OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [ws-sx-comment] Questions on Versioning Problems of WS-SecureConversation

Further looking into the WS-SecurityPolicy (WS-SP) V1.3 spec, I found some changes on WS-SecureConversation under Section 5.4.7 SecureConversationToken Assertion. 
There are some new descriptions on Amending, Renewing, and Canceling Context for the WS-SecureConversation (WS-SC). Looks like the way to handle amend, renew and cancel has been changed from WS-SC v1.3 to v1.4. 
Again this is just some text descriptions added without any schema changes to the schema of either WS-SP or WS-SC. 
If this is the case, then this is very bad design for versioning.  
My questions are: 
- How can I tell which version of WS-SC should be use for amending, renewing and canceling by looking into the policy? 
- How can I tell which version of WS-SC should be use from the incoming amend, renew and cancel requests? 
 More questions on the schema for both specifications: 
- In WS-SP v1.3, there is only <sp:SC13SecurityContextToken>. Why there is no <sp:SC14SecurityContextToken> for WS-SC v1.4?  
- In WS-SC v1.4, why the section 4 Amending Contexts still use old URI of http://docs-oasis-open.org/ws-sx/ws-trust/200512/RST/SCR/Amend. Why not change to: http://docs-oasis-open.org/ws-sx/ws-trust/200809/RST/SCR/Amend for new version of WS-SC? 
- Same questions for Renewing and Canceling Contexts. Why not change the prefix on these two URIs as well?  

Eclogue Chang

----- Original Message ----
From: eclogue chang <e1bridge@yahoo.com>
To: ws-sx-comment@lists.oasis-open.org
Sent: Sunday, September 14, 2008 8:28:20 PM
Subject: [ws-sx-comment] Questions on Versioning Problems of WS-SecureConversation

It looks like the new version of WS-SecureConversation (WS-SC) v1.4 does not have any schema changes. The schema link points to ws-secureconversation-1.3.xsd.  If this is the case, then this is a very bad design for this standard on the versioning. There is no way to tell from the incoming message whether this is a WS-SC v1.4 message or a WS-SC v1.3 message. We cannot use namespace in the message to make the differentiation. The question is: why to publish a new version without schema change? 

Eclogue Chang

This publicly archived list offers a means to provide input to the
OASIS Web Services Secure Exchange (WS-SX) TC.

In order to verify user consent to the Feedback License terms and
to minimize spam in the list archive, subscription is required
before posting.

Subscribe: ws-sx-comment-subscribe@lists.oasis-open.org
Unsubscribe: ws-sx-comment-unsubscribe@lists.oasis-open.org
List help: ws-sx-comment-help@lists.oasis-open.org
List archive: http://lists.oasis-open.org/archives/ws-sx-comment/
Feedback License: http://www.oasis-open.org/who/ipr/feedback_license.pdf
List Guidelines: http://www.oasis-open.org/maillists/guidelines.php
Committee: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-sx

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]