OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: NEW Issue: WS-SX TC to provide policy statements and associated URIs to be referenced from wsp:PolicyReference statements

PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL  
THE ISSUE IS ASSIGNED A NUMBER.
The issues coordinators will notify the list when that has occurred.

Protocol:  ws-sp

ws-securitypolicy-1-2.2-spec-ed-01-r07-diff.doc
<http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/ 
18836/ws-securitypolicy-1.2-spec-ed-01-r07-diff.doc>

Artifact: policy

Type: design

Title: Provide policy statements and associated URIs that can be  
referenced from wsp:PolicyReference statements.

Description:

Policy statements will not successfully intersect if one has a nested  
policy statement and the other does not. This means that if one  
message participant wishes to accept all variations of an assertion,  
and the other specifies only one variant, it is necessary for the  
first to explicitly list all variations rather than none. This can be  
cumbersome and can have a negative impact on adoption, and  
interoperability if done incorrectly. WS-SX should provide common set  
of referenced security assertions and associated URIs.

Related issues:

i066 SecurityPolicy use cases
<http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i066>

i070 - Clarify relationship between extensibility model and policy
<http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i070>

Proposed Resolution:

Allow message participants to use wsp:PolicyReference statements to  
reference commonly needed security policy statements, allowing  
uniformity and easing use. What is essential is to provide well-known  
URIs and documentation associated with these common cases, this  
committee is uniquely well-positioned to do this.  This could be  
done  with an appendix to the WS-SecurityPolicy specification,  a  
separate schema file, or separate document to give some examples.  
This also would be material that could be included in a use cases  
deliverable.

Example:

Usage in a policy:

<sp:UsernameToken sp:IncludeToken="xs:anyURI"? ... >
   <wsp:Policy>
      </wsp:PolicyReference
        URI="http://www.example.com/usernametokenlist-policy";>
      </wsp:Policy>
</sp:UsernameToken>

where that URI could refer to the following policy assertion defined  
by WS-SX committee and associated with URI:

<wsp:Policy>
    <wsp:ExactlyOne>
       <sp:WssUsernameToken10 ... />
       <sp:WssUsernameToken11 ... />
    </wsp:ExactlyOne>
</wsp:Policy>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]