- From: <info@johanpeeters.com>
- Date: Mon, 21 Apr 2003 09:10:16 -0700 (PDT)
- To: mrbannon@uwaterloo.ca
- Cc: www-ws-desc@w3.org, jeffsch@windows.microsoft.com
Thanks for the pointers Jeffrey. I could not find any indication that WS-PolicyAttachment is affiliated to any standards body. More's the pity, because QoP descriptions are sorely needed and I have not come across any other initiatives to address this area. I do not understand why QoP descriptions cannot be applied across bindings. In fact, it seems to me that WS-PolicyAttachment does precisely that, annotating message, part, portType and operation elements. kr, Yo On Thu, 17 Apr 2003 17:35:26 -0400, "Michael Ryan Bannon" wrote: > > The WS-Policy Attachment leads me to another question: > What is generally recommended as being the best method for attaching > policies and such to WSDL and/or UDDI? > Is WS-PolicyAttachment the only game in town? > > > > ----- Original Message ----- > From: "Jeffrey Schlimmer" <jeffsch@windows.microsoft.com> > To: <info@johanpeeters.com> > Cc: <mrbannon@uwaterloo.ca>; <www-ws-desc@w3.org> > Sent: Thursday, April 17, 2003 2:00 PM > Subject: RE: Quality of Service > > > > Johan Peeters writes: > > >There has been some discussion at the OASIS WSS TC about QoP > > >(Quality of Protection) which I would consider as a subset > > >of QoS. My understanding is that they are currently thinking > > >of introducing a new binding, secure SOAP, that would have > > >extensions allowing you to specify the QoP. Is this the way > > >to go? I personally would hope for a more orthogonal > > >definition of QoP (and other QoS aspects for that matter) > > > > Agreed. > > > > >I.e. a QoP can apply to a web service regardless of > > >whether its wire format is SOAP or not. It seems to > > >me that WS-Policy might just do that. > > > > WS-Security uses WS-Policy to state security requirements independent of > > the specific port type or the underlying transport. > > > > http://msdn.microsoft.com/ws/2002/12/ws-security-policy/ > > > > >But that is by-the-by. What I really want to know is this: what > > >are the respective responsibilities of the W3C WS description > > >WG and the OASIS WSS TC working group wrt QoP/QoS descriptions > > > > The W3C Web Service Description (WSDL) Working Group (WG) charter is the > > official answer. > > > > http://www.w3.org/2002/01/ws-desc-charter > > > > The current WSDL 1.2 draft allows annotations. Annotations could be > > defined to indicate QoP or QoS, but my guess is that the WG will not > > define them. > > > > >and how will the pieces ever fit together? > > > > I am not intimately familiar with the charter of the Oasis WSS TC, but > > note that WS-I has played an integration role in the past. > > > > http://www.ws-i.org/Profiles/Basic/2003-03/BasicProfile-1.0-BdAD.html > > > > >Will a WSDL 1.2 specification tell us, for example, whether a > > >secure SOAP message is required to access a service? > > > > WS-PolicyAttachment defines a means to indicate within a WSDL 1.1 > > document that a service requires general policy (or security policy > > specifically). I would be very surprised if similar mechanisms do not > > exist for WSDL 1.2 by the time it is finalized. > > > > http://msdn.microsoft.com/ws/2002/12/PolicyAttachment/ > > > > >What if the binding is not SOAP? > > > > If bindings are allowed to have different message data and/or processing > > models, then it will be difficult to define annotations that can be > > generally applied to the different architectures. > > Johan Peeters Software Architecture Services +32 16 649000
Received on Monday, 21 April 2003 12:10:24 UTC