[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] Further discussion on WS-SX Examples document
1. I think examples are important for the community to understand this spec because of the number of assertions that can be assembled in different ways. Without being part of the creation process I think there is potential for a lot of confusion without them. If not in a separate document, then the spec itself should have examples. 2. I think the more the better. Whether everyone agrees or not that the use cases are the best use of security, they still can provide a good understanding of how the assertions must be interpreted. 3. TC needs to sign off that the list of examples are adequate and accurate. Tony -----Original Message----- From: Prateek Mishra [mailto:prateek.mishra@oracle.com] Sent: Friday, June 08, 2007 3:21 PM To: ws-sx@lists.oasis-open.org Subject: [ws-sx] Further discussion on WS-SX Examples document This message responds to the following questions from the May 30 conference call minutes: [quote] 1. Is an examples document in scope of the TC? 2. What specific examples are or are not in scope in an examples document? 3. What additional work or steps are required before the examples doc can progress to CD? [\quote] 1. The starting point of the examples document goes back to May 2006 when this work was proposed by Ashok Malhotra[1]. The points made then were that the SecurityPolicy specification is quite complext (111 pages in its final incarnation) and that most people would have a difficult time figuring out even simple example policies. The idea was to collect examples with explanations, this would provide readers a starting point for many scenarios of interest. I think the question of whether such a document is "in scope" is actually ill-posed. A more appropriate question would be: is it appropriate to publish a complex standard like SecurityPolicy without an examples document? The examples are needed as a kind of sanity-test so that we can see how SecurityPolicy features may be used to secure message exchanges in a few cases of interest to the TC. Aside from the educational and labor-saving aspects, it is also a indication of openness in that readers need not purchase proprietary products in order to understand the use of the SecurityPolicy specification. Finally, if we look at comparable specifications like W3C XML Schema we find them accompanied by a systematic and detailed primer document. 2. The examples document has been quite extensively reviewed by many TC members and many suggestions for change have been made and implemented. If any vendor has a specific concern with a particular example, they should explain what this is and I am sure the Editors would update the document appropriately. 3. I believe that as soon as any remaining open issues are resolved, we should conduct a CD vote for the document. ------------------------------------------------------ [1] http://lists.oasis-open.org/archives/ws-sx/200604/msg00031.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]