[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Further discussion on WS-SX Examples document
1. I think examples are important for the community to understand this spec because of the number of assertions that can be assembled in different ways. Without being part of the creation process I think there is potential for a lot of confusion without them. If not in a separate document, then the spec itself should have examples.
2. I think the more the better. Whether everyone agrees or not that the use cases are the best use of security, they still can provide a good understanding of how the assertions must be interpreted.
3. TC needs to sign off that the list of examples are adequate and accurate.
Tony
-----Original Message-----
From: Prateek Mishra [mailto:prateek.mishra@oracle.com]
Sent: Friday, June 08, 2007 3:21 PM
To: ws-sx@lists.oasis-open.org
Subject: [ws-sx] Further discussion on WS-SX Examples document
This message responds to the following questions from the May 30
conference call minutes:
[quote]
1. Is an examples document in scope of the TC?
2. What specific examples are or are not in scope in an examples
document?
3. What additional work or steps are required before the examples
doc can progress to CD?
[\quote]
1. The starting point of the examples document goes back to May 2006 when
this work was proposed by Ashok Malhotra[1]. The points made then were
that the
SecurityPolicy specification is quite complext (111 pages in its final
incarnation)
and that most people would have a difficult time figuring out even
simple example policies.
The idea was to collect examples with explanations, this would provide
readers a
starting point for many scenarios of interest.
I think the question of whether such a document is "in scope" is
actually ill-posed.
A more appropriate question would be: is it appropriate to publish a
complex standard like
SecurityPolicy without an examples document?
The examples are needed as a kind of sanity-test so that we can see how
SecurityPolicy
features may be used to secure message exchanges in a few cases of
interest to the TC.
Aside from the educational and labor-saving aspects, it is also a
indication of openness in that
readers need not purchase proprietary products in order to understand
the use of
the SecurityPolicy specification.
Finally, if we look at comparable specifications like
W3C XML Schema we find them accompanied by a systematic and detailed
primer document.
2. The examples document has been quite extensively reviewed by many TC
members
and many suggestions for change have been made and implemented.
If any vendor has a specific concern with a particular example, they
should explain what this is
and I am sure the Editors would update the document appropriately.
3. I believe that as soon as any remaining open issues are resolved, we
should conduct a
CD vote for the document.
------------------------------------------------------
[1] http://lists.oasis-open.org/archives/ws-sx/200604/msg00031.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]