- From: Daniel Roth <Daniel.Roth@microsoft.com>
- Date: Mon, 25 Sep 2006 15:29:42 -0700
- To: Anthony Nadalin <drsecure@us.ibm.com>, Fabian Ritzmann <Fabian.Ritzmann@Sun.COM>
- CC: "public-ws-policy@w3.org" <public-ws-policy@w3.org>, "public-ws-policy-request@w3.org" <public-ws-policy-request@w3.org>
- Message-ID: <E2903CF1E4B5B144B559237FDFB291CE0B450FD4@NA-EXMSG-C117.redmond.corp.microsoft.c>
This looks good to me. I suggested we assign this one over to the editors. Daniel Roth ________________________________ From: public-ws-policy-request@w3.org [mailto:public-ws-policy-request@w3.org] On Behalf Of Anthony Nadalin Sent: Wednesday, September 20, 2006 1:12 AM To: Fabian Ritzmann Cc: public-ws-policy@w3.org; public-ws-policy-request@w3.org Subject: Re: NEW ISSUE 3753: Example 1-1 is not a complete security policy Instead for changing the wording I suggest the following using the following example 01) <wsp:Policy xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy" xmlns:wsp="http://www.w3.org/@@@@/@@/policy" > (02) <wsp:ExactlyOne> (03) <wsp:All> (04) <sp:SignedParts> <sp:Body /> </sp:SignedParts> (05) </wsp:All> (06) <wsp:All> (07) <sp:EncryptedParts> <sp:Body /> </sp:EncryptedParts> (08) </wsp:All> (09) </wsp:ExactlyOne> (10) </wsp:Policy> Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 [cid:image001.gif@01C6E0B7.6C369030]Fabian Ritzmann <Fabian.Ritzmann@Sun.COM> Fabian Ritzmann <Fabian.Ritzmann@Sun.COM> Sent by: public-ws-policy-request@w3.org 09/19/2006 10:08 AM To public-ws-policy@w3.org cc Subject NEW ISSUE 3753: Example 1-1 is not a complete security policy http://www.w3.org/Bugs/Public/show_bug.cgi?id=3753 Title Example 1-1 is not a complete security policy Description Example 1-1 shows a simple policy with two security policy assertions in lines 03 and 04. According to WS-SecurityPolicy 1.2, section 7.1, these security policy assertions must be encapsulated by a policy that is nested inside an AlgorithmSuite assertion. The enclosing AlgorithmSuite assertions as well as suitable top-level assertions containing the AlgorithmSuite assertions are missing from example 1-1. The examples in the following chapters build on this first example. Despite extensive research we did not find a policy that is sufficiently simple, can serve as a basis for the other examples, and still is a valid policy. We should still point out that the example given is an incomplete policy that only serves to illustrate how a policy could look like. Justification An example of a policy that claims to display a security policy but in fact violates the constraints of WS-SecurityPolicy causes unnecessary confusion among readers of both specifications. Target Web Services Policy Framework, section 1.2, example 1-1 Proposal Replace "The following example illustrates a security policy expression using assertions defined in WS-SecurityPolicy [WS-SecurityPolicy]:" by "The following example illustrates a security policy expression using assertions defined in WS-SecurityPolicy [WS-SecurityPolicy] rather than a complete security policy:"
Attachments
- image/gif attachment: image001.gif
- image/gif attachment: image002.gif
- image/gif attachment: image003.gif
Received on Monday, 25 September 2006 22:32:08 UTC