OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Issue 81: WS-SX TC to provide policy statements and associated URIs to be referenced from wsp:PolicyReference statements

Logged as issue 81.

I already have a pending update to the issue list out (rev 33), so this
will show up in rev 34.

-----Original Message-----
From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com] 
Sent: Wednesday, June 28, 2006 11:22 AM
To: ws-sx@lists.oasis-open.org
Cc: Hirsch Frederick; Marc Goodner
Subject: [ws-sx] NEW Issue: WS-SX TC to provide policy statements and
associated URIs to be referenced from wsp:PolicyReference statements

PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL
THE ISSUE IS ASSIGNED A NUMBER.
The issues coordinators will notify the list when that has occurred.

Protocol:  ws-sp

ws-securitypolicy-1-2.2-spec-ed-01-r07-diff.doc
<http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/
18836/ws-securitypolicy-1.2-spec-ed-01-r07-diff.doc>

Artifact: policy

Type: design

Title: Provide policy statements and associated URIs that can be
referenced from wsp:PolicyReference statements.

Description:

Policy statements will not successfully intersect if one has a nested
policy statement and the other does not. This means that if one message
participant wishes to accept all variations of an assertion, and the
other specifies only one variant, it is necessary for the first to
explicitly list all variations rather than none. This can be cumbersome
and can have a negative impact on adoption, and interoperability if done
incorrectly. WS-SX should provide common set of referenced security
assertions and associated URIs.

Related issues:

i066 SecurityPolicy use cases
<http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i066>

i070 - Clarify relationship between extensibility model and policy
<http://docs.oasis-open.org/ws-sx/issues/Issues.xml#i070>

Proposed Resolution:

Allow message participants to use wsp:PolicyReference statements to
reference commonly needed security policy statements, allowing
uniformity and easing use. What is essential is to provide well-known
URIs and documentation associated with these common cases, this
committee is uniquely well-positioned to do this.  This could be done
with an appendix to the WS-SecurityPolicy specification,  a separate
schema file, or separate document to give some examples.  
This also would be material that could be included in a use cases
deliverable.

Example:

Usage in a policy:

<sp:UsernameToken sp:IncludeToken="xs:anyURI"? ... >
   <wsp:Policy>
      </wsp:PolicyReference
        URI="http://www.example.com/usernametokenlist-policy";>
      </wsp:Policy>
</sp:UsernameToken>

where that URI could refer to the following policy assertion defined by
WS-SX committee and associated with URI:

<wsp:Policy>
    <wsp:ExactlyOne>
       <sp:WssUsernameToken10 ... />
       <sp:WssUsernameToken11 ... />
    </wsp:ExactlyOne>
</wsp:Policy>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]