- From: Sverdlov, Yakov <Yakov.Sverdlov@ca.com>
- Date: Thu, 24 Aug 2006 13:47:54 -0400
- To: "Monica J. Martin" <Monica.Martin@Sun.COM>, <public-ws-policy@w3.org>
- Cc: "Fabian Ritzmann" <Fabian.Ritzmann@Sun.COM>, <gdaniels@progress.com>
I agree with Glen that creating generic policy processors in the context of the Framework is not possible, but I don't see this as a problem. The specification provides neither the language to write domain-specific policy assertions nor the comprehensive capabilities to deal with the domain-specific semantics. The specification does not go beyond providing some recommendations to domain authors on how to create domain-specific assertions in the section 3.1, and rightfully so in my opinion. Otherwise that may potentially raise the complexity to the level of artificial intelligence. Also, a policy processor may or may not support a policy domain. One would expect the logical consequences of a policy engine, not supporting certain policy domains, at the policy enforcement stage. I don't see this as an interoperability issue. I agree with Fabian and Monica that the Policy Domain should be defined in the Framework specification. My understanding is that the Editors are already planning to do so. The question to the Editors: should a new issue (Policy Domain definition) be created? I'd add one more option to the list, proposed by Glen, and leave the assertion iteration/vocabulary issues, brought by Fabian and Monica, out of the scope. Option 4: - Leave section 4.4 as-is - Provide Policy Domain definition in the specification Regards, Yakov Sverdlov CA -----Original Message----- From: public-ws-policy-request@w3.org [mailto:public-ws-policy-request@w3.org] On Behalf Of Monica J. Martin Sent: Wednesday, August 23, 2006 11:42 AM To: public-ws-policy@w3.org Cc: Fabian Ritzmann; gdaniels@progress.com Subject: re: Bug 3577 >re: b) Semantics of successful intersection determined by domain-specific assertion content, Glen D >http://www.w3.org/Bugs/Public/show_bug.cgi?id=3577 > mm1: Regarding this issue: > Section 4.4 of the WS-Policy spec [1] states that domain-specific > processing may need to be performed in order to determine the > intersection of two policies. This means that generic Policy > processors (tools, etc) cannot have any guarantee of successfully > calculating the intersection without appropriate extensions/plugins > being available for all domain-specific assertions. The task of finding appropriate extensions/plugins for intersection is complicated by the fact that any policy processor needs to iterate through every single assertion in the policy in order to determine the vocabulary and the domains used in the policy. Have we considered stating the domains a policy up front? Hopefully we can start to engage this discussion today. Thanks. Fabian Ritzmann Monica J. Martin
Received on Thursday, 24 August 2006 17:48:00 UTC