- From: Doug Bunting <db134722@iplanet.com>
- Date: Wed, 16 Oct 2002 14:57:15 -0700
- To: David Orchard <dorchard@bea.com>
- Cc: www-ws-arch@w3.org
David, This sounds like an excellent suggestion and a model for future excellent suggestions. I was pleased (from Zahid's email) to see the QoP group is already thinking along similar lines. To expand slightly upon your best practice, I believe we need to recommend architectural (at least semantic but possibly structural) alignment between the metadata provided as SOAP headers / features / modules (sorry, my brain lost the correct term) and WSDL description extensions. For example, a WSDL document may describe three qualities of service (or security). Let's call them good, gooder and goodest.[*] A client should be able to choose between these qualities with as similar a structure as possible. An aligned SOAP module should enable the client to say "gooder". I suspect we're looking at a wide sliding scale between static (WSDL) and dynamic (SOAP) metadata "provisioning". In some cases, everything is described up front. For some types of information, such as the endpoint URL for the service, this will always be the case. For other cases, the bulk of the information will be provided in the SOAP envelope. Let's try to help developers of derivative specifications and end users make their own choices about where they sit on the scale and what metadata needs to be provided when. thanx, doug * The meaning of those terms is orthogonal to the question I'm asking. I don't care for the sake of this argument whether the terminology / taxonomy / ontology information comes from Merriam Webster (the book), www.m-w.com, RDF or an available napkin. David Orchard wrote: > Hi all, > > I wanted to potentially raise an issue around liaison with oasis > ws-security. ws-security does not currently provide wsdl definitions for > the security elements exchanged. There is a discussion list around > describing qualities of service. I think it would be a good thing to ask > oasis ws-security tc if they could provide wsdl definitions as part of their > v1 output. Obviously this is a very delicate area, and we don't want to > annoy them. If there isn't a strong majority within our group, then I > wouldn't want to proceed either. This certainly appears to be an > architectural area. It appears the key issue is around timing of when to > provide description - either at the same time as the soap definitions or > later. > > I think this is also a "web service spec" best practice - Descriptions > should be provided at the same time as runtime extensions. > > Some potential wording suggestion > > "Dear OASIS WS-Security TC, > > The W3C Web Services Architecture Working Group would like to express it's > concern around the lack of WSDL definitions for WS-Security elements in the > first version of the WS-Security product. We would like to encourage the > WS-Security group to take up this piece of work in the first version of it's > product. It appears that the issue is not so much the "goodness" of such a > thing, rather the timing is the issue. There are a variety of rationale for > including description in v1: 1) To ensure that the runtime aspects can be > described in a reasonable manner - it would be unfortunate if some headers > were difficult to describe in wsdl; 2) To promote interoperability - bodies > such as W3C and WS-I believe that interoperable descriptions are a > requirement to interoperability. > " > > Cheers, > Dave
Received on Wednesday, 16 October 2002 17:57:14 UTC