practice">When a given behavior may be optional, it must be possible for both message participants to determine that the assertion is selected by both parties,
- either out of band or as reflected by the message content.</p></div><p>
+ consider <span class="diff-del"><span>how </span></span>the <span class="diff-add"><span>implications of </span></span>attachment <span class="diff-add"><span>of an assertion that indicates
+ such optional behavior</span></span><span class="diff-del"><span>on </span></span><span class="diff-add"><span>at </span></span>a message policy subject on <span class="diff-chg"><span>the interaction
+ as a whole. For example, if reliable messaging (RM) </span></span><span class="diff-add"><span>is</span></span><span class="diff-del"><span>for
+ message </span></span><span class="diff-chg"><span>applied to </span></span>a request
+ <span class="diff-add"><span>message </span></span><span class="diff-del"><span>response for response </span></span><span class="diff-add"><span>because</span></span><span class="diff-del"><span>messages,
+ using </span></span><span class="diff-chg"><span>the </span></span>policy <span class="diff-chg"><span>attached to </span></span>the <span class="diff-chg"><span>inbound message in </span></span><span class="diff-add"><span>a request-response</span></span><span class="diff-del"><span>or
+ </span></span><span class="diff-chg"><span>operation had an alternative that incldued RM </span></span>in<span class="diff-del"><span>assumptions.
+ Similarly, </span></span><span class="diff-chg"><span>its </span></span><span class="diff-add"><span>assertions, is</span></span><span class="diff-del"><span>engagement </span></span><span class="diff-add"><span>the application
+ </span></span>of <span class="diff-chg"><span>RM to the outbound message permitted, </span></span><span class="diff-add"><span>even</span></span><span class="diff-del"><span>an
+ outbound </span></span><span class="diff-chg"><span>if there is no </span></span><span class="diff-add"><span>policy
+ attached</span></span><span class="diff-del"><span>should </span></span><span class="diff-chg"><span>to </span></span><span class="diff-add"><span>that subject? Leaving </span></span><span class="diff-del"><span>describing
+ </span></span>the semantics <span class="diff-chg"><span>either unspecified </span></span><span class="diff-add"><span>or
+ incompletely</span></span><span class="diff-del"><span>incoming </span></span><span class="diff-chg"><span>specified may result in </span></span><span class="diff-add"><span>implementations making assumptions
+ that might have undesireable consequences.</span></span><span class="diff-del"><span>behavior.
+ </span></span>This is especially important if the assertion is applicable to more
+ than one specific policy subject. <span class="diff-chg"><span>The </span></span>approach <span class="diff-del"><span>that is currently </span></span>taken
+ by
+ WS-RM Policy [<cite><a href="#WS-RM-Policy">Web Services Reliable Messaging Policy Assertion</a></cite>] is to <span class="diff-add"><span>provide for an RM
+ assertion to be attached at either or
+ </span></span><span class="diff-del"><span>introduce </span></span>both message and endpoint policy <span class="diff-add"><span>subjects.
+ In</span></span><span class="diff-del"><span>subjects </span></span><span class="diff-chg"><span>order to eliminate </span></span><span class="diff-add"><span>the</span></span><span class="diff-del"><span>its
+ assertions </span></span><span class="diff-chg"><span>ambiguity </span></span><span class="diff-add"><span>associated with only using a message
+ policy</span></span><span class="diff-del"><span>require </span></span><span class="diff-add"><span>subject, </span></span>the <span class="diff-chg"><span>WS-RM Policy </span></span><span class="diff-add"><span>requires a policy to be attached to an
+ </span></span>endpoint policy subject <span class="diff-add"><span>as well as
+ </span></span><span class="diff-del"><span>when </span></span><span class="diff-add"><span>a </span></span>message policy subject <span class="diff-add"><span>whenever a policy
+ is attached to a message policy subject.
+ The combination directly addresses
+ the unstated semantic that if RM </span></span>is used <span class="diff-add"><span>for inbound messages, that it MAY
+ be used for outbound</span></span><span class="diff-del"><span>via </span></span><span class="diff-add"><span>messages, even if the assertion is not attached to the
+ outbound message (and vice-versa).</span></span><span class="diff-del"><span>attachment.
+ </span></span></p></div><div class="boxedtext"><p><a name="bp-entire-mep-for-optional" id="bp-entire-mep-for-optional"></a><span class="practicelab">Best
+Practice 17: Consider entire message exchange pattern when specifying Assertions that representmay be optional behavior related
+ to a subset of that message exchange pattern when considering appropriate policy
+ subject attachment points </span></p><p class="practice">Assertion Authors should associate assertions that represent optional behavior
+ with the appropriate policy subjectendpoint and use the smallest
+ possible granularity (See Best Practice 28) to limit the degree to which optional behavior applies.</p></div><p>
+ Behaviors <span class="diff-add"><span>that </span></span>must be engaged <span class="diff-add"><span>in the context of an interaction must not be marked
+ with wsp:Optional="true". since this creates two alternatives; one with and one without
+ that assertion. This would allow the policy consumer to select the policy alternative
+ that does not contain that assertion, and thus result in an interaction that did
+ not engage the required behavior that was indicated by that assertion.
+ </span></span></p><div class="diff-add"><div class="boxedtext"><p><a name="bp-limitoptional-assertion-use" id="bp-limitoptional-assertion-use"></a><span class="practicelab">Best
+Practice 18: Limit use of an Optional Assertion</span></p><p class="practice">Assertion Authors should disallow the use of the wsp:Optional
+ attribute on assertions that represent behaviors that must be engaged.</p></div></div><div class="diff-add"><p class="diff-add">
+ <span class="diff-add"><span>Behaviors must be engaged </span></span>with respect to messages that are targeted to the
+ provider so that the provider can determine that the optional behavior is engaged.
+ In <span class="diff-chg"><span>ohter </span></span>words, the need for self describing messages [<a href="#self-describing"><b>5.3.3 Self Describing Messages </b></a><span class="diff-chg"><span>]should </span></span><span class="diff-del"><span>should
+ </span></span>not be forgotten.
+ An explicit, out of band mechanism might be necessary to enable a client to
+ indicate that the optional behavior is engaged. (Such an out of band mechanism
+ is outside the scope of <span class="diff-add"><span>the </span></span>WS-Policy Framework).
+ </p></div><div class="boxedtext"><p><a name="bp-indicate-optional-assertion-use" id="bp-indicate-optional-assertion-use"></a><span class="practicelab">Best
+Practice 19: Indicate use of an Optional Assertion</span></p><p class="practice">When a given behavior may be optional, it must be possible for both message participants
+ to determine that the assertion has beenis selected by both parties,
+ either out of band or as reflected by the message content.</p></div><p>
The <cite><a href="#WS-Policy-Primer">Web Services Policy Primer</a></cite> document contains an example that outlines the
use of
<cite><a href="#MTOM">MTOM</a></cite> as an optional behavior that can be engaged by a consumer.
@@ -965,39 +1051,50 @@
alternate that contains the MTOM assertion is being obeyed (
<a href="#bp-indicate-optional-assertion-use">Best Practice: Indicate use of an Optional Assertion</a>).
</p><p>
- Note that if a MTOM assertion were only bound to an inbound message endpoint,
- then it would not be clear whether the outbound message from the provider would
- also utilize the behavior. Thus this assertion should be associated at the granularity
+ Note that if a MTOM assertion were only bound to <span class="diff-add"><span>the policy subject representing</span></span><span class="diff-del"><span>an </span></span><span class="diff-add"><span>the
+ </span></span>inbound <span class="diff-chg"><span>message, </span></span><span class="diff-del"><span>endpoint,
+ </span></span>then it would not be clear <span class="diff-add"><span>to the service provider </span></span>whether the outbound
+ <span class="diff-add"><span>whether </span></span><span class="diff-chg"><span>the outbound </span></span><span class="diff-add"><span>messages generated by that</span></span><span class="diff-del"><span>the </span></span>provider <span class="diff-chg"><span>should
+ </span></span>also utilize <span class="diff-chg"><span>that </span></span>behavior. Thus this assertion should be associated at the granularity
of an entire message exchange. The semantics of the assertion should specify this
- to avoid inappropriate assumptions by implementations. This is important for an
- optional assertion where it may not be clear whether it is to apply in a message
- exchange when optionally used in part of that exchange
- (<a href="#bp-entire-mep-for-optional">Best Practice: Consider entire message exchange pattern when specifying Assertions that may be optional</a>).
- </p></div></div><div class="div2">
-<h3><a name="levels-of-abstraction" id="levels-of-abstraction"></a>5.7 Considerations for Policy Attachment</h3><div class="div3">
-<h4><a name="general-attachment-guidelines" id="general-attachment-guidelines"></a>5.7.1 General Guidelines</h4><p><span class="diff-add"><span>Although
- </span></span><span class="diff-del"><span>The </span></span><span class="diff-chg"><span>a policy assertion </span></span><span class="diff-add"><span>may be constrained</span></span><span class="diff-del"><span>used </span></span>to
- <span class="diff-del"><span>communicate </span></span><span class="diff-chg"><span>a specific set of policy subjects by Assertion </span></span><span class="diff-add"><span>Authors,
- its </span></span><span class="diff-del"><span>additional
- </span></span>semantics <span class="diff-chg"><span>should not be dependent upon the mechanism by which the </span></span>policy <span class="diff-chg"><span>expression is attached </span></span>to <span class="diff-chg"><span>a
- given policy subject. For </span></span><span class="diff-add"><span>instance,</span></span><span class="diff-del"><span>possibly
- unknown) </span></span><span class="diff-chg"><span>an assertion "Foo" has the same semantics </span></span><span class="diff-add"><span>when</span></span><span class="diff-del"><span>mechanisms
- may </span></span><span class="diff-chg"><span>attached to an </span></span><span class="diff-add"><span>operation
- </span></span>policy <span class="diff-add"><span>subject</span></span><span class="diff-del"><span>alternative created </span></span><span class="diff-chg"><span>regardless of whether it </span></span><span class="diff-add"><span>was</span></span><span class="diff-del"><span>calculating
- an </span></span><span class="diff-chg"><span>attached using XML element policy attachment or </span></span>the <span class="diff-chg"><span>external URI
- attachment mechanism. Independence from a specific attachment mechanism allows policy </span></span><span class="diff-add"><span>tools</span></span><span class="diff-del"><span>also
- important </span></span><span class="diff-add"><span>to choose</span></span><span class="diff-del"><span>for </span></span>the <span class="diff-add"><span>most
- appropriate</span></span><span class="diff-del"><span>policy </span></span><span class="diff-chg"><span>mechanism </span></span>to <span class="diff-chg"><span>attach a policy without having </span></span><span class="diff-add"><span>to</span></span><span class="diff-del"><span>multiple
- assertions </span></span><span class="diff-chg"><span>analyze </span></span><span class="diff-add"><span>the contents of the policy.</span></span><span class="diff-del"><span>present.
- </span></span></p><div class="diff-chg"><div class="boxedtext"><p><a name="bp-assertion-semantics" id="bp-assertion-semantics"></a><span class="practicelab">Best
-Practice 20: Semantics IndependentAssertions
- Assertion of Attachment Mechanisms</span></p><p class="practice">Theencouraged semantics of a policy assertion shouldthat
- can not depend on the attachment mechanismmechanism. used.</p></div></div><p>For example, a security policy expression can be assigned a key reference and
- be attached to a UDDI binding or can be embedded in a WSDL document. </p><div class="diff-add"><p class="diff-add"><span class="diff-add"><span>Since multiple attachment mechanisms may be used, a policy alternative created during the process of calculating
+ to avoid inappropriate assumptions by implementations.
+ </p></div></div><div class="diff-add"><div class="div2">
+<h3><a name="levels-of-abstraction" id="levels-of-abstraction"></a>5.7 <span class="diff-add"><span>Considerations </span></span><span class="diff-chg"><span>for Policy </span></span><span class="diff-add"><span>Attachment</span></span></h3><div class="div3">
+<h4><a name="general-attachment-guidelines" id="general-attachment-guidelines"></a>5.7.1 <span class="diff-add"><span>General</span></span><span class="diff-del"><span>important </span></span><span class="diff-add"><span>Guidelines</span></span></h4><p><span class="diff-add"><span>Although</span></span><span class="diff-del"><span>for </span></span><span class="diff-add"><span>a</span></span><span class="diff-del"><span>an
+ optional </span></span><span class="diff-chg"><span>policy </span></span><span class="diff-add"><span>assertion</span></span><span class="diff-del"><span>where it </span></span>may <span class="diff-add"><span>be constrained to a specific set of policy subjects by Assertion Authors,
+ its semantics should </span></span>not be <span class="diff-chg"><span>dependent upon </span></span><span class="diff-add"><span>the mechanism by which the policy</span></span><span class="diff-del"><span>it </span></span><span class="diff-add"><span>expression </span></span>is <span class="diff-add"><span>attached </span></span>to <span class="diff-add"><span>a
+ given</span></span><span class="diff-del"><span>apply </span></span><span class="diff-chg"><span>policy subject. </span></span><span class="diff-add"><span>For instance, an</span></span><span class="diff-del"><span>message
+ exchange </span></span><span class="diff-add"><span>assertion "Foo" has the same semantics </span></span>when <span class="diff-chg"><span>attached to an </span></span><span class="diff-add"><span>operation
+ policy</span></span><span class="diff-del"><span>part </span></span><span class="diff-chg"><span>subject regardless </span></span><span class="diff-add"><span>of</span></span><span class="diff-del"><span>exchange
+ (Best </span></span><span class="diff-chg"><span>whether it was attached using XML element policy attachment or the external </span></span><span class="diff-add"><span>URI
+ attachment</span></span><span class="diff-del"><span>optional).
+
+
+
+
+
+
+ Considerations </span></span><span class="diff-chg"><span>mechanism. Independence </span></span><span class="diff-add"><span>from</span></span><span class="diff-del"><span>Attachment
+
+ General </span></span>a<span class="diff-del"><span>Guidelines
+
+ The </span></span><span class="diff-chg"><span>specific </span></span>attachment mechanism <span class="diff-add"><span>allows policy tools</span></span><span class="diff-del"><span>used </span></span>to <span class="diff-chg"><span>choose </span></span>the <span class="diff-add"><span>most
+ appropriate</span></span><span class="diff-chg"><span>mechanism to attach a policy without </span></span><span class="diff-add"><span>having</span></span><span class="diff-del"><span>additional
+ semantics </span></span><span class="diff-add"><span>to analyze</span></span><span class="diff-del"><span>in </span></span>the <span class="diff-chg"><span>contents </span></span>of <span class="diff-chg"><span>the </span></span><span class="diff-add"><span>policy.</span></span></p><div class="boxedtext"><p><a name="bp-assertion-semantics" id="bp-assertion-semantics"></a><span class="practicelab">Best
+Practice 20: Semanticsalternatives. Independent of Attachment Mechanisms</span></p><p class="practice">The semantics of a policy assertion should not depend on theto attachment mechanism used.</p></div><p><span class="diff-add"><span>For example, a security policy expression can </span></span>be <span class="diff-chg"><span>assigned a key reference and
+ be attached </span></span><span class="diff-add"><span>to a</span></span><span class="diff-del"><span>mechanisms </span></span><span class="diff-add"><span>UDDI binding or can be embedded </span></span>in <span class="diff-add"><span>a WSDL document.</span></span><span class="diff-del"><span>mind. </span></span></p><p>Since multiple attachment mechanisms may be used, a policy alternative created during the process of calculating
an effective policy can contain multiple instances of the same policy assertion type
( i.e., the SignedParts assertion). It is therefore also important for the policy authors to define what it
- means if multiple assertions are present.
- </span></span></p></div><div class="boxedtext"><p><a name="bp-semantics-multiple-same-type" id="bp-semantics-multiple-same-type"></a><span class="practicelab">Best
+ means if multiple assertions are present.
+
+
+
+ <span class="diff-del"><span>Reusable Assertions
+ Assertion Authors are encouraged to create policy assertions that
+ can be used regardless of attachment mechanism.
+
+ For example, a security policy expression can be assigned a key reference and
+ be attached to a UDDI binding or can be embedded in a WSDL document. </span></span></p><div class="boxedtext"><p><a name="bp-semantics-multiple-same-type" id="bp-semantics-multiple-same-type"></a><span class="practicelab">Best
Practice 21: Describe Semantics of Multiple Assertions of Same Type</span></p><p class="practice">
Assertion Authors should specify the semantics of multiple instances
of the same policy assertion type in the same policy alternative and the
@@ -1117,7 +1214,7 @@
[<cite><a href="#WS-RM-Policy">Web Services Reliable Messaging Policy Assertion</a></cite>] gives rules on which WSDL policy subjects may be associated with the RM
Policy assertion, and which WSDL 1.1 elements may have RM Policy assertions attached.
</p><p>If the <span class="diff-chg"><span>behavior indicated </span></span><span class="diff-add"><span>by</span></span><span class="diff-del"><span>imply
- different </span></span><span class="diff-chg"><span>an assertion </span></span><span class="diff-add"><span>varies when</span></span><span class="diff-del"><span>respect </span></span><span class="diff-add"><span>attached </span></span>to <span class="diff-chg"><span>different </span></span><span class="diff-add"><span>policy subjects</span></span><span class="diff-del"><span>points, </span></span>the Assertion Authors
+ different </span></span><span class="diff-chg"><span>an assertion varies </span></span><span class="diff-add"><span>when attached </span></span>to <span class="diff-chg"><span>different </span></span><span class="diff-add"><span>policy subjects</span></span><span class="diff-del"><span>points, </span></span>the Assertion Authors
should consider the following:</p><ul><li><p> Decompose the semantics with several assertions.</p></li><li><p> Rewrite a single assertion targeting a specific <span class="diff-add"><span>policy </span></span>subject. </p></li></ul><p>Since many attachment points are available in WSDL, it would be
necessary for Assertion Authors to recommend a preferred attachment
point. One approach would be to identify different attachment points in
@@ -1170,7 +1267,7 @@
provider as a whole. When defining assertions and recommending an endpoint
policy subject [uddi:bindingTemplate, uddi:tModel], assertion authors
are scoping behaviors to a deployed endpoint.
- </p></div></div><div class="div2">
+ </p></div></div></div><div class="div2">
<h3><a name="interrelated-domains" id="interrelated-domains"></a>5.8 Interrelated domains</h3><p>Assertion Authors need to be clear about how assertions defined in
their domain may fit with assertions for interrelated domains. Assertion Authors should not duplicate existing
assertions and should also make sure that when adding assertions those new assertions are consistent
@@ -1186,21 +1283,22 @@
additional assertions
related to [<cite><a href="#WS-SecurityPolicy">WS-SecurityPolicy</a></cite>], an interrelated security domain. One such additional assertion
specifies the use of transport security to protect a message sequence, for example.</p><div class="exampleOuter">
-<p style="text-align: left" class="exampleHead"><i><span>Example 5-10. </span>Reliable Message Sequence Security</i></p><div class="exampleInner"><pre><wsrmp:SequenceTransportSecurity [wsp:Optional="true"]? ... /></pre></div></div><p>The Reliable Message Policy specification states
+<p style="text-align: left" class="exampleHead"><i><span>Example 5-12. </span>Reliable Message Sequence Security</i></p><div class="exampleInner"><pre><wsrmp:SequenceTransportSecurity [wsp:Optional="true"]? ... /></pre></div></div><p>The Reliable Message Policy specification states
"This assertion is effectively meaningless unless it occurs in conjunction with the
<code>RMAssertion</code> and a <code>sp:TransportBinding</code> assertion that requires the use of some transport-level
security mechanism (e.g. <code>sp:HttpsToken</code>)".
</p></div></div><div class="div1">
<h2><a name="versioning-policy-assertions" id="versioning-policy-assertions"></a>6. Versioning Policy Assertions</h2><p>Assertion Authors need to consider not just the expression of the current set of requirements but
- how they anticipate new assertions being added to the set. There are three aspects to versioning policy assertions:</p><ul><li><p> Assertion <span class="diff-add"><span>Extensibility. Assertion authors should allow for extensibility
- (see best practice 5. Start with a Simple</span></span><span class="diff-del"><span>Extensibility </span></span><span class="diff-add"><span>Assertion)
+ how they anticipate new assertions being added to the set. There are three aspects to versioning policy assertions:</p><ul><li><p> Assertion <span class="diff-add"><span>Extensibility. Assertion</span></span><span class="diff-del"><span>Extensibility </span></span><span class="diff-add"><span>authors should allow for extensibility
+ (see best practice 5. Start with a Simple Assertion)
</span></span></p></li><li><p> Policy Language Extensibility </p><p>Over time, the Policy WG or third parties can version or extend the Policy Language with new
or modified constructs. These constructs may be compatible or incompatible with previous versions.
</p><p> Assertion Authors should review the WS-Policy Primer <cite><a href="#WS-Policy-Primer">Web Services Policy Primer</a></cite>
and the specifications <cite><a href="#WS-Policy">Web Services Policy Framework</a></cite> <cite><a href="#WS-PolicyAttachment">Web Services Policy Attachment</a></cite>
for details on extensibility.
</p><p> The current WS-Policy language <cite><a href="#WS-Policy">Web Services Policy Framework</a></cite> provides extensibility points
- on 6 elements with a combination of attribute and/or element extensibility:</p><ol class="enumar"><li><p>Policy: element from ##other namespace and any attribute</p></li><li><p>ExactlyOne, All: element from ##other namespace; no attribute extensibility</p></li><li><p>PolicyReference: any element and any attribute</p></li><li><p>PolicyAttachment: element from ##other namespace and any attribute</p></li><li><p>AppliesTo: any element and any attribute</p></li><li><p>URI: any attribute</p></li></ol></li><li><p>Supporting New Policy Subjects</p></li></ul><div class="div2">
+ on 6 elements with a combination of attribute and/or element extensibility:</p><ol class="enumar"><li><p>Policy: element from ##other namespace and any attribute</p></li><li><p>ExactlyOne, All: element from ##other namespace; no attribute extensibility</p></li><li><p>PolicyReference: any element and any attribute</p></li><li><p>PolicyAttachment: element from ##other namespace and any attribute</p></li><li><p>AppliesTo: any element and any attribute</p></li><li><p>URI: any attribute</p></li></ol></li><li><p>Supporting New Policy Subjects <span class="diff-add"><span>(see Section
+ </span></span><span class="diff-add"><a href="#supporting-new-policy-subjects"><b>6.3 Supporting New Policy Subjects</b></a></span><span class="diff-add"><span>).</span></span></p></li></ul><div class="div2">
<h3><a name="Referencing_Policy_Expressions" id="Referencing_Policy_Expressions"></a>6.1 Referencing Policy Expressions</h3><p>The <cite><a href="#WS-Policy-Primer">Web Services Policy Primer</a></cite> illustrates how providers can utilize
the identification mechanism defined in the Policy specification to
expose a complex policy expression as a reusable building block for
@@ -1235,8 +1333,7 @@
<p style="text-align: left" class="exampleHead"><i><span>Example 6-2. </span>Message-level Security and WSS: SOAP Message Security 1.1</i></p><div class="exampleInner"><pre><Policy>
<sp:Wss11>…</sp:Wss11>
</Policy></pre></div></div></div><div class="div2">
-<h3><a name="supporting-new-policy-subjects" id="supporting-new-policy-subjects"></a>6.3 Supporting New Policy Subjects <span class="diff-add"><span>(see Section
- 6.3 Supporting New Policy Subjects)</span></span></h3><p>
+<h3><a name="supporting-new-policy-subjects" id="supporting-new-policy-subjects"></a>6.3 Supporting New Policy Subjects</h3><p>
The best practice <a href="#bp-WSDL-policy-subject"><b>25. Specify WSDL Policy Subject(s)</b></a> specifies that policy authors should
define the set of policy subjects to which policy assertions can be
attached. Over time, new policy subjects may need to be defined. When
@@ -1263,7 +1360,7 @@
<code>soap</code>
</td><td colspan="1" rowspan="1">
<code>http://www.w3.org/2003/05/soap-envelope</code>
- </td><td colspan="1" rowspan="1">[<cite><a href="#SOAP12">SOAP 1.2 Messaging Framework</a></cite>]</td></tr><tr><td colspan="1" rowspan="1">
+ </td><td colspan="1" rowspan="1">[<cite><a href="#SOAP12">SOAP 1.2 Messaging Framework (Second Edition)</a></cite>]</td></tr><tr><td colspan="1" rowspan="1">
<code>sp</code>
</td><td colspan="1" rowspan="1">
<code>http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702</code>
@@ -1286,7 +1383,7 @@
</td><td colspan="1" rowspan="1">[<cite><a href="#WS-Policy">Web Services Policy Framework</a></cite>, <cite><a href="#WS-PolicyAttachment">Web Services Policy Attachment</a></cite>]</td></tr><tr><td colspan="1" rowspan="1">
<code>wsrmp</code>
</td><td colspan="1" rowspan="1">
- <code>http://docs.oasis-open.org/ws-rx/wsrmp/200608</code>
+ <code><span class="diff-chg"><span>http://docs.oasis-open.org/ws-rx/wsrmp/200702</span></span></code>
</td><td colspan="1" rowspan="1">[<cite><a href="#WS-RM-Policy">Web Services Reliable Messaging Policy Assertion</a></cite>]</td></tr><tr><td colspan="1" rowspan="1">
<code>wss</code>
</td><td colspan="1" rowspan="1">
@@ -1309,12 +1406,15 @@
</dd><dt class="label"><a name="SOAP11"></a>[SOAP 1.1] </dt><dd>
<cite><a href="http://www.w3.org/TR/2000/NOTE-SOAP-20000508/">Simple Object Access Protocol (SOAP) 1.1</a></cite>, D. Box, et al, Editors.
World Wide Web Consortium, 8 May 2000. Available at
- http://www.w3.org/TR/2000/NOTE-SOAP-20000508/. </dd><dt class="label"><a name="SOAP12"></a>[SOAP 1.2 Messaging Framework] </dt><dd>
- <cite><a href="http://www.w3.org/TR/2003/REC-soap12-part1-20030624/">SOAP Version 1.2 Part 1: Messaging Framework</a></cite>, M. Gudgin, M. Hadley,
- N. Mendelsohn, J-J. Moreau, H. Frystyk Nielsen, Editors. World Wide Web Consortium, 24
- June 2003. This version of the SOAP Version 1.2 Part 1: Messaging Framework Recommendation
- is http://www.w3.org/TR/2003/REC-soap12-part1-20030624/. The <a href="http://www.w3.org/TR/soap12-part1/">latest version of SOAP Version 1.2 Part 1:
- Messaging Framework</a> is available at http://www.w3.org/TR/soap12-part1/. </dd><dt class="label"><a name="XOP"></a>[XOP] </dt><dd>
+ http://www.w3.org/TR/2000/NOTE-SOAP-20000508/. </dd><dt class="label"><span class="diff-chg"><a name="SOAP12"></a>SOAP 1.2 Messaging Framework (Second Edition)</span></dt><dd><div class="diff-chg">
+ <cite><a href="http://www.w3.org/TR/2007/REC-soap12-part1-20070427/">SOAP Version 1.2 Part 1: Messaging Framework <span class="diff-add"><span>(Second Edition)</span></span></a></cite>, M. Gudgin, M. Hadley,
+ N. Mendelsohn, J-J. Moreau, H. Frystyk Nielsen, <span class="diff-add"><span>A. Karmarkar, and Y.</span></span><span class="diff-add"><span>Lafon, Editors.
+ </span></span>World Wide Web Consortium, <span class="diff-add"><span>27</span></span><span class="diff-del"><span>24
+ June </span></span><span class="diff-chg"><span>April </span></span><span class="diff-add"><span>2007.
+ </span></span>This version of the SOAP Version 1.2 Part 1: Messaging Framework Recommendation
+ is <span class="diff-chg"><span>http://www.w3.org/TR/2007/REC-soap12-part1-20070427/. </span></span>The <a href="http://www.w3.org/TR/soap12-part1/">latest
+ version of SOAP Version
+ 1.2 Part 1: Messaging Framework</a> is available at http://www.w3.org/TR/soap12-part1/. (See http://www.w3.org/TR/2007/REC-soap12-part1-20070427/.)</div></dd><dt class="label"><a name="XOP"></a>[XOP] </dt><dd>
<cite><a href="http://www.w3.org/TR/2005/REC-xop10-20050125/">XML-binary Optimized Packaging</a></cite>, M. Gudgin, N. Mendelsohn, M.
Nottingham and H. Ruellan, Editors. World Wide Web Consortium, 25 January 2005. This
version of the XML-binary Optimized Packaging Recommendation is
@@ -1347,39 +1447,49 @@
Web Services Policy 1.5 - Attachment</a> is available at
http://www.w3.org/TR/ws-policy-attach/. </dd><dt class="label"><a name="WS-Policy-Primer"></a>[Web Services Policy Primer] </dt><dd>
<cite><a href="http://www.w3.org/TR/2007/WD-ws-policy-primer-20070810/">Web Services Policy 1.5 - Primer</a></cite>, A. S. Vedamuthu, D. Orchard, F. Hirsch, M. Hondo,
- P. Yendluri, T. Boubez and Ü. Yalçinalp, Editors. World Wide Web Consortium, 10 August 2007. This version of Web Services Policy 1.5 - Primer specification is http://www.w3.org/TR/2007/WD-ws-policy-primer-20070810/. The <a href="http://www.w3.org/TR/ws-policy-primer/">latest version of Web Services Policy 1.5 - Primer</a> is available at http://www.w3.org/TR/ws-policy-primer/.</dd><dt class="label"><a name="WS-RM"></a>[Web Services Reliable Messaging] </dt><dd>
- <cite><a href="http://docs.oasis-open.org/ws-rx/wsrm/200608/wsrm-1.1-rddl-200608.html">Web Services Reliable Messaging (WS-ReliableMessaging)</a></cite>, D. Davis, A. Karmarkar
+ P. Yendluri, T. Boubez and Ü. Yalçinalp, Editors. World Wide Web Consortium, 10 August 2007. This version of Web Services Policy 1.5 - Primer specification is http://www.w3.org/TR/2007/WD-ws-policy-primer-20070810/. The <a href="http://www.w3.org/TR/ws-policy-primer/">latest version of Web Services Policy 1.5 - Primer</a> is available at http://www.w3.org/TR/ws-policy-primer/.</dd><dt class="label"><span class="diff-chg"><a name="WS-RM"></a>Web Services Reliable Messaging</span></dt><dd><div class="diff-chg">
+ <cite><a href="http://docs.oasis-open.org/ws-rx/wsrm/200702/wsrm-1.1-spec-os-01.html">Web Services Reliable Messaging (WS-ReliableMessaging)</a></cite>, D. Davis, A. Karmarkar
G. Pilz, S. Winkler, Ü. Yalçinalp, Editors. Organization for the Advancement of
- Structured Information Standards, August 7th, 2006, available at:
- http://docs.oasis-open.org/ws-rx/wsrm/200608/wsrm-1.1-rddl-200608.html
- </dd><dt class="label"><a name="WS-RM-Policy"></a>[Web Services Reliable Messaging Policy Assertion] </dt><dd>
+ Structured Information Standards, <span class="diff-chg"><span>14 June 2007, </span></span>available at:
+ <span class="diff-add"><span>http://docs.oasis-open.org/ws-rx/wsrm/200702/wsrm-1.1-spec-os-01.html.
+ Namespace document is available at
+ </span></span><div class="diff-add"><a href=""><span class="diff-add"><span>http://docs.oasis-open.org/ws-rx/wsrm/200702</span></span></a></div><span class="diff-add"><span>.
+ </span></span> (See http://docs.oasis-open.org/ws-rx/wsrm/200702/wsrm-1.1-spec-os-01.html.)</div></dd><span class="diff-del"><span>http://docs.oasis-open.org/ws-rx/wsrm/200608/wsrm-1.1-rddl-200608.html
+
+ </span></span><dt class="label"><a name="WS-RM-Policy"></a>[Web Services Reliable Messaging Policy Assertion] </dt><dd>
<cite><a href="http://docs.oasis-open.org/ws-rx/wsrmp/200702/wsrmp-1.1-spec-os-01.pdf">Web Services Reliable Messaging Policy Assertion
- (WS-RM Policy) Version 1.1</a></cite>, D. David, A. Kamarkar, G. Pilz, and
+ (WS-RM Policy) Version 1.1</a></cite>, D. <span class="diff-chg"><span>Davis, </span></span>A. Kamarkar, G. Pilz, and
Ü. Yalçinalp, Editors.
Organization for the Advancement of Structured Information Standards,
OASIS Standard, 14 June 2007. This version available at
http://docs.oasis-open.org/ws-rx/wsrmp/200702/wsrmp-1.1-spec-os-01.pdf.
- </dd><dt class="label"><a name="WS-Security2004"></a>[WS-Security 2004] </dt><dd>
+ <span class="diff-add"><span>Namespace document is available at </span></span><div class="diff-add"><a href="http://docs.oasis-open.org/ws-rx/wsrmp/200702"><span class="diff-add"><span>http://docs.oasis-open.org/ws-rx/wsrmp/200702</span></span></a></div><span class="diff-add"><span>.
+ </span></span></dd><dt class="label"><a name="WS-Security2004"></a>[WS-Security 2004] </dt><dd>
<cite><a href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf">Web Services Security: SOAP Message Security
1.0</a></cite>, A. Nadalin, C. Kaler, P. Hallam-Baker and
R. Monzillo, Editors. Organization for the Advancement of
Structured Information Standards, March 2004. Available at
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. </dd><dt class="label"><a name="WS-SecurityPolicy"></a>[WS-SecurityPolicy] </dt><dd>
- <cite><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf">WS-SecurityPolicy v1.2</a></cite>, A. Nadalin, M. Goodner, M. Gudgin, A.
- Barbir, and H. Granqvist, Editors. Organization for the Advancement of
- Structured Information Standards, 1 July 2007. Available at
- http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf.
- Namespace document available at
- http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702. </dd><dt class="label"><a name="WS-Trust"></a>[WS-Trust] </dt><dd>
- <cite><a href="http://schemas.xmlsoap.org/ws/2005/02/trust">Web Services Trust Language (WS-Trust)</a></cite>,
- S. Anderson, et al, Authors. Actional Corporation, BEA
+ <cite><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf">WS-SecurityPolicy v1.2</a></cite>, A. Nadalin, M. Goodner, M. Gudgin, A.
+ Barbir, and H. Granqvist, Editors. Organization for the Advancement of
+ Structured Information Standards, 1 July 2007. Available at
+ http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf.
+ Namespace document available at
+ http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702. </dd><dt class="label"><span class="diff-chg"><a name="WS-Trust"></a>WS-Trust</span></dt><dd><div class="diff-chg">
+ <cite><a href="http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf">Web Services <span class="diff-chg"><span>Atomic </span></span><span class="diff-add"><span>Transaction (WS-AtomicTransaction)</span></span><span class="diff-del"><span>Language </span></span><span class="diff-add"><span>Version 1.1</span></span><span class="diff-del"><span>(WS-Trust)</span></span></a></cite>,
+ <span class="diff-del"><span>S. </span></span><span class="diff-chg"><span>M. Little, A. </span></span><span class="diff-add"><span>Wilkinson,
+ Editors.</span></span><span class="diff-del"><span>Authors. </span></span><span class="diff-add"><span>Organization</span></span><span class="diff-del"><span>Actional Corporation, BEA
Systems, Inc., Computer Associates International, Inc.,
International Business Machines Corporation, Layer 7
- Technologies, Microsoft Corporation, Oblix Inc., OpenNetwork
- Technologies Inc., Ping Identity Corporation, Reactivity
- Inc., RSA Security Inc., and VeriSign Inc., February
- 2005. Available at
- http://schemas.xmlsoap.org/ws/2005/02/trust. </dd><dt class="label"><a name="UDDIAPI20"></a>[UDDI API 2.0] </dt><dd>
+ Technologies, </span></span><span class="diff-chg"><span>for the Advancement of </span></span><span class="diff-add"><span>Structured</span></span><span class="diff-del"><span>OpenNetwork
+ Technologies </span></span><span class="diff-chg"><span>Information Standards, OASIS </span></span><span class="diff-add"><span>Standard,
+ 16</span></span><span class="diff-del"><span>Corporation, </span></span><span class="diff-add"><span>April</span></span><span class="diff-del"><span>Reactivity
+ Inc., </span></span><span class="diff-chg"><span>2007. This version available </span></span><span class="diff-add"><span>at
+ http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html.
+ Namespace</span></span><span class="diff-del"><span>VeriSign </span></span><span class="diff-chg"><span>document </span></span><span class="diff-add"><span>is</span></span><span class="diff-del"><span>February
+ 2005. </span></span><span class="diff-chg"><span>available </span></span>at
+ <span class="diff-del"><span>http://schemas.xmlsoap.org/ws/2005/02/trust. </span></span><div class="diff-add"><a href=""><span class="diff-add"><span>http://docs.oasis-open.org/ws-tx/wsat/2006/06</span></span></a></div>.
+ (See http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf.)</div></dd><dt class="label"><a name="UDDIAPI20"></a>[UDDI API 2.0] </dt><dd>
<cite><a href="http://uddi.org/pubs/ProgrammersAPI-V2.04-Published-20020719.htm">UDDI Version 2.04 API</a></cite>, T. Bellwood,
Editor. Organization for the Advancement of Structured
Information Standards, 19 July 2002. This version of UDDI
@@ -1397,14 +1507,16 @@
<a href="http://uddi.org/pubs/DataStructure_v2.htm">latest
version of the UDDI 2.0 Data Structures</a> is available at
http://uddi.org/pubs/DataStructure_v2.htm.
- </dd><dt class="label"><a name="UDDI30"></a>[UDDI 3.0] </dt><dd>
- <cite><a href="http://uddi.org/pubs/uddi-v3.0.1-20031014.htm">UDDI Version 3.0.1</a></cite>, L. Clément, et
- al, Editors. Organization for the Advancement of Structured Information Standards, 14 October 2003. This version of the
- UDDI Version 3.0 is
- http://uddi.org/pubs/uddi-v3.0.1-20031014.htm. The <a href="http://uddi.org/pubs/uddi_v3.htm">latest version of
- the UDDI 3.0</a> specification is available at
- http://uddi.org/pubs/uddi_v3.htm.
- </dd><dt class="label"><a name="SAWSDL"></a>[SAWSDL] </dt><dd>
+ </dd><dt class="label"><span class="diff-chg"><a name="UDDI30"></a>UDDI 3.0</span></dt><dd><div class="diff-chg">
+ <cite><a href="http://uddi.org/pubs/uddi-v3.0.2-20041019.htm">UDDI Version <span class="diff-chg"><span>3.0.2</span></span></a></cite>, L. Clément, <span class="diff-add"><span>A.</span></span><span class="diff-del"><span>et
+ al, </span></span><span class="diff-add"><span>Hately, C.</span></span><span class="diff-add"><span>von Riegen, and T. Rogers, Editors.
+ </span></span>Organization for the Advancement of Structured Information Standards, <span class="diff-chg"><span>19 </span></span>October <span class="diff-chg"><span>2004. </span></span>This version of the
+ UDDI Version 3.0 is
+ <span class="diff-del"><span>http://uddi.org/pubs/uddi-v3.0.1-20031014.htm. </span></span><span class="diff-add"><span>http://uddi.org/pubs/uddi-v3.0.2-20041019.htm.
+ </span></span>The <a href="http://uddi.org/pubs/uddi_v3.htm">latest version of
+ the UDDI 3.0</a> specification is available at
+ http://uddi.org/pubs/uddi_v3.htm.
+ (See http://uddi.org/pubs/uddi-v3.0.2-20041019.htm.)</div></dd><dt class="label"><a name="SAWSDL"></a>[SAWSDL] </dt><dd>
<cite><a href="http://www.w3.org/TR/sawsdl/">Semantic Annotations for WSDL and XML Schema</a></cite> Joel Farrell, Holger Lausen, Editors. World Wide Web Consortium, 28 Augusty 2007. This is a W3C recommendation and the
specification can be found at http://www.w3.org/TR/2007/REC-sawsdl-20070828/. The <a href="http://www.w3.org/TR/sawsdl/"> latest version of Semantic Annotations for WSDL and XML Schema</a> is available at
http://www.w3.org/TR/sawsdl/.</dd><dt class="label"><a name="XMLSchemaPart2"></a>[XML Schema Datatypes] </dt><dd>
@@ -1438,9 +1550,9 @@
on public-ws-policy@w3.org</a> are also gratefully
acknowledged.
</p></div><div class="div1">
-<h2><a name="change-description" id="change-description"></a>E. Changes in this Version of the Document (Non-Normative)</h2><p>A list of major changes since the Working Draft dated 10 August,
- 2007 is below:</p><ul><li><p>Added a new section: <a href="#UDDI-attachment-guidelines"><b>5.7.3 Considerations for Policy Attachment in UDDI</b></a>.</p></li><li><p>Updated references: [<cite><a href="#SAWSDL">SAWSDL</a></cite>], [<cite><a href="#WS-AddressingMetadata">WS-Addressing Metadata</a></cite>], [<cite><a href="#WS-Policy">Web Services Policy Framework</a></cite>]
- and [<cite><a href="#WS-PolicyAttachment">Web Services Policy Attachment</a></cite>].</p></li></ul></div><div class="div1">
+<h2><a name="change-description" id="change-description"></a>E. Changes in this Version of the Document (Non-Normative)</h2><p>A list of major changes since the Working Draft dated <span class="diff-chg"><span>28 September, </span></span>2007 is below:</p><ul><li><p><span class="diff-add"><span>Clarified the target audience for this document (see </span></span><span class="diff-add"><a href="#introduction"><b>1. Introduction</b></a></span><span class="diff-add"><span>).</span></span></p></li><div class="diff-add"><li class="diff-add"><p><span class="diff-add"><span>Moved </span></span><a href="#bp-assertion-semantics"><b>20. Semanticsalternatives. Independent of Attachment Mechanisms</b></a> <span class="diff-add"><span>from section </span></span><a href="#assertion-target"><b>5.1 Assertions and Their Target Use</b></a>
+ <span class="diff-add"><span>to section </span></span><a href="#general-attachment-guidelines"><b>5.7.1 Generalimportant Guidelines</b></a><span class="diff-add"><span>.</span></span></p></li></div><div class="diff-add"><li class="diff-add"><p>Added a new section: <span class="diff-chg"><a href="#order-of-behaviors"><b>5.3.5 Order of Behaviors</b></a></span>.</p></li></div><li><p><span class="diff-chg"><span>Dropped an </span></span><span class="diff-add"><span>incorrect</span></span><span class="diff-del"><span>[], </span></span><span class="diff-add"><span>ignorable</span></span><span class="diff-del"><span>[], </span></span><span class="diff-add"><span>example</span></span><span class="diff-del"><span>[]
+ and </span></span><span class="diff-add"><span>in section </span></span><span class="diff-add"><a href="#QName_and_XML_Information_Set_representation"><b>5.3.2 QName and XML Information Set representation</b></a></span><span class="diff-add"><span>.</span></span></p></li><div class="diff-add"><li class="diff-add"><p><span class="diff-add"><span>Rewrote section: </span></span><a href="#optional-policy-assertion"><b>5.6 Designating Optional Behaviors</b></a><span class="diff-add"><span>.</span></span></p></li></div><div class="diff-add"><li class="diff-add"><p><span class="diff-add"><span>Updated </span></span><a href="#references"><b>C. References</b></a><span class="diff-add"><span>.</span></span><span class="diff-del"><span>[].</span></span></p></li></div></ul></div><div class="div1">
<h2><a name="change-log" id="change-log"></a>F. Web Services Policy 1.5 - Guidelines for Policy Assertion Authors Change Log (Non-Normative)</h2><a name="ws-policy-primer-changelog-table"></a><table border="1"><tbody><tr><th colspan="1" rowspan="1">Date</th><th colspan="1" rowspan="1">Author</th><th colspan="1" rowspan="1">Description</th></tr><tr><td colspan="1" rowspan="1">20060829</td><td colspan="1" rowspan="1">UY</td><td colspan="1" rowspan="1">Created first draft based on agreed outline and content</td></tr><tr><td colspan="1" rowspan="1">20061013</td><td colspan="1" rowspan="1">UY</td><td colspan="1" rowspan="1">Editorial fixes (suggested by Frederick), fixed references, bibl items, fixed dangling pointers, created eds to do</td></tr><tr><td colspan="1" rowspan="1">20061018</td><td colspan="1" rowspan="1">MH</td><td colspan="1" rowspan="1">Editorial fixes for readability, added example for Encrypted parts</td></tr><tr><td colspan="1" rowspan="1">20061030</td><td colspan="1" rowspan="1">UY</td><td cospan="1" rowspan="1">Fixes for Paul Cotton's editorial comments (20061020)</td></tr><tr><td colspan="1" rowspan="1">20061031</td><td colspan="1" rowspan="1">UY</td><td colspan="1" rowspan="1">Fixes for Frederick's editorial comments (20061025)</td></tr><tr><td colspan="1" rowspan="1">20061031</td><td colspan="1" rowspan="1">UY</td><td colspan="1" rowspan="1">Optionality discussion feedback integration</td></tr><tr><td colspan="1" rowspan="1">20061115</td><td colspan="1" rowspan="1">MH</td><td colspan="1" rowspan="1">First attempt at restructuring to include primer content</td></tr><tr><td colspan="1" rowspan="1">20061120</td><td colspan="1" rowspan="1">MH</td><td colspan="1" rowspan="1">Restructure to address action items 64,77, which refer to bugzilla 3705 and F2F RESOLUTION 3792 </td></tr><tr><td colspan="1" rowspan="1">20061127</td><td colspan="1" rowspan="1">ASV</td><td colspan="1" rowspan="1">Updated the list of editors. Added
<a href="http://lists.w3.org/Archives/Public/public-ws-policy-eds/2006Nov/0033.html">Frederick</a> and
<a href="http://lists.w3.org/Archives/Public/public-ws-policy-eds/2006Nov/0054.html">Umit</a> to the list of editors.
@@ -1691,7 +1803,7 @@
<a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=4654">4654</a>.
Editors' action:
<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/340">340</a>.
- Add new section <a href="#general-attachment-guidelines"><b>5.7.1 General Guidelines</b></a>.
+ Add new section <a href="#general-attachment-guidelines"><b>5.7.1 Generalimportant Guidelines</b></a>.
</td></tr><tr><td colspan="1" rowspan="1">20070718</td><td colspan="1" rowspan="1">FJH</td><td colspan="1" rowspan="1">Updated Web Services Reliable Messaging Policy reference [<cite><a href="#WS-RM-Policy">Web Services Reliable Messaging Policy Assertion</a></cite>] and WS-Addressing Metadata reference
[<cite><a href="#WS-AddressingMetadata">WS-Addressing Metadata</a></cite>].
Editors' action <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/331">331</a>.
@@ -1732,8 +1844,33 @@
<a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5185"><span class="diff-add"><span>5185</span></span></a>. Editors' action
<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/373"><span class="diff-add"><span>373</span></span></a>.
</td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071024</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">FJH</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Implemented the resolution for issue
- <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5185"><span class="diff-add"><span>5184</span></span></a>. Editors' action
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5184"><span class="diff-add"><span>5184</span></span></a>. Editors' action
<a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/372"><span class="diff-add"><span>372</span></span></a>.
Implemented as originally proposed b,c,e,f,h,j. Implemented as amended a, k,l. Did not implement g which was not processed by WG.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071024</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">TIB</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Implemented the resolution for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5186"><span class="diff-add"><span>5186</span></span></a>. Editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/374"><span class="diff-add"><span>374</span></span></a>.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">MH</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Implemented the resolution for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5206"><span class="diff-add"><span>5206</span></span></a>. Editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/379"><span class="diff-add"><span>379</span></span></a>.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">MH</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Implemented the resolution for issue
+ <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5189"><span class="diff-add"><span>5189</span></span></a>. Editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/381"><span class="diff-add"><span>381</span></span></a>.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">ASV</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Fixed typos (re <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5206"><span class="diff-add"><span>5206</span></span></a> and editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/379"><span class="diff-add"><span>379</span></span></a>).
+ s/Example 1/SignBeforeEncrypting assertion/
+ and
+ s/Example 2/EncryptBeforeSigning assertion/ in <a href="#order-of-behaviors"><b>5.3.5 Order of Behaviors</b></a>.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">ASV</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Fixed incorrect changes (re <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5184"><span class="diff-add"><span>5184</span></span></a>
+ and editors' action
+ <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/372"><span class="diff-add"><span>372</span></span></a>).
+ a) s/Supporting New Policy Subjects/(see Section 6.3 Supporting New Policy Subjects)/ and
+ b) s/6.3 Supporting New Policy Subjects (see Section 6.3 Supporting New Policy Subjects)/6.3 Supporting New Policy Subjects/.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">ASV</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Applied missed changes (re <a href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5186"><span class="diff-add"><span>5186</span></span></a> and
+ editors' action <a href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/374"><span class="diff-add"><span>374</span></span></a>) to
+ <a href="#xml-namespaces"><b>B. XML Namespaces</b></a> and <a href="#references"><b>C. References</b></a>. Fixed SOAP 1.2,
+ Web Services Reliable Messaging, Web Services Reliable Messaging Policy Assertion,
+ WS-SecurityPolicy and WS-Trust references.
+ </td></div></tr></div><div class="diff-add"><tr class="diff-add"><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">20071026</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">ASV</td></div><div class="diff-add"><td colspan="1" class="diff-add" rowspan="1">Updated <a href="#change-description"><b>E. Changes in this Version of the Document</b></a>.
</td></div></tr></div></tbody></table><br></div></div></body></html>
\ No newline at end of file
Index: ws-policy-guidelines-diff20070928.xml
===================================================================
RCS file: /sources/public/2006/ws/policy/ws-policy-guidelines-diff20070928.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- ws-policy-guidelines-diff20070928.xml 24 Oct 2007 14:51:59 -0000 1.2
+++ ws-policy-guidelines-diff20070928.xml 27 Oct 2007 01:42:46 -0000 1.3
@@ -36,17 +36,28 @@
non-normative guidelines for WS-Policy Assertion Authors who
need to know the features of the language and understand the
requirements for describing policy assertions. Some of the
- guidance for WS-Policy Assertion Authors can also be helpful
- for:
+ guidance
+ for WS-Policy Assertion Authors can also be helpful
+ <phrase diff="del">for:
- </p><ulist><item><p>WS-Policy expression authors who need to understand
+
+
+
+ WS-Policy expression authors who need to understand
the syntax of the language and understand how to build consistent
policy expressions
- </p></item><item><p>Consumers of policy expressions who need to understand
- the requirements contained in policy assertions
- </p></item><item><p>Providers of policy expressions who need to understand
- how to use the assertions authored by Assertion Authors
- </p></item></ulist><p>This document assumes a basic understanding of XML,
+
+
+
+ Consumers of </phrase><phrase diff="chg">for those </phrase>who <phrase diff="add">use
+ </phrase><phrase diff="del">need to understand
+ </phrase>the <phrase diff="del">requirements contained in policy assertions
+
+
+
+ Providers of </phrase>policy <phrase diff="del">expressions who need to understand
+ how to use the </phrase>assertions <phrase diff="chg">created </phrase>by Assertion <phrase diff="chg">Authors.
+ </phrase></p><p>This document assumes a basic understanding of XML,
Namespaces in XML, WSDL, SOAP and the Web Services Policy language.
</p><p>This is a non-normative document and does
not provide a definitive specification of the Web Services
@@ -57,7 +68,7 @@
</p><p> As a companion document to the primer, this document also follows
the Socratic style of beginning with a question, and then answering
the question.
- </p></div1><div1 id="best-practices-list"><head>List of Best Practice Statements</head><p>The following Best Practices appear in this document with discussion and examples, and are summarized here for quick reference:</p><ulist><item><p><specref ref="bp-compatibility-tests"/></p></item><item><p><specref ref="bp-ignorable-for-not-related-to-compatibility-tests"/></p></item><item><p><specref ref="bp-semantics-and-form"/></p></item><item><p><specref ref="bp-assertion-start"/></p></item><item><p><specref ref="bp-unique-qnames"/></p></item><item><p><specref ref="XMLOutline"/></p></item><item><p><specref ref="AssertionDefinitions"/></p></item><item><p><specref ref="DefineIgnorable"/></p></item><item><p><specref ref="ignorableAssertions"/></p></item><item><p><specref ref="bp-assertion-xml-allow-optional"/></p></item><item><p><specref ref="bp-not-necessary-to-understand-a-message"/></p></item><item><p><specref ref="bp-assertion-duplication"/></p></item><item><p><specref ref="bp-assertion-parameters"/></p><item><item><p><specref ref="bp-dependent-behaviors"/></p></item><item><p><specref ref="bp-declare-nested-assertions"/></p></item><item><p><specref ref="bp-discourage-domain-specific-intersection"/></p></item><item><p><specref ref="bp-limit-optional-assertions"/></p></item><item><p><specref ref="bp-entire-mep-for-optional"/></p></item><item><p><specref ref="bp-indicate-optional-assertion-use"/></p></item><item><p><specref ref="bp-assertion-semantics"/></p></item><item><p><specref ref="bp-semantics-multiple-same-type"/></p></item><item><p><specref ref="bp-leverage-defined-attachment-mechanisms"/></p></item><item><p><specref ref="bp-use-defined-policy-subjects"/></p></item><item><p><specref ref="bp-identify-policy-subjects"/></p></item><item><p><specref ref="bp-WSDL-policy-subject"/></p></item><item><p><specref ref="bp-WSDL-consider-scope"/></p></item><item><p><specref ref="bp-WSDL-policy-subject-Granularity"/></p></item><item><p><specref ref="bp-WSDL-multiple-policy-subjects"/></p></item><item><p><specref ref"bp-WSDL-preferred-attachment-point"/></p></item><item><p><specref ref="bp-UDDI-tmodels"/></p></item><item><p><specref ref="bp-specify-composition"/></p></item><item><p><specref ref="bp-independent-assertions"/></p></item><item><p><specref ref="bp-policy-subject-change"/></p></item></ulist></div1><div1 id="Assertions"><head>What is an Assertion? </head><p>An assertion is a piece of metadata that describes a capability related to a specific <phrase diff="add">domain that
+ </p></div1><div1 id="best-practices-list"><head>List of Best Practice Statements</head><p>The following Best Practices appear in this document with discussion and examples, and are summarized here for quick reference:</p><ulist><item><p><specref ref="bp-compatibility-tests"/></p></item><item><p><specref ref="bp-ignorable-for-not-related-to-compatibility-tests"/></p></item><item><p><specref ref="bp-semantics-and-form"/></p></item><item><p><specref ref="bp-assertion-start"/></p></item><item><p><specref ref="bp-unique-qnames"/></p></item><item><p><specref ref="XMLOutline"/></p></item><item><p><specref ref="AssertionDefinitions"/></p></item><item><p><specref ref="DefineIgnorable"/></p></item><item><p><specref ref="ignorableAssertions"/></p></item><item><p><specref ref="bp-assertion-xml-allow-optional"/></p></item><item><p><specref ref="bp-not-necessary-to-understand-a-message"/></p></item><item><p><specref ref="bp-assertion-duplication"/></p></item><item><p><specref ref="bp-assertion-parameters"/></p><item><item><p><specref ref="bp-dependent-behaviors"/></p></item><item><p><specref ref="bp-declare-nested-assertions"/></p></item><item><p><specref ref="bp-discourage-domain-specific-intersection"/></p></item><item><p><specref ref="bp-entire-mep-for-optional"/></p></item><item><p><specref ref="bp-limitoptional-assertion-use"/></p></item><item><p><specref ref="bp-indicate-optional-assertion-use"/></p></item><item><p><specref ref="bp-assertion-semantics"/></p></item><item><p><specref ref="bp-semantics-multiple-same-type"/></p></item><item><p><specref ref="bp-leverage-defined-attachment-mechanisms"/></p></item><item><p><specref ref="bp-use-defined-policy-subjects"/></p></item><item><p><specref ref="bp-identify-policy-subjects"/></p></item><item><p><specref ref="bp-WSDL-policy-subject"/></p></item><item><p><specref ref="bp-WSDL-consider-scope"/></p></item><item><p><specref ref="bp-WSDL-policy-subject-Granularity"/></p></item><item><p><specref ref="bp-WSDL-multiple-policy-subjects"/></p></item><item><p><specref rf="bp-WSDL-preferred-attachment-point"/></p></item><item><p><specref ref="bp-UDDI-tmodels"/></p></item><item><p><specref ref="bp-specify-composition"/></p></item><item><p><specref ref="bp-independent-assertions"/></p></item><item><p><specref ref="bp-policy-subject-change"/></p></item></ulist></div1><div1 id="Assertions"><head>What is an Assertion? </head><p>An assertion is a piece of metadata that describes a capability related to a specific <phrase diff="add">domain that
has chosen to express their capabilities
via the </phrase>WS-Policy <phrase diff="chg">expressions. </phrase>Sets of domain-specific assertions
are typically defined in a dedicated specification that describes
@@ -372,7 +383,7 @@
understand how policy expressions are used by a
framework implementation that has followed the specifications.
</p><p>The examples given in this document <phrase diff="add">are
- based</phrase><phrase diff="del">reference </phrase><phrase diff="chg">on </phrase><phrase diff="add">existing assertions such as</phrase><phrase diff="del">like </phrase>WS-SecurityPolicy and WS-RM Policy.
+ based</phrase><phrase diff="del">reference </phrase><phrase diff="chg">on </phrase><phrase diff="add">existing assertions such</phrase><phrase diff="del">like </phrase><phrase diff="add">as </phrase>WS-SecurityPolicy and WS-RM Policy.
These policy expressions represent web services message exchange requirements, but policy authoring can
be done by individual groups that wish to represent web services application requirements and
deployments that wish to reuse the WS-Policy framework in
@@ -561,7 +572,43 @@
A review by a broad community is the best way to ensure that the granularity of a set
of domain assertions is appropriate.</p><p id="bp-assertion-duplication" role="practice"><quote>Avoid Duplication of Assertions</quote>
<quote>Assertion Authors should reuse an existing assertion (rather than create a new one) whenever possible.</quote>
- </p></div3></div2><div2 id="comparison"><head>Comparison of Nested and Parameterized Assertions</head><p>There are two different ways to provide additional information
+ </p></div3><div3 diff="add" id="order-of-behaviors"><head><phrase diff="add">Order of Behaviors</phrase></head><p> <phrase diff="add">A policy alternative is a collection of zero or more policy assertions.
+ Assertions within a policy alternative are not ordered.</phrase></p><p><phrase diff="add">The order of assertions in a policy alternative and order in which behaviors
+ (indicated by assertions) are applied are two distinct concepts. The order of
+ assertions in a policy alternative has no bearing on the order in which behaviors are applied.</phrase></p><p><phrase diff="add">Specifying the order in which behaviors are applied is outside the scope of the Web Services
+ Policy Framework. However, the Framework says that assertion authors can write assertions that
+ indicate the order in which behaviors are applied.</phrase></p><p><phrase diff="add">According to the SOAP processing model, the order of headers and body processing
+ (for behaviors such as addressing, security, reliability and transaction) is at the discretion
+ of the SOAP node and SOAP-based protocols may be used to control the order of processing. </phrase></p><p><phrase diff="add">The Web Services Security specification provides producers with a choice of signing a message
+ before encrypting or signing a message after encrypting. That is, WS-Security 1.1, section 8 says,
+ lines 1173-1183 - says "Finally, if a producer wishes to sign a message before encryption, then
+ following the ordering rules laid out in section 5, "Security Header", they SHOULD first prepend
+ the signature element to the </phrase><code><phrase diff="add">wsse:Security</phrase></code> <phrase diff="add">header, and then prepend the encryption element, ...
+ Likewise, if a producer wishes to sign a message after encryption, they SHOULD first prepend the
+ encryption element to the </phrase><code><phrase diff="add">wsse:Security</phrase></code> <phrase diff="add">header, and then prepend the signature element." </phrase></p><p><phrase diff="add">The Web Services Security Policy specification provides assertions which let users control
+ whether to sign the message before encrypting or sign it after encrypting. </phrase></p><p><phrase diff="add">In the example below, the SignBeforeEncrypting assertion requires producers to sign a message
+ before encrypting.</phrase></p><example><head><phrase diff="add">SignBeforeEncrypting assertion</phrase></head><eg xml:space="preserve"><wsp:Policy>
+ <sp:AsymmetricBinding>
+ <wsp:Policy>
+ <sp:IncludeTimestamp />
+ <sp:SignBeforeEncrypting />
+ <sp:EncryptSignature />
+ <sp:ProtectTokens />
+ <wsp:Policy/>
+ </sp:AsymmetricBinding>
+ <wsam:Addressing>...</wsam:Addressing>
+</wsp:Policy> </eg></example><p><phrase diff="add">In the example below, the EncryptBeforeSigning assertion requires producers
+ to sign a message after encrypting. </phrase></p><example><head><phrase diff="add">EncryptBeforeSigning assertion</phrase></head><eg xml:space="preserve"><wsp:Policy>
+ <sp:AsymmetricBinding>
+ <wsp:Policy>
+ <sp:IncludeTimestamp />
+ <sp:EncryptBeforeSigning />
+ <sp:EncryptSignature />
+ <sp:ProtectTokens />
+ <wsp:Policy/>
+ </sp:AsymmetricBinding>
+ <wsam:Addressing>...</wsam:Addressing>
+</wsp:Policy> </eg></example></div3></div2><div2 id="comparison"><head>Comparison of Nested and Parameterized Assertions</head><p>There are two different ways to provide additional information
in an assertion beyond its type: assertion parameters and nested policy
expressions. We cover these two cases below followed by a comparison of these
approaches targeting when to use either of the two approaches.</p><p>The main consideration for choosing between use of parameters or nested policy
@@ -722,67 +769,102 @@
indicate the semantic of the runtime behavior in the description of the assertion.
</p><p>
As said in <xspecref xmlns:xlink="http://www.w3.org/1999/xlink" href="ws-policy-primer.html#strict-lax-policy-intersection" xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">section 3.4.1 Strict and Lax Policy Intersection</xspecref> in <bibref ref="WS-Policy-Primer"/>, "Regardless of the chosen intersection mode, ignorable assertions do not express any wire-level requirements on the behavior of consumers - in other words, a consumer could choose to ignore any such assertions that end up in the resulting policy after intersection, with no adverse effects on runtime interactions." Therefore, any assertion that is marked with ignorable should not impose any wire-level requirements on the part of consumers. Assertion Authors are reminded that regardless of whether an assertion is marked as ignorable, policy consumers using strict intersection will not 'ignore' the assertion.
- </p></div3></div2><div2 id="optional-policy-assertion"><head>Designating Optional Behaviors</head><div3><head>Optional behavior at runtime</head><p>Since optional behaviors indicate optionality for
+ </p></div3></div2><div2 id="optional-policy-assertion"><head>Designating Optional Behaviors</head><div3><head>Optional behavior at runtime</head><p><phrase diff="del">Since optional behaviors indicate optionality for
both the provider and the consumer, behaviors that must
always be engaged by a consumer must not be marked as
"optional" with a value "true" since this would allow the
consumer to select the policy alternative that does not contain the assertion,
and thus not engaging the behavior.
- </p><p id="bp-limit-optional-assertions" role="practice">
- <quote>Limit use of Optional Assertions</quote>
- <quote>Assertion Authors should not use optional assertions for behaviors that must be present
- in compatible policy expressions.</quote>
- </p><p> The target scope of an optional assertion is an important factor for
+
+
+ Limit use of Optional Assertions
+ Assertion Authors should not use optional assertions for behaviors that must be present
+ in compatible policy expressions.
+
+ </phrase>The target scope of an <phrase diff="del">optional </phrase>assertion is an important factor for
Assertion Authors to consider as it determines the
- <emph>granularity</emph> where the behavior is optionally
- engaged. For example, if the assertion is targeted for an
- endpoint policy subject, it is expected to govern all the
- messages that are indicated by the specific endpoint when
- optional behavior is <emph> engaged </emph>. Since the
- behavior would be applicable to policy subject that is
- designated, it is important for the Assertion Authors
- to choose the appropriate level of granularity for optional
- behaviors, to consider whether a specific message or all messages, etc. are targeted.
- </p><p>
- When optional behaviors are indicated by attaching assertions with
+ <emph>granularity</emph> <phrase diff="chg">of </phrase>the <phrase diff="add">scope for which the</phrase>behavior
+ is <phrase diff="add">to be </phrase><phrase diff="del">optionally
+ </phrase>engaged. For example, if <phrase diff="chg">an </phrase>assertion <phrase diff="chg">has a scope of
+ </phrase>endpoint policy <phrase diff="add">subject</phrase><phrase diff="del">subject, it </phrase><phrase diff="chg">the behavior indicated by that assertion
+ applies to all , messages exchanged in both </phrase><phrase diff="add">directions</phrase><phrase diff="del">when
+ optional </phrase><phrase diff="chg">(e.g. </phrase><phrase diff="add">both
+ request</phrase><phrase diff="del">is </phrase><phrase diff="add">and </phrase><phrase diff="chg">response </phrase><phrase diff="add">messages)</phrase><phrase diff="del">. </phrase><phrase diff="chg">with </phrase>the
+ <phrase diff="del">behavior </phrase><phrase diff="add">specific</phrase><phrase diff="del">would be applicable </phrase><phrase diff="add">endpoint </phrase>to <phrase diff="add">which
+ the </phrase>policy <phrase diff="add">alternative including</phrase><phrase diff="del">subject </phrase>that <phrase diff="add">assertion </phrase>is <phrase diff="add">attached.
+ </phrase></p><p diff="add"><phrase diff="del">designated, </phrase><phrase diff="chg">Certain behaviors might provide in their </phrase><phrase diff="add">specification</phrase><phrase diff="del">Authors
+ to </phrase><phrase diff="chg">for </phrase>the
+ <phrase diff="chg">optional use </phrase>of <phrase diff="chg">that behavior </phrase><phrase diff="add">in</phrase><phrase diff="del">optional
+ behaviors, </phrase><phrase diff="chg">the context of </phrase>a <phrase diff="add">subset</phrase><phrase diff="del">specific message or </phrase><phrase diff="chg">of </phrase><phrase diff="add">a
+ given</phrase><phrase diff="del">messages, </phrase><phrase diff="add">interaction.</phrase><phrase diff="del">etc. are targeted.
+
+
+ </phrase>When <phrase diff="add">such </phrase>optional behaviors are indicated by attaching assertions with
only one side of an interaction, such as an inbound message of a
- request-response, the engagement of the rest of the interaction will
+ request-response, the engagement <phrase diff="add">in the context </phrase>of the rest of the interaction
+ <phrase diff="add">such as the outbound message, </phrase>will
be undefined. Therefore, the Assertion Authors are encouraged to
- consider how the attachment on a message policy subject on a response
- message should be treated when optional behaviors are specified for
- message exchanges within a request response for response messages,
- using message policy subject. Leaving the semantics not specified or
- incompletely specified may result in providers making assumptions.
- Similarly, if engagement of a behavior is only specified for an
- outbound message, the Assertion Authors should consider describing
- the semantics if the incoming messages also utilized the behavior.
- This is especially important if the assertion is applicable to more
- than one specific policy subject. One approach that is currently taken
- by WS-RM Policy [<bibref ref="WS-RM-Policy"/>] is to
- introduce both message and endpoint policy subjects for one of its
- assertions and require the use of endpoint policy subject
- when message policy subject is used via attachment.
- </p><p id="bp-entire-mep-for-optional" role="practice">
- <quote>Consider entire message exchange pattern when specifying Assertions that may be optional</quote>
- <quote>Assertion Authors should associate optional assertions with the appropriate endpoint and use the smallest
- possible granularity to limit the degree to which optionality applies.</quote>
+ consider <phrase diff="del">how </phrase>the <phrase diff="add">implications of </phrase>attachment <phrase diff="add">of an assertion that indicates
+ such optional behavior</phrase><phrase diff="del">on </phrase><phrase diff="add">at </phrase>a message policy subject on <phrase diff="chg">the interaction
+ as a whole. For example, if reliable messaging (RM) </phrase><phrase diff="add">is</phrase><phrase diff="del">for
+ message </phrase><phrase diff="chg">applied to </phrase>a request
+ <phrase diff="add">message </phrase><phrase diff="del">response for response </phrase><phrase diff="add">because</phrase><phrase diff="del">messages,
+ using </phrase><phrase diff="chg">the </phrase>policy <phrase diff="chg">attached to </phrase>the <phrase diff="chg">inbound message in </phrase><phrase diff="add">a request-response</phrase><phrase diff="del">or
+ </phrase><phrase diff="chg">operation had an alternative that incldued RM </phrase>in<phrase diff="del">assumptions.
+ Similarly, </phrase><phrase diff="chg">its </phrase><phrase diff="add">assertions, is</phrase><phrase diff="del">engagement </phrase><phrase diff="add">the application
+ </phrase>of <phrase diff="chg">RM to the outbound message permitted, </phrase><phrase diff="add">even</phrase><phrase diff="del">an
+ outbound </phrase><phrase diff="chg">if there is no </phrase><phrase diff="add">policy
+ attached</phrase><phrase diff="del">should </phrase><phrase diff="chg">to </phrase><phrase diff="add">that subject? Leaving </phrase><phrase diff="del">describing
+ </phrase>the semantics <phrase diff="chg">either unspecified </phrase><phrase diff="add">or
+ incompletely</phrase><phrase diff="del">incoming </phrase><phrase diff="chg">specified may result in </phrase><phrase diff="add">implementations making assumptions
+ that might have undesireable consequences.</phrase><phrase diff="del">behavior.
+ </phrase>This is especially important if the assertion is applicable to more
+ than one specific policy subject. <phrase diff="chg">The </phrase>approach <phrase diff="del">that is currently </phrase>taken
+ by
+ WS-RM Policy [<bibref ref="WS-RM-Policy"/>] is to <phrase diff="add">provide for an RM
+ assertion to be attached at either or
+ </phrase><phrase diff="del">introduce </phrase>both message and endpoint policy <phrase diff="add">subjects.
+ In</phrase><phrase diff="del">subjects </phrase><phrase diff="chg">order to eliminate </phrase><phrase diff="add">the</phrase><phrase diff="del">its
+ assertions </phrase><phrase diff="chg">ambiguity </phrase><phrase diff="add">associated with only using a message
+ policy</phrase><phrase diff="del">require </phrase><phrase diff="add">subject, </phrase>the <phrase diff="chg">WS-RM Policy </phrase><phrase diff="add">requires a policy to be attached to an
+ </phrase>endpoint policy subject <phrase diff="add">as well as
+ </phrase><phrase diff="del">when </phrase><phrase diff="add">a </phrase>message policy subject <phrase diff="add">whenever a policy
+ is attached to a message policy subject.
+ The combination directly addresses
+ the unstated semantic that if RM </phrase>is used <phrase diff="add">for inbound messages, that it MAY
+ be used for outbound</phrase><phrase diff="del">via </phrase><phrase diff="add">messages, even if the assertion is not attached to the
+ outbound message (and vice-versa).</phrase><phrase diff="del">attachment.
+ </phrase></p><p id="bp-entire-mep-for-optional" role="practice">
+ <quote>Consider entire message exchange pattern when specifying Assertions that <phrase diff="add">represent</phrase><phrase diff="del">may be </phrase>optional <phrase diff="add">behavior related
+ to a subset of that message exchange pattern when considering appropriate policy
+ subject attachment points </phrase></quote>
+ <quote>Assertion Authors should associate assertions <phrase diff="add">that represent optional behavior
+ </phrase>with the appropriate <phrase diff="add">policy subject</phrase><phrase diff="del">endpoint </phrase>and use the smallest
+ possible granularity <phrase diff="add">(See Best Practice 28) </phrase>to limit the degree to which <phrase diff="chg">optional </phrase><phrase diff="add">behavior </phrase>applies.</quote>
</p><p>
- Behaviors must be engaged
- with respect to messages that are targeted to the provider
- so that the provider can determine that the optional
- behavior is engaged. In other words, the need for self
- describing messages [<specref ref="self-describing"/>] should
- not be forgotten.
- An explicit, out of band mechanism might be necessary to enable a
- client to indicate that
- the optional behavior is engaged.
- (Such an out of band mechanism is outside the scope of WS-Policy
- Framework).
+ Behaviors <phrase diff="add">that </phrase>must be engaged <phrase diff="add">in the context of an interaction must not be marked
+ with wsp:Optional="true". since this creates two alternatives; one with and one without
+ that assertion. This would allow the policy consumer to select the policy alternative
+ that does not contain that assertion, and thus result in an interaction that did
+ not engage the required behavior that was indicated by that assertion.
+ </phrase></p><p diff="add" id="bp-limitoptional-assertion-use" role="practice">
+ <quote><phrase diff="add">Limit use of an Optional Assertion</phrase></quote>
+ <quote><phrase diff="add">Assertion Authors should disallow the use of the wsp:Optional
+ attribute on assertions that represent behaviors that must be engaged.</phrase></quote>
+ </p><p diff="add">
+ <phrase diff="add">Behaviors must be engaged </phrase>with respect to messages that are targeted to the
+ provider so that the provider can determine that the optional behavior is engaged.
+ In <phrase diff="chg">ohter </phrase>words, the need for self describing messages [<specref ref="self-describing"/><phrase diff="chg">]should </phrase><phrase diff="del">should
+ </phrase>not be forgotten.
+ An explicit, out of band mechanism might be necessary to enable a client to
+ indicate that the optional behavior is engaged. (Such an out of band mechanism
+ is outside the scope of <phrase diff="add">the </phrase>WS-Policy Framework).
</p><p id="bp-indicate-optional-assertion-use" role="practice">
<quote>Indicate use of an Optional Assertion</quote>
- <quote>When a given behavior may be optional, it must be possible for both message participants to determine that the assertion is selected by both parties,
- either out of band or as reflected by the message content.</quote>
- </p><p>
+ <quote>When a given behavior may be optional, it must be possible for both message participants
+ to determine that the assertion <phrase diff="add">has been</phrase><phrase diff="del">is </phrase>selected by both parties,
+ either out of band or as reflected by the message content.</quote>
+ </p><p>
The <bibref ref="WS-Policy-Primer"/> document contains an example that outlines the
use of
<bibref ref="MTOM"/> as an optional behavior that can be engaged by a consumer.
@@ -799,39 +881,50 @@
alternate that contains the MTOM assertion is being obeyed (
<loc xmlns:xlink="http://www.w3.org/1999/xlink" href="#bp-indicate-optional-assertion-use" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">Best Practice: Indicate use of an Optional Assertion</loc>).
</p><p>
- Note that if a MTOM assertion were only bound to an inbound message endpoint,
- then it would not be clear whether the outbound message from the provider would
- also utilize the behavior. Thus this assertion should be associated at the granularity
+ Note that if a MTOM assertion were only bound to <phrase diff="add">the policy subject representing</phrase><phrase diff="del">an </phrase><phrase diff="add">the
+ </phrase>inbound <phrase diff="chg">message, </phrase><phrase diff="del">endpoint,
+ </phrase>then it would not be clear <phrase diff="add">to the service provider </phrase>whether the outbound
+ <phrase diff="add">whether </phrase><phrase diff="chg">the outbound </phrase><phrase diff="add">messages generated by that</phrase><phrase diff="del">the </phrase>provider <phrase diff="chg">should
+ </phrase>also utilize <phrase diff="chg">that </phrase>behavior. Thus this assertion should be associated at the granularity
of an entire message exchange. The semantics of the assertion should specify this
- to avoid inappropriate assumptions by implementations. This is important for an
- optional assertion where it may not be clear whether it is to apply in a message
- exchange when optionally used in part of that exchange
- (<loc xmlns:xlink="http://www.w3.org/1999/xlink" href="#bp-entire-mep-for-optional" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">Best Practice: Consider entire message exchange pattern when specifying Assertions that may be optional</loc>).
- </p></div3></div2><div2 id="levels-of-abstraction"><head>Considerations for Policy Attachment</head><div3 id="general-attachment-guidelines"><head>General Guidelines</head><p><phrase diff="add">Although
- </phrase><phrase diff="del">The </phrase><phrase diff="chg">a policy assertion </phrase><phrase diff="add">may be constrained</phrase><phrase diff="del">used </phrase>to
- <phrase diff="del">communicate </phrase><phrase diff="chg">a specific set of policy subjects by Assertion </phrase><phrase diff="add">Authors,
- its </phrase><phrase diff="del">additional
- </phrase>semantics <phrase diff="chg">should not be dependent upon the mechanism by which the </phrase>policy <phrase diff="chg">expression is attached </phrase>to <phrase diff="chg">a
- given policy subject. For </phrase><phrase diff="add">instance,</phrase><phrase diff="del">possibly
- unknown) </phrase><phrase diff="chg">an assertion "Foo" has the same semantics </phrase><phrase diff="add">when</phrase><phrase diff="del">mechanisms
- may </phrase><phrase diff="chg">attached to an </phrase><phrase diff="add">operation
- </phrase>policy <phrase diff="add">subject</phrase><phrase diff="del">alternative created </phrase><phrase diff="chg">regardless of whether it </phrase><phrase diff="add">was</phrase><phrase diff="del">calculating
- an </phrase><phrase diff="chg">attached using XML element policy attachment or </phrase>the <phrase diff="chg">external URI
- attachment mechanism. Independence from a specific attachment mechanism allows policy </phrase><phrase diff="add">tools</phrase><phrase diff="del">also
- important </phrase><phrase diff="add">to choose</phrase><phrase diff="del">for </phrase>the <phrase diff="add">most
- appropriate</phrase><phrase diff="del">policy </phrase><phrase diff="chg">mechanism </phrase>to <phrase diff="chg">attach a policy without having </phrase><phrase diff="add">to</phrase><phrase diff="del">multiple
- assertions </phrase><phrase diff="chg">analyze </phrase><phrase diff="add">the contents of the policy.</phrase><phrase diff="del">present.
- </phrase></p><p diff="chg" id="bp-assertion-semantics" role="practice">
- <quote><phrase diff="chg">Semantics </phrase><phrase diff="add">Independent</phrase><phrase diff="del">Assertions
- Assertion </phrase><phrase diff="chg">of Attachment </phrase><phrase diff="add">Mechanisms</phrase></quote>
- <quote diff="add"><phrase diff="add">The</phrase><phrase diff="del">encouraged </phrase><phrase diff="chg">semantics of </phrase>a policy <phrase diff="chg">assertion </phrase><phrase diff="add">should</phrase><phrase diff="del">that
- can </phrase><phrase diff="chg">not depend on the </phrase>attachment <phrase diff="add">mechanism</phrase><phrase diff="del">mechanism. </phrase><phrase diff="add">used.</phrase></quote>
- </p><p>For example, a security policy expression can be assigned a key reference and
- be attached to a UDDI binding or can be embedded in a WSDL document. </p><p diff="add"><phrase diff="add">Since multiple attachment mechanisms may be used, a policy alternative created during the process of calculating
+ to avoid inappropriate assumptions by implementations.
+ </p></div3></div2><div2 diff="add" id="levels-of-abstraction"><head><phrase diff="add">Considerations </phrase><phrase diff="chg">for Policy </phrase><phrase diff="add">Attachment</phrase></head><div3 id="general-attachment-guidelines"><head><phrase diff="add">General</phrase><phrase diff="del">important </phrase><phrase diff="add">Guidelines</phrase></head><p><phrase diff="add">Although</phrase><phrase diff="del">for </phrase><phrase diff="add">a</phrase><phrase diff="del">an
+ optional </phrase><phrase diff="chg">policy </phrase><phrase diff="add">assertion</phrase><phrase diff="del">where it </phrase>may <phrase diff="add">be constrained to a specific set of policy subjects by Assertion Authors,
+ its semantics should </phrase>not be <phrase diff="chg">dependent upon </phrase><phrase diff="add">the mechanism by which the policy</phrase><phrase diff="del">it </phrase><phrase diff="add">expression </phrase>is <phrase diff="add">attached </phrase>to <phrase diff="add">a
+ given</phrase><phrase diff="del">apply </phrase><phrase diff="chg">policy subject. </phrase><phrase diff="add">For instance, an</phrase><phrase diff="del">message
+ exchange </phrase><phrase diff="add">assertion "Foo" has the same semantics </phrase>when <phrase diff="chg">attached to an </phrase><phrase diff="add">operation
+ policy</phrase><phrase diff="del">part </phrase><phrase diff="chg">subject regardless </phrase><phrase diff="add">of</phrase><phrase diff="del">exchange
+ (Best </phrase><phrase diff="chg">whether it was attached using XML element policy attachment or the external </phrase><phrase diff="add">URI
+ attachment</phrase><phrase diff="del">optional).
+
+
+
+
+
+
+ Considerations </phrase><phrase diff="chg">mechanism. Independence </phrase><phrase diff="add">from</phrase><phrase diff="del">Attachment
+
+ General </phrase>a<phrase diff="del">Guidelines
+
+ The </phrase><phrase diff="chg">specific </phrase>attachment mechanism <phrase diff="add">allows policy tools</phrase><phrase diff="del">used </phrase>to <phrase diff="chg">choose </phrase>the <phrase diff="add">most
+ appropriate</phrase><phrase diff="chg">mechanism to attach a policy without </phrase><phrase diff="add">having</phrase><phrase diff="del">additional
+ semantics </phrase><phrase diff="add">to analyze</phrase><phrase diff="del">in </phrase>the <phrase diff="chg">contents </phrase>of <phrase diff="chg">the </phrase><phrase diff="add">policy.</phrase></p><p id="bp-assertion-semantics" role="practice">
+ <quote><phrase diff="add">Semantics</phrase><phrase diff="del">alternatives. </phrase><phrase diff="chg">Independent of Attachment </phrase><phrase diff="add">Mechanisms</phrase></quote><phrase diff="del">each
+ </phrase><quote><phrase diff="add">The semantics of a </phrase>policy assertion <phrase diff="chg">should not </phrase><phrase diff="add">depend on the</phrase><phrase diff="del">to </phrase><phrase diff="add">attachment mechanism used.</phrase></quote>
+ </p><p><phrase diff="add">For example, a security policy expression can </phrase>be <phrase diff="chg">assigned a key reference and
+ be attached </phrase><phrase diff="add">to a</phrase><phrase diff="del">mechanisms </phrase><phrase diff="add">UDDI binding or can be embedded </phrase>in <phrase diff="add">a WSDL document.</phrase><phrase diff="del">mind. </phrase></p><p>Since multiple attachment mechanisms may be used, a policy alternative created during the process of calculating
an effective policy can contain multiple instances of the same policy assertion type
( i.e., the SignedParts assertion). It is therefore also important for the policy authors to define what it
- means if multiple assertions are present.
- </phrase></p><p id="bp-semantics-multiple-same-type" role="practice">
+ means if multiple assertions are present.
+
+
+
+ <phrase diff="del">Reusable Assertions
+ Assertion Authors are encouraged to create policy assertions that
+ can be used regardless of attachment mechanism.
+
+ For example, a security policy expression can be assigned a key reference and
+ be attached to a UDDI binding or can be embedded in a WSDL document. </phrase></p><p id="bp-semantics-multiple-same-type" role="practice">
<quote>Describe Semantics of Multiple Assertions of Same Type</quote><quote>
Assertion Authors should specify the semantics of multiple instances
of the same policy assertion type in the same policy alternative and the
@@ -958,7 +1051,7 @@
[<bibref ref="WS-RM-Policy"/>] gives rules on which WSDL policy subjects may be associated with the RM
Policy assertion, and which WSDL 1.1 elements may have RM Policy assertions attached.
</p><p>If the <phrase diff="chg">behavior indicated </phrase><phrase diff="add">by</phrase><phrase diff="del">imply
- different </phrase><phrase diff="chg">an assertion </phrase><phrase diff="add">varies when</phrase><phrase diff="del">respect </phrase><phrase diff="add">attached </phrase>to <phrase diff="chg">different </phrase><phrase diff="add">policy subjects</phrase><phrase diff="del">points, </phrase>the Assertion Authors
+ different </phrase><phrase diff="chg">an assertion varies </phrase><phrase diff="add">when attached </phrase>to <phrase diff="chg">different </phrase><phrase diff="add">policy subjects</phrase><phrase diff="del">points, </phrase>the Assertion Authors
should consider the following:</p><ulist><item><p> Decompose the semantics with several assertions.</p></item><item><p> Rewrite a single assertion targeting a specific <phrase diff="add">policy </phrase>subject. </p></item></ulist><p>Since many attachment points are available in WSDL, it would be
necessary for Assertion Authors to recommend a preferred attachment
point. One approach would be to identify different attachment points in
@@ -1035,15 +1128,16 @@
<code>RMAssertion</code> and a <code>sp:TransportBinding</code> assertion that requires the use of some transport-level
security mechanism (e.g. <code>sp:HttpsToken</code>)</quote>.
</p></div2></div1><div1 id="versioning-policy-assertions"><head>Versioning Policy Assertions</head><p>Assertion Authors need to consider not just the expression of the current set of requirements but
- how they anticipate new assertions being added to the set. There are three aspects to versioning policy assertions:</p><ulist><item><p> Assertion <phrase diff="add">Extensibility. Assertion authors should allow for extensibility
- (see best practice 5. Start with a Simple</phrase><phrase diff="del">Extensibility </phrase><phrase diff="add">Assertion)
+ how they anticipate new assertions being added to the set. There are three aspects to versioning policy assertions:</p><ulist><item><p> Assertion <phrase diff="add">Extensibility. Assertion</phrase><phrase diff="del">Extensibility </phrase><phrase diff="add">authors should allow for extensibility
+ (see best practice 5. Start with a Simple Assertion)
</phrase></p></item><item><p> Policy Language Extensibility </p><p>Over time, the Policy WG or third parties can version or extend the Policy Language with new
or modified constructs. These constructs may be compatible or incompatible with previous versions.
</p><p> Assertion Authors should review the WS-Policy Primer <bibref ref="WS-Policy-Primer"/>
and the specifications <bibref ref="WS-Policy"/> <bibref ref="WS-PolicyAttachment"/>
for details on extensibility.
</p><p> The current WS-Policy language <bibref ref="WS-Policy"/> provides extensibility points
- on 6 elements with a combination of attribute and/or element extensibility:</p><olist><item><p>Policy: element from ##other namespace and any attribute</p></item><item><p>ExactlyOne, All: element from ##other namespace; no attribute extensibility</p></item><item><p>PolicyReference: any element and any attribute</p></item><item><p>PolicyAttachment: element from ##other namespace and any attribute</p></item><item><p>AppliesTo: any element and any attribute</p></item><item><p>URI: any attribute</p></item></olist></item><item><p>Supporting New Policy Subjects</p></item></ulist><div2 id="Referencing_Policy_Expressions"><head>Referencing Policy Expressions</head><p>The <bibref ref="WS-Policy-Primer"/> illustrates how providers can utilize
+ on 6 elements with a combination of attribute and/or element extensibility:</p><olist><item><p>Policy: element from ##other namespace and any attribute</p></item><item><p>ExactlyOne, All: element from ##other namespace; no attribute extensibility</p></item><item><p>PolicyReference: any element and any attribute</p></item><item><p>PolicyAttachment: element from ##other namespace and any attribute</p></item><item><p>AppliesTo: any element and any attribute</p></item><item><p>URI: any attribute</p></item></olist></item><item><p>Supporting New Policy Subjects <phrase diff="add">(see Section
+ </phrase><specref diff="add" ref="supporting-new-policy-subjects"/><phrase diff="add">).</phrase></p></item></ulist><div2 id="Referencing_Policy_Expressions"><head>Referencing Policy Expressions</head><p>The <bibref ref="WS-Policy-Primer"/> illustrates how providers can utilize
the identification mechanism defined in the Policy specification to
expose a complex policy expression as a reusable building block for
other policy expressions by reference. Reuse may also be useful for
@@ -1074,8 +1168,7 @@
Security 1.1. These are multiple equivalent behaviors and are represented using distinct
policy assertions.</p><example><head>Message-level Security and WSS: SOAP Message Security 1.1</head><eg xml:space="preserve"><Policy>
<sp:Wss11>…</sp:Wss11>
-</Policy></eg></example></div2><div2 id="supporting-new-policy-subjects"><head>Supporting New Policy Subjects <phrase diff="add">(see Section
- 6.3 Supporting New Policy Subjects)</phrase></head><p>
+</Policy></eg></example></div2><div2 id="supporting-new-policy-subjects"><head>Supporting New Policy Subjects</head><p>
The best practice <specref ref="bp-WSDL-policy-subject"/> specifies that policy authors should
define the set of policy subjects to which policy assertions can be
attached. Over time, new policy subjects may need to be defined. When
@@ -1123,7 +1216,7 @@
</td><td colspan="1" rowspan="1">[<bibref ref="WS-Policy"/>, <bibref ref="WS-PolicyAttachment"/>]</td></tr><tr><td colspan="1" rowspan="1">
<code>wsrmp</code>
</td><td colspan="1" rowspan="1">
- <code>http://docs.oasis-open.org/ws-rx/wsrmp/200608</code>
+ <code><phrase diff="chg">http://docs.oasis-open.org/ws-rx/wsrmp/200702</phrase></code>
</td><td colspan="1" rowspan="1">[<bibref ref="WS-RM-Policy"/>]</td></tr><tr><td colspan="1" rowspan="1">
<code>wss</code>
</td><td colspan="1" rowspan="1">
@@ -1145,12 +1238,15 @@
</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2000/NOTE-SOAP-20000508/" id="SOAP11" key="SOAP 1.1" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Simple Object Access Protocol (SOAP) 1.1</titleref>, D. Box, et al, Editors.
World Wide Web Consortium, 8 May 2000. Available at
- http://www.w3.org/TR/2000/NOTE-SOAP-20000508/. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2003/REC-soap12-part1-20030624/" id="SOAP12" key="SOAP 1.2 Messaging Framework" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
- <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">SOAP Version 1.2 Part 1: Messaging Framework</titleref>, M. Gudgin, M. Hadley,
- N. Mendelsohn, J-J. Moreau, H. Frystyk Nielsen, Editors. World Wide Web Consortium, 24
- June 2003. This version of the SOAP Version 1.2 Part 1: Messaging Framework Recommendation
- is http://www.w3.org/TR/2003/REC-soap12-part1-20030624/. The <loc href="http://www.w3.org/TR/soap12-part1/" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">latest version of SOAP Version 1.2 Part 1:
- Messaging Framework</loc> is available at http://www.w3.org/TR/soap12-part1/. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2005/REC-xop10-20050125/" id="XOP" key="XOP" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ http://www.w3.org/TR/2000/NOTE-SOAP-20000508/. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" diff="chg" href="http://www.w3.org/TR/2007/REC-soap12-part1-20070427/" id="SOAP12" key="SOAP 1.2 Messaging Framework (Second Edition)" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">SOAP Version 1.2 Part 1: Messaging Framework <phrase diff="add">(Second Edition)</phrase></titleref>, M. Gudgin, M. Hadley,
+ N. Mendelsohn, J-J. Moreau, H. Frystyk Nielsen, <phrase diff="add">A. Karmarkar, and Y.</phrase><phrase diff="add">Lafon, Editors.
+ </phrase>World Wide Web Consortium, <phrase diff="add">27</phrase><phrase diff="del">24
+ June </phrase><phrase diff="chg">April </phrase><phrase diff="add">2007.
+ </phrase>This version of the SOAP Version 1.2 Part 1: Messaging Framework Recommendation
+ is <phrase diff="chg">http://www.w3.org/TR/2007/REC-soap12-part1-20070427/. </phrase>The <loc href="http://www.w3.org/TR/soap12-part1/" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">latest
+ version of SOAP Version
+ 1.2 Part 1: Messaging Framework</loc> is available at http://www.w3.org/TR/soap12-part1/.</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2005/REC-xop10-20050125/" id="XOP" key="XOP" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">XML-binary Optimized Packaging</titleref>, M. Gudgin, N. Mendelsohn, M.
Nottingham and H. Ruellan, Editors. World Wide Web Consortium, 25 January 2005. This
version of the XML-binary Optimized Packaging Recommendation is
@@ -1183,39 +1279,49 @@
Web Services Policy 1.5 - Attachment</loc> is available at
http://www.w3.org/TR/ws-policy-attach/. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2007/WD-ws-policy-primer-20070810/" id="WS-Policy-Primer" key="Web Services Policy Primer" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Policy 1.5 - Primer</titleref>, A. S. Vedamuthu, D. Orchard, F. Hirsch, M. Hondo,
- P. Yendluri, T. Boubez and Ü. Yalçinalp, Editors. World Wide Web Consortium, 10 August 2007. This version of Web Services Policy 1.5 - Primer specification is http://www.w3.org/TR/2007/WD-ws-policy-primer-20070810/. The <loc href="http://www.w3.org/TR/ws-policy-primer/" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">latest version of Web Services Policy 1.5 - Primer</loc> is available at http://www.w3.org/TR/ws-policy-primer/.</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://docs.oasis-open.org/ws-rx/wsrm/200608/wsrm-1.1-rddl-200608.html" id="WS-RM" key="Web Services Reliable Messaging" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ P. Yendluri, T. Boubez and Ü. Yalçinalp, Editors. World Wide Web Consortium, 10 August 2007. This version of Web Services Policy 1.5 - Primer specification is http://www.w3.org/TR/2007/WD-ws-policy-primer-20070810/. The <loc href="http://www.w3.org/TR/ws-policy-primer/" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">latest version of Web Services Policy 1.5 - Primer</loc> is available at http://www.w3.org/TR/ws-policy-primer/.</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" diff="chg" href="http://docs.oasis-open.org/ws-rx/wsrm/200702/wsrm-1.1-spec-os-01.html" id="WS-RM" key="Web Services Reliable Messaging" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Reliable Messaging (WS-ReliableMessaging)</titleref>, D. Davis, A. Karmarkar
G. Pilz, S. Winkler, Ü. Yalçinalp, Editors. Organization for the Advancement of
- Structured Information Standards, August 7th, 2006, available at:
- http://docs.oasis-open.org/ws-rx/wsrm/200608/wsrm-1.1-rddl-200608.html
- </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://docs.oasis-open.org/ws-rx/wsrmp/200702/wsrmp-1.1-spec-os-01.pdf" id="WS-RM-Policy" key="Web Services Reliable Messaging Policy Assertion" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ Structured Information Standards, <phrase diff="chg">14 June 2007, </phrase>available at:
+ <phrase diff="add">http://docs.oasis-open.org/ws-rx/wsrm/200702/wsrm-1.1-spec-os-01.html.
+ Namespace document is available at
+ </phrase><loc diff="add" ref="http://docs.oasis-open.org/ws-rx/wsrm/200702" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">http://docs.oasis-open.org/ws-rx/wsrm/200702</phrase></loc><phrase diff="add">.
+ </phrase></bibl><phrase diff="del">http://docs.oasis-open.org/ws-rx/wsrm/200608/wsrm-1.1-rddl-200608.html
+
+ </phrase><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://docs.oasis-open.org/ws-rx/wsrmp/200702/wsrmp-1.1-spec-os-01.pdf" id="WS-RM-Policy" key="Web Services Reliable Messaging Policy Assertion" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Reliable Messaging Policy Assertion
- (WS-RM Policy) Version 1.1</titleref>, D. David, A. Kamarkar, G. Pilz, and
+ (WS-RM Policy) Version 1.1</titleref>, D. <phrase diff="chg">Davis, </phrase>A. Kamarkar, G. Pilz, and
Ü. Yalçinalp, Editors.
Organization for the Advancement of Structured Information Standards,
OASIS Standard, 14 June 2007. This version available at
http://docs.oasis-open.org/ws-rx/wsrmp/200702/wsrmp-1.1-spec-os-01.pdf.
- </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf" id="WS-Security2004" key="WS-Security 2004" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ <phrase diff="add">Namespace document is available at </phrase><loc diff="add" href="http://docs.oasis-open.org/ws-rx/wsrmp/200702" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">http://docs.oasis-open.org/ws-rx/wsrmp/200702</phrase></loc><phrase diff="add">.
+ </phrase></bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf" id="WS-Security2004" key="WS-Security 2004" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Security: SOAP Message Security
1.0</titleref>, A. Nadalin, C. Kaler, P. Hallam-Baker and
R. Monzillo, Editors. Organization for the Advancement of
Structured Information Standards, March 2004. Available at
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf" id="WS-SecurityPolicy" key="WS-SecurityPolicy" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
- <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">WS-SecurityPolicy v1.2</titleref>, A. Nadalin, M. Goodner, M. Gudgin, A.
- Barbir, and H. Granqvist, Editors. Organization for the Advancement of
- Structured Information Standards, 1 July 2007. Available at
- http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf.
- Namespace document available at
- http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://schemas.xmlsoap.org/ws/2005/02/trust" id="WS-Trust" key="WS-Trust" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
- <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services Trust Language (WS-Trust)</titleref>,
- S. Anderson, et al, Authors. Actional Corporation, BEA
+ <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">WS-SecurityPolicy v1.2</titleref>, A. Nadalin, M. Goodner, M. Gudgin, A.
+ Barbir, and H. Granqvist, Editors. Organization for the Advancement of
+ Structured Information Standards, 1 July 2007. Available at
+ http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf.
+ Namespace document available at
+ http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" diff="chg" href="http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf" id="WS-Trust" key="WS-Trust" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Web Services <phrase diff="chg">Atomic </phrase><phrase diff="add">Transaction (WS-AtomicTransaction)</phrase><phrase diff="del">Language </phrase><phrase diff="add">Version 1.1</phrase><phrase diff="del">(WS-Trust)</phrase></titleref>,
+ <phrase diff="del">S. </phrase><phrase diff="chg">M. Little, A. </phrase><phrase diff="add">Wilkinson,
+ Editors.</phrase><phrase diff="del">Authors. </phrase><phrase diff="add">Organization</phrase><phrase diff="del">Actional Corporation, BEA
Systems, Inc., Computer Associates International, Inc.,
International Business Machines Corporation, Layer 7
- Technologies, Microsoft Corporation, Oblix Inc., OpenNetwork
- Technologies Inc., Ping Identity Corporation, Reactivity
- Inc., RSA Security Inc., and VeriSign Inc., February
- 2005. Available at
- http://schemas.xmlsoap.org/ws/2005/02/trust. </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://uddi.org/pubs/ProgrammersAPI-V2.04-Published-20020719.htm" id="UDDIAPI20" key="UDDI API 2.0" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ Technologies, </phrase><phrase diff="chg">for the Advancement of </phrase><phrase diff="add">Structured</phrase><phrase diff="del">OpenNetwork
+ Technologies </phrase><phrase diff="chg">Information Standards, OASIS </phrase><phrase diff="add">Standard,
+ 16</phrase><phrase diff="del">Corporation, </phrase><phrase diff="add">April</phrase><phrase diff="del">Reactivity
+ Inc., </phrase><phrase diff="chg">2007. This version available </phrase><phrase diff="add">at
+ http://docs.oasis-open.org/ws-tx/wstx-wsat-1.1-spec-os/wstx-wsat-1.1-spec-os.html.
+ Namespace</phrase><phrase diff="del">VeriSign </phrase><phrase diff="chg">document </phrase><phrase diff="add">is</phrase><phrase diff="del">February
+ 2005. </phrase><phrase diff="chg">available </phrase>at
+ <phrase diff="del">http://schemas.xmlsoap.org/ws/2005/02/trust. </phrase><loc diff="add" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">http://docs.oasis-open.org/ws-tx/wsat/2006/06</phrase></loc>.
+ </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://uddi.org/pubs/ProgrammersAPI-V2.04-Published-20020719.htm" id="UDDIAPI20" key="UDDI API 2.0" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">UDDI Version 2.04 API</titleref>, T. Bellwood,
Editor. Organization for the Advancement of Structured
Information Standards, 19 July 2002. This version of UDDI
@@ -1233,14 +1339,16 @@
<loc href="http://uddi.org/pubs/DataStructure_v2.htm" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">latest
version of the UDDI 2.0 Data Structures</loc> is available at
http://uddi.org/pubs/DataStructure_v2.htm.
- </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://uddi.org/pubs/uddi-v3.0.1-20031014.htm" id="UDDI30" key="UDDI 3.0" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
- <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">UDDI Version 3.0.1</titleref>, L. Clément, et
- al, Editors. Organization for the Advancement of Structured Information Standards, 14 October 2003. This version of the
- UDDI Version 3.0 is
- http://uddi.org/pubs/uddi-v3.0.1-20031014.htm. The <loc href="http://uddi.org/pubs/uddi_v3.htm" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">latest version of
- the UDDI 3.0</loc> specification is available at
- http://uddi.org/pubs/uddi_v3.htm.
- </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/sawsdl/" id="SAWSDL" key="SAWSDL" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" diff="chg" href="http://uddi.org/pubs/uddi-v3.0.2-20041019.htm" id="UDDI30" key="UDDI 3.0" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
+ <titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">UDDI Version <phrase diff="chg">3.0.2</phrase></titleref>, L. Clément, <phrase diff="add">A.</phrase><phrase diff="del">et
+ al, </phrase><phrase diff="add">Hately, C.</phrase><phrase diff="add">von Riegen, and T. Rogers, Editors.
+ </phrase>Organization for the Advancement of Structured Information Standards, <phrase diff="chg">19 </phrase>October <phrase diff="chg">2004. </phrase>This version of the
+ UDDI Version 3.0 is
+ <phrase diff="del">http://uddi.org/pubs/uddi-v3.0.1-20031014.htm. </phrase><phrase diff="add">http://uddi.org/pubs/uddi-v3.0.2-20041019.htm.
+ </phrase>The <loc href="http://uddi.org/pubs/uddi_v3.htm" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">latest version of
+ the UDDI 3.0</loc> specification is available at
+ http://uddi.org/pubs/uddi_v3.htm.
+ </bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/sawsdl/" id="SAWSDL" key="SAWSDL" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
<titleref xlink:actuate="onRequest" xlink:show="new" xlink:type="simple">Semantic Annotations for WSDL and XML Schema</titleref> Joel Farrell, Holger Lausen, Editors. World Wide Web Consortium, 28 Augusty 2007. This is a W3C recommendation and the
specification can be found at http://www.w3.org/TR/2007/REC-sawsdl-20070828/. The <loc href="http://www.w3.org/TR/sawsdl/" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"> latest version of Semantic Annotations for WSDL and XML Schema</loc> is available at
http://www.w3.org/TR/sawsdl/.</bibl><bibl xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/TR/2004/REC-xmlschema-2-20041028/" id="XMLSchemaPart2" key="XML Schema Datatypes" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">
@@ -1272,9 +1380,9 @@
The people who have contributed to <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://lists.w3.org/Archives/Public/public-ws-policy/" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple">discussions
on public-ws-policy@w3.org</loc> are also gratefully
acknowledged.
- </p></inform-div1><inform-div1 id="change-description"><head>Changes in this Version of the Document</head><p>A list of major changes since the Working Draft dated 10 August,
- 2007 is below:</p><ulist><item><p>Added a new section: <specref ref="UDDI-attachment-guidelines"/>.</p></item><item><p>Updated references: [<bibref ref="SAWSDL"/>], [<bibref ref="WS-AddressingMetadata"/>], [<bibref ref="WS-Policy"/>]
- and [<bibref ref="WS-PolicyAttachment"/>].</p></item></ulist></inform-div1><inform-div1 id="change-log"><head>Web Services Policy 1.5 - Guidelines for Policy Assertion Authors Change Log</head><table border="1" id="ws-policy-primer-changelog-table"><tbody><tr><th colspan="1" rowspan="1">Date</th><th colspan="1" rowspan="1">Author</th><th colspan="1" rowspan="1">Description</th></tr><!-- template
+ </p></inform-div1><inform-div1 id="change-description"><head>Changes in this Version of the Document</head><p>A list of major changes since the Working Draft dated <phrase diff="chg">28 September, </phrase>2007 is below:</p><ulist><item><p><phrase diff="add">Clarified the target audience for this document (see </phrase><specref diff="add" ref="introduction"/><phrase diff="add">).</phrase></p></item><item diff="add"><p><phrase diff="add">Moved </phrase><specref ref="bp-assertion-semantics"/> <phrase diff="add">from section </phrase><specref ref="assertion-target"/>
+ <phrase diff="add">to section </phrase><specref ref="general-attachment-guidelines"/><phrase diff="add">.</phrase></p></item><item diff="add"><p>Added a new section: <specref diff="chg" ref="order-of-behaviors"/>.</p></item><item><p><phrase diff="chg">Dropped an </phrase><phrase diff="add">incorrect</phrase><phrase diff="del">[], </phrase><phrase diff="add">ignorable</phrase><phrase diff="del">[], </phrase><phrase diff="add">example</phrase><phrase diff="del">[]
+ and </phrase><phrase diff="add">in section </phrase><specref diff="add" ref="QName_and_XML_Information_Set_representation"/><phrase diff="add">.</phrase></p></item><item diff="add"><p><phrase diff="add">Rewrote section: </phrase><specref ref="optional-policy-assertion"/><phrase diff="add">.</phrase></p></item><item diff="add"><p><phrase diff="add">Updated </phrase><specref ref="references"/><phrase diff="add">.</phrase><phrase diff="del">[].</phrase></p></item></ulist></inform-div1><inform-div1 id="change-log"><head>Web Services Policy 1.5 - Guidelines for Policy Assertion Authors Change Log</head><table border="1" id="ws-policy-primer-changelog-table"><tbody><tr><th colspan="1" rowspan="1">Date</th><th colspan="1" rowspan="1">Author</th><th colspan="1" rowspan="1">Description</th></tr><!-- template
<tr>
<td>200505</td>
<td></td>
@@ -1570,8 +1678,33 @@
<loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5185" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5185</phrase></loc>. Editors' action
<loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/373" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">373</phrase></loc>.
</td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071024</td><td colspan="1" diff="add" rowspan="1">FJH</td><td colspan="1" diff="add" rowspan="1">Implemented the resolution for issue
- <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5185" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5184</phrase></loc>. Editors' action
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5184" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5184</phrase></loc>. Editors' action
<loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/372" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">372</phrase></loc>.
Implemented as originally proposed b,c,e,f,h,j. Implemented as amended a, k,l. Did not implement g which was not processed by WG.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071024</td><td colspan="1" diff="add" rowspan="1">TIB</td><td colspan="1" diff="add" rowspan="1">Implemented the resolution for issue
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5186" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5186</phrase></loc>. Editors' action
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/374" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">374</phrase></loc>.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">MH</td><td colspan="1" diff="add" rowspan="1">Implemented the resolution for issue
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5206" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5206</phrase></loc>. Editors' action
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/379" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">379</phrase></loc>.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">MH</td><td colspan="1" diff="add" rowspan="1">Implemented the resolution for issue
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5189" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5189</phrase></loc>. Editors' action
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/381" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">381</phrase></loc>.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">ASV</td><td colspan="1" diff="add" rowspan="1">Fixed typos (re <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5206" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5206</phrase></loc> and editors' action
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/379" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">379</phrase></loc>).
+ s/Example 1/SignBeforeEncrypting assertion/
+ and
+ s/Example 2/EncryptBeforeSigning assertion/ in <specref ref="order-of-behaviors"/>.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">ASV</td><td colspan="1" diff="add" rowspan="1">Fixed incorrect changes (re <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5184" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5184</phrase></loc>
+ and editors' action
+ <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/372" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">372</phrase></loc>).
+ a) s/Supporting New Policy Subjects/(see Section 6.3 Supporting New Policy Subjects)/ and
+ b) s/6.3 Supporting New Policy Subjects (see Section 6.3 Supporting New Policy Subjects)/6.3 Supporting New Policy Subjects/.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">ASV</td><td colspan="1" diff="add" rowspan="1">Applied missed changes (re <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/Bugs/Public/show_bug.cgi?id=5186" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">5186</phrase></loc> and
+ editors' action <loc xmlns:xlink="http://www.w3.org/1999/xlink" href="http://www.w3.org/2005/06/tracker/wspolicyeds/actions/374" xlink:actuate="onRequest" xlink:show="replace" xlink:type="simple"><phrase diff="add">374</phrase></loc>) to
+ <specref ref="xml-namespaces"/> and <specref ref="references"/>. Fixed SOAP 1.2,
+ Web Services Reliable Messaging, Web Services Reliable Messaging Policy Assertion,
+ WS-SecurityPolicy and WS-Trust references.
+ </td></tr><tr diff="add"><td colspan="1" diff="add" rowspan="1">20071026</td><td colspan="1" diff="add" rowspan="1">ASV</td><td colspan="1" diff="add" rowspan="1">Updated <specref ref="change-description"/>.
</td></tr></tbody></table></inform-div1></back></spec>
\ No newline at end of file
Received on Saturday, 27 October 2007 01:44:00 UTC