I don’t think consistency is a red
herring. While yes we are incompatible due to the name change there is the
issue of code reuse for existing implementations. I don’t think that
should be discounted.
From: Doug Davis
[mailto:dug@us.ibm.com]
Sent: Wednesday, November 02, 2005
11:56 AM
To: Marc Goodner
Cc: Jacques Durand;
ws-rx@lists.oasis-open.org
Subject: RE: [ws-rx] NEW ISSUE:
Remove LastMessage
The security aspect of it is probably misstated as a
"security" thing. If someone has someone else's sequence ID
preventing them from using message numbers higher than X seems almost random
and silly. We don't try to stop them from using any msg number less than
X - and that would be just as bad. So, to think that LastMessage adds any level
of security is very misleading and my assumption that it was because of some
security thing was just a guess. Perhaps there's some other reason but I
just couldn't think of one - and if that's the only reason, as I said, I think
its silly.
As
for "consistency" - that's a red herring. Once we change the
namespace we're incompatible - not to mention all of the other political issues
this part of the conversation may generate :-)
thanks
-Doug
"Marc Goodner"
<mgoodner@microsoft.com>
11/02/2005 02:41 PM
|
To
|
Doug Davis/Raleigh/IBM@IBMUS
|
cc
|
"Jacques Durand"
<JDurand@us.fujitsu.com>, <ws-rx@lists.oasis-open.org>
|
Subject
|
RE: [ws-rx] NEW ISSUE: Remove LastMessage
|
|
OK, I can see that. I still think that
maintaining consistency with the contributed protocol should have some weight
though. Have we considered keeping things like this but marking them
deprecated?
I still disagree with using security composition as an
argument so long as it is undefined.
From: Doug Davis
[mailto:dug@us.ibm.com]
Sent: Wednesday, November 02, 2005 11:40 AM
To: Marc Goodner
Cc: Jacques Durand; ws-rx@lists.oasis-open.org
Subject: RE: [ws-rx] NEW ISSUE: Remove LastMessage
Marc,
I believe even w/o the Close operation a TerminateSequence can be sent at
any time so IMO LastMessage would still be unneeded. At any time the RMS
can send a TerminateSequence - which means normally it would wait until it got
all of the Acks its waiting for. This would still be true whether or not
a LastMessage marker was sent.
thanks
-Doug
"Marc Goodner"
<mgoodner@microsoft.com>
11/02/2005 02:33 PM
|
To
|
"Jacques Durand"
<JDurand@us.fujitsu.com>, Doug Davis/Raleigh/IBM@IBMUS,
<ws-rx@lists.oasis-open.org>
|
cc
|
|
Subject
|
RE: [ws-rx] NEW ISSUE: Remove LastMessage
|
|
I’m not so sure. I need to think about this some more.
A couple of observations though. First removing this breaks at least one point
of consistency with the contributed spec. I suggest we think carefully before
doing that. Second I don’t see this as a “protocol
complexity” issue. While the Close operation could completely subsume the
LastMessage marker you can still use this marker today without using Close at
all. That seems valuable to retain as it provides a simpler protocol
interaction capability in normal circmstances.
I disagree that this should be removed because a security mechanism can address
part of the functionality. I might agree is the composition with that security
mechanism was actually defined. If that is part of the rationale for this I
suggest not doing this until we have that security composition defined.
From: Jacques Durand [mailto:JDurand@us.fujitsu.com]
Sent: Wednesday, November 02, 2005 10:47 AM
To: 'Doug Davis'; ws-rx@lists.oasis-open.org
Subject: RE: [ws-rx] NEW ISSUE: Remove LastMessage
+1
I thought about proposing this too. The new Close operation subsumes almost
completely the LastMessage marker - the
added value is not worth the added protocol complexity.
-Jacques
From: Doug Davis [mailto:dug@us.ibm.com]
Sent: Wednesday, November 02, 2005 7:30 AM
To: ws-rx@lists.oasis-open.org
Subject: [ws-rx] NEW ISSUE: Remove LastMessage
Title:Remove LastMessage
Description:
The LastMessage element, as part of a Sequence header element, appears
superfluous. It seems to serve 2 purposes:
1 - force a SeqAck to be sent back from the RMD
2 - force the RMD to reject any messages with a higher message #
#1 can be done with an AckReq header. We should avoid having multiple
ways to do the same thing.
#2 is really only an issue if someone tries to hijack the sequence - and to
protect against that we should be using a real security mechanism like
WS-SC/Trust, not the LastMessage element.
When an RMS is done with a sequence it is free to simply Close or Terminate it
(whether or not it has all of the Acks it wants - but normally it will wait) -
having an additional message exchange to send a LastMessage is unnecessary.
Justification: See above.
Target: core
Proposal: Remove all references to LastMessage (and related Fault)
from the spec [1]. See attached diff/pdf file for the specific
changes.
[1]
http://www.oasis-open.org/apps/org/workgroup/ws-rx/download.php/15001/wsrm-1.1-spec-wd-05.pdf
Note the protocol flow/example picture was updated too.