OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [ws-sx] Proposed additional text: i070 - Clarify relationshipbetween extensibility model and policy

Martin,

I agree my text is not very clear. Your examples help clarify the 
issues. I am primarily concerned about the second
type of mismatch:-

[quote]

Or did you actually want to point out that;

<sp:UsernameToken>
 <wsp:Policy/>
</sp:UsernameToken>

does not intersect with;

<sp:UsernameToken>
 <wsp:Policy>
  <sp:WssUsernameToken10 />
 </wsp:Policy>
</sp:UsernameToken>
[quote]





>Prateek,
>
>I'm not sure I quite grasp the main point of your text below. 
>
>Perhaps adding a specific example would be helpful. How about;
>
>
>"As noted in Section 3.1.3, an assertion with empty nested policy does
>not intersect with the same assertion without nested policy. For
>example,
>
><sp:UsernameToken />
>
>does not intersect with
>
><sp:UsernameToken>
> <wsp:Policy/>
></sp:UsernameToken> "
>
>I think this is all the text in Clause 7 of section 3.1.3 is getting at.
>
>Or did you actually want to point out that;
>
><sp:UsernameToken>
> <wsp:Policy/>
></sp:UsernameToken>
>
>does not intersect with;
>
><sp:UsernameToken>
> <wsp:Policy>
>  <sp:WssUsernameToken10 />
> </wsp:Policy>
></sp:UsernameToken>
>
>?
>
>Gudge
>
> 
>
>  
>
>>-----Original Message-----
>>From: Prateek Mishra [mailto:prateek.mishra@oracle.com] 
>>Sent: 13 June 2006 19:39
>>To: ws-sx@lists.oasis-open.org
>>Subject: [ws-sx] Proposed additional text: i070 - Clarify 
>>relationship between extensibility model and policy
>>
>>Add to Section 11.2:
>>
>>(include after line 2372)
>>
>>As explained in Section 3.1.3, an assertion with a nested 
>>policy element 
>>cannot match the same assertion without
>>a nested policy element. This should be kept in mind when using 
>>assertions that have been extended with additional
>>assertions that are meant to be placed within a nested policy 
>>element. 
>>For example, use of an extension assertion
>> that indicates the presence or absence of an optional field within a 
>>security token may result in policy intersection
>>failure.
>>
>>
>>
>>    
>>
>
>  
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]