Re: Processor conformance: fault on non-conformant input from Umit Yalcinalp on 2004-03-23 (www-ws-desc@w3.org from March 2004)

From: Umit Yalcinalp <umit.yalcinalp@oracle.com>
Date: Tue, 23 Mar 2004 12:09:38 -0800
To: Sanjiva Weerawarana <sanjiva@watson.ibm.com>
Cc: David Booth <dbooth@w3.org>, www-ws-desc@w3.org
Message-ID: <40609982.6060606@oracle.com>
Sanjiva Weerawarana wrote:

>While I did indeed argue for any busted part stopping the processor,
>I do understand the (and accept) the argument that one must be able
>to skip parts that one doesn't care about. In particular, suppose
>there's a .Net binding in a WSDL and one of the QName references in
>there is busted. Let's say (just for the sake of argument) that
>Oracle doesn't support the .Net binding and so doesn't understand
>the elements of the .Net binding namespace and their (bad) cross
>referencing habits. 
>
>Do you want the Oracle processor to die on that WSDL (even though
>it has a perfectly good SOAP binding say)? If so *how* does it know
>it should die without understanding the .Net extension namespace?
>
>I want the IBM processor to handle that WSDL and the SOAP binding
>in it just fine and simply skip the proprietary .Net binding which
>the IBM processor didn't understand anyway. All of that in a fully
>spec-compliant manner.
>
>That requires going with the wording our resident spec lawyer DBooth
>recommended.
>
Ok, let me clarify a bit. .NET binding is a bad example, IMO.

What I am particularly concerned about bindings we define normatively in 
our specification, not an extension, such as HTTP binding and processors 
choosing to skip it and calling themselves conformant, even if there is 
a bug in the document they process.

The question is that how one tests a processor to be conformant or not? 
If a conformant processor can choose "portions of a document", this 
means the requirement is NOT testable unless we exactly define the 
"required profile" that a conformant processor MUST process. (I think I 
made this point during the f2f as well).

Of course, we don't want to require all processors to die encountering 
.NET extensions. ;-) But, as you rightly ask "how does it know it should 
die without understanding the .Net extension namespace"? All I am asking 
is "what is the set of normative things that a conformant processor MUST 
process?" We don't say what that set is, as the current requirements as 
stated, seems to allow that there is a subset that they can process and 
call themselves conformant. All I am pointing out is that unless we 
precisely define that set, it may not be possible to test the 
conformance of a processor.
I observe that the requirement:

"A conformant WSDL processor MUST fault if a portion of a WSDL document 
is illegal according to this specification and the WSDL processor 
attempts to process that portion."

actually is equivalent to a weaker version of what it was before:

"A conformant WSDL processor SHOULD fault if a WSDL document is illegal 
according to this specification".

unless the subset is precisely defined.

Sincerely,

--umit



>
>Sanjiva.
>
>----- Original Message ----- 
>From: "Umit Yalcinalp" <umit.yalcinalp@oracle.com>
>To: "David Booth" <dbooth@w3.org>
>Cc: "Sanjiva Weerawarana" <sanjiva@watson.ibm.com>; <www-ws-desc@w3.org>
>Sent: Tuesday, March 23, 2004 8:03 AM
>Subject: Re: Processor conformance: fault on non-conformant input
>
>
>  
>
>>
>>David Booth wrote:
>>
>>    
>>
>>>Sanjiva,
>>>
>>>As far as I know, you are the only one who was in favor of REQUIRING 
>>>the processor to fault if there is ANY part of the WSDL document that 
>>>is non-conformant, even if that part of the document is not needed 
>>>(for example, if it is in a different binding).  So if I've understood 
>>>other people's responses, it looks like others agree with the wording 
>>>I proposed for the bullet item in section 7.3., which was to change:
>>>[[
>>>A conformant processor MUST fault if presented with a
>>>non-conformant WSDL 2.0 document.
>>>]]
>>>to:
>>>[[
>>>A conformant WSDL processor MUST fault if a portion of a WSDL
>>>document is illegal according to this specification and the
>>>WSDL processor attempts to process that portion.
>>>]]
>>>
>>>(Bear in mind that unless we say something to the contrary,  a 
>>>conformant processor MAY fault if an unneeded portion of a WSDL 
>>>document is illegal.  Unless we explicitly prohibit such behavior, 
>>>then it would be allowed by default.)
>>>
>>>Are you sure you want to REQUIRE every conformant processor to fault 
>>>on any illegal but unneeded portion of the WSDL document?  As I 
>>>pointed out in
>>>http://lists.w3.org/Archives/Public/www-ws-desc/2004Mar/0219.html
>>>such a requirement would be a departure from the approach we're taking 
>>>for mandatory extensions.
>>>      
>>>
>>I am not sure that Sanjiva is alone. Here are my concerns.
>>
>>If a processor is not required to process all aspects of the WSDL 
>>document, then it is impossible, technically, to find out whether a 
>>document is conformant or not, because "conformant" processors may 
>>choose to ignore certain portions of a document and end up not reporting 
>>errors. Note that by "sheer ignorance" (as it is bliss ;-)), it is 
>>equivalent to consume or ignore a specific portion of a document. If it 
>>is valid/legal, you are conformant by default, if it is not, well you 
>>are allowed to ignore certain portions of it. Nice!
>>
>>Based on this definition, a document may not be conformant but the 
>>processor will be. So, what is the purpose of defining a conformant 
>>processor? A processor that can handle valid WSDL documents and more or 
>>a processor that will reject invalid WSDL documents?  It seems that a 
>>conformant processor is NOT the processor that may be able to reject a 
>>non-conformant document by this change. That is a completely a different 
>>beast, maybe a uber-conformant processor that MUST process all the WSDL 
>>document and MUST fault if it is a non-conformant document. There is a 
>>need to define such a processor category if our conformant processor 
>>definition is not targeted to do this. I was under the impression that  
>>we wanted to align the conformance of a processor to align 
>>with/determine a document's conformance.
>>
>>What I don't like in your change of definition is that "how a portion" 
>>is defined for processing is very opaque and unfortunately meaningless 
>>unless we define exactly what it is.  It is equivalent to, IMO, to 
>>saying nothing at all. The problem is defining what that subset is, 
>>namely the set of "portions" of a WSDL document that a conformant 
>>processor MUST process. Unless we define this set precisely, which is a 
>>"profile" by the way, the conformant processor definition, IMO, is not 
>>going to be that definitive.
>>
>>
>>Cheers,
>>
>>--umit
>>
>>Ps. I would like to also point out that there are two terms used in the 
>>processor conformance section, 8.3. "fail" (bullet 4) and fault (in 
>>other bullets). The definition of what "faulting" means (immediately 
>>cease processing) is explored only in bullet 5. I suggest moving it to 
>>bullet 2 as an editorial change, so that the definition comes before the 
>>usage.
>>
>>    
>>
>>>
>>>At 09:17 PM 3/22/2004 +0600, Sanjiva Weerawarana wrote:
>>>
>>>      
>>>
>>>>OK so what's the verdict on this thread? David Booth can you
>>>>please give a summary and recommendation?
>>>>
>>>>THanks,
>>>>
>>>>Sanjiva.
>>>>        
>>>>
>>>      
>>>
>>-- 
>>Umit Yalcinalp                                  
>>Consulting Member of Technical Staff
>>ORACLE
>>Phone: +1 650 607 6154                          
>>Email: umit.yalcinalp@oracle.com
>>
>>
>>    
>>
>
>
>  
>

-- 
Umit Yalcinalp                                  
Consulting Member of Technical Staff
ORACLE
Phone: +1 650 607 6154                          
Email: umit.yalcinalp@oracle.com
Received on Tuesday, 23 March 2004 15:10:26 UTC