[Bug 3953] Remove language that use of security policy assertions forces nested assertions for other domains from bugzilla@wiggum.w3.org on 2006-12-19 (public-ws-policy-qa@w3.org from December 2006)

From: <bugzilla@wiggum.w3.org>
Date: Tue, 19 Dec 2006 19:09:00 +0000
To: public-ws-policy-qa@w3.org
CC:
Message-Id: <E1GwkKi-0000EW-Lw@wiggum.w3.org>

http://www.w3.org/Bugs/Public/show_bug.cgi?id=3953





------- Comment #2 from frederick.hirsch@nokia.com  2006-12-19 19:09 -------
Umit and I have a proposal to close issue 3953,
<http://www.w3.org/Bugs/Public/show_bug.cgi?id=3953>

The proposal is to replace the following text in the guidelines document that
comprises section 6 [1]:

""Domain authors must be aware of the interactions between their domain and
other domains. For example, security assertions interact with other protocol
assertions in a composition. Although modeling protocol assertions may appear
to be an independent behavior, protocol assertions and security assertions
affect transport bindings and their interactions must be considered. For
example utilization of WS-Security Policy with other protocols affects
transport bindings and would result in nested policy assertions when additional
protocols are composed with WS-Security 2004. Thus, domain authors should be
aware of the compositional semantics with other related domains. The protocol
assertions that require composition with WS-Security should be particularly
aware of the nesting requirements on top of transport level security."

with

"Domain authors need to be clear about the relationship of assertions defined
in their domain and core assertions defined elsewhere such as the relationship
of security assertions in their domain and the core WS-SecurityPolicy
assertions. One example is the definition of additional assertions related to
security in  Web Services Reliable Messaging Policy Assertions [WSRMP]. Since
any domain might include additional assertions related to security it is
necessary for the assertion author to understand the implication of the entire
set of policy assertions related to security taken as a whole. [WSRMP] 
<http://docs.oasis-open.org/ws-rx/wsrmp/200608/wsrmp-1.1-spec-wd-11.pdf>"

[1]
<http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-guidelines.html?content-type=text/html;%20charset=utf-8#inter-policy>

Received on Tuesday, 19 December 2006 19:09:13 UTC