OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Issue 152: Update policy references to 1.5 for SC, Trust and SP


Issue 152

 

From: Marc Goodner [mailto:mgoodner@microsoft.com]
Sent: Tuesday, November 06, 2007 4:42 AM
To: ws-sx@lists.oasis-open.org
Subject: [ws-sx] New Issue: Update policy references to 1.5 for SC, Trust and SP

 

PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER.  
The issues coordinators will notify the list when that has occurred.
 
Title: Update policy references to 1.5 for SC, Trust and SP
Protocol: all
Artifact:  spec 
Type: design
 
Description: 

We need to update our references for WS-Policy to the W3C Recommendation version 1.5.  For SC this is simple as there is only a non-normative reference to the 1.2 submission. This reference would actually be better to point to SP anyway, so that is an easy fix. For SP we already had a reference to Policy 1.2 or the earlier CR version of Policy 1.5. Again fairly straight forward. For WS-Trust the situation is more complicated. The standard version of WS-Trust 1.3 pointed only to WS-Policy 1.2. We need to identify a way to move forward that allows adding the use of WS-Policy 1.5 to WS-Trust that facilitates backwards compatibility for existing clients and services that are deployed today. I think the best way to do that is to add Policy 1.5 to Trust 1.4 but not forbid Policy 1.2. We can then add a property and nested assertion to the Trust 1.3 assertion to control which version of policy is required/supported. The proposal below details my thinking on this.

 

Proposal:

SC

Remove references to [WS-Policy] and [WS-PolicyAttachment], add a reference to [WS-SecurityPolicy] 1.3 which is more relevant for where this non-normative reference occurs.

 

Section 2

Current

The behavior is specified by the services policy [WS-Policy] [WS-PolicyAttachment]. 

 

Proposed

The behavior is specified by the services [WS-SecurityPolicy]. 

 

Trust

Section 1.3 Namespace

Current

The [URI] that MUST be used by implementations of this specification is: 52 http://docs.oasis-open.org/ws-sx/ws-trust/200512

 

Proposed

Implementations of this specification MUST use the following URIs

http://docs.oasis-open.org/ws-sx/ws-trust/200512

http://docs.oasis-open.org/ws-sx/ws-trust/yyyymm

 

When using a URI to indicate that this version of Trust is being used http://docs.oasis-open.org/ws-sx/ws-trust/yyyymm MUST be used.

 

Current

wst         http://docs.oasis-open.org/ws-sx/ws-trust/200512        This specification

wsp        http://schemas.xmlsoap.org/ws/2004/09/policy               [WS-Policy]

 

Proposed

wst         http://docs.oasis-open.org/ws-sx/ws-trust/200512        This specification

wst14    http://docs.oasis-open.org/ws-sx/ws-trust/200709        This specification

wsp       http://schemas.xmlsoap.org/ws/2004/09/policy or

               http://www.w3.org/ns/ws-policy            [WS-Policy]

 

Section 1.6 Normative References

Current

[WS-Policy] W3C Member Submission, "Web Services Policy 1.2 - Framework", 25 April 2006.

http://www.w3.org/Submission/2006/SUBM-WS-Policy-20060425/

 

[WS-PolicyAttachment] W3C Member Submission, "Web Services Policy 1.2 - Attachment", 25 April 2006.

http://www.w3.org/Submission/2006/SUBM-WS-PolicyAttachment-16820060425/

 

Proposed

[WS-Policy] W3C Recommendation, "Web Services Policy 1.5 - Framework", 04 September 2007.

http://www.w3.org/TR/2007/REC-ws-policy-20070904/

W3C Member Submission, "Web Services Policy 1.2 - Framework", 25 April 2006.

http://www.w3.org/Submission/2006/SUBM-WS-Policy-20060425/

 

[WS-PolicyAttachment] W3C Recommendation, "Web Services Policy 1.5 - Attachment", 04 September 2007.

http://www.w3.org/TR/2007/REC-ws-policy-attach-20070904/

 W3C Member Submission, "Web Services Policy 1.2 - Attachment", 25 April 2006.

http://www.w3.org/Submission/2006/SUBM-WS-PolicyAttachment-16820060425/

 

4.4.1 wsp:AppliesTo in RST and RSTR

Proposed

Add a new rule to the rules covering combinations of provided scope:

The requestor and issuer MUST agree on the version of [WS-Policy] used to specify the scope of the issued token. The Trust13 assertion in [WS-SecurityPolicy] provides a mechanism to communicate which version of [WS-Policy] is to be used.

 

SP

Section 1

Current

The assertions defined within this specification have been designed to work independently of a specific version of WS-Policy. At the time of the publication of this specification the versions of WS-Policy known to correctly compose with this specification are WS-Policy 1.2 and 1.5. Within this specification the use of the namespace prefix wsp refers generically to the WS-Policy namespace, not a specific version.

 

Proposed

Within this specification the use of the namespace prefix wsp refers to the WS-Policy 1.5 namespace.

 

Section 1.2

Add wsp to the namespace table.

wsp http://www.w3.org/ns/ws-policy [WS-Policy]

 

Section 1.5 Normative References

Current

[WS-Policy] W3C Member Submission "Web Services Policy 1.2 - Framework", 25 April 2006.

http://www.w3.org/Submission/2006/SUBM-WS-Policy-20060425/

 

W3C Candidate Recommendation “Web Services Policy 1.5 – Framework”, 28 February 2007

http://www.w3.org/TR/2007/CR-ws-policy-framework-20070228/

 

*errata* The CR link does not resolve, correct pointer is http://www.w3.org/TR/2007/CR-ws-policy-20070228/

 

[WS-PolicyAttachment]  W3C Member Submission "Web Services Policy 1.2 - Attachment", 25 April 2006.

http://www.w3.org/Submission/2006/SUBM-WS-PolicyAttachment-20060425/

 

W3C Candidate Recommendation “Web Services Policy 1.5 – Attachment”, 28 February 2007

http://www.w3.org/TR/2007/CR-ws-policy-attach-20070228/

 

Proposed

[WS-Policy] W3C Recommendation, "Web Services Policy 1.5 - Framework", 04 September 2007.

http://www.w3.org/TR/2007/REC-ws-policy-20070904/

W3C Member Submission, "Web Services Policy 1.2 - Framework", 25 April 2006.

http://www.w3.org/Submission/2006/SUBM-WS-Policy-20060425/

 

[WS-PolicyAttachment] W3C Recommendation, "Web Services Policy 1.5 - Attachment", 04 September 2007.

http://www.w3.org/TR/2007/REC-ws-policy-attach-20070904/

 W3C Member Submission, "Web Services Policy 1.2 - Attachment", 25 April 2006.

http://www.w3.org/Submission/2006/SUBM-WS-PolicyAttachment-16820060425/

 

Section 5.4.2 IssuedToken Assertion

Current

/sp:IssuedToken/sp:RequestSecurityTokenTemplate/@TrustVersion

This optional attribute contains a WS-Trust specification namespace URI identifying the version of WS-Trust referenced by the contents of this element.

 

Proposed

/sp:IssuedToken/sp:RequestSecurityTokenTemplate/@TrustVersion

This optional attribute contains a WS-Trust specification namespace URI identifying the version of WS-Trust referenced by the contents of this element. For example, when using Trust 1.3 the URI http://docs.oasis-open.org/ws-sx/ws-trust/200512 should be used and when using Trust 1.4 the URI http://docs.oasis-open.org/ws-sx/ws-trust/yyyymm should be used.

 

 

Section 10 WS-Trust Options

Change WS-Trust 1.3 Properties to WS-Trust Properties

Add new properties and nested assertion to section 10.1 Trust 13 Assertion

 

[Scope Policy 1.5]

This boolean property indicates whether the wsp:AppliesTo element in the [WS-Policy] 1.5 namespace is supported as described in [WS-Trust]. A value of 'true' indicates that the wsp:AppliesTo element in the [WS-Policy] 1.5 namespace is supported. A value of 'false' indicates that the wsp:AppliesTo element in the [WS-Policy] 1.5 namespace is not supported, the [WS-Policy] 1.2 namespace is used instead in this case. This property has a default value of 'false'.

 

/sp:Trust13/wsp:Policy/sp13:ScopePolicy15

This optional element is a policy assertion indicates that the [Scope Policy 1.5] property is set to 'true'.

 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]