[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Issue 152: Update policy references to 1.5 for SC, Trust and SP
Issue 152 From: Marc Goodner
[mailto:mgoodner@microsoft.com] PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has occurred.
Title: Update policy references to 1.5 for SC, Trust and SP Protocol: all Artifact: spec Type: design
Description:
We need to update our references for WS-Policy to the W3C
Recommendation version 1.5. For SC this is simple as there is only a
non-normative reference to the 1.2 submission. This reference would actually be
better to point to SP anyway, so that is an easy fix. For SP we already had a
reference to Policy 1.2 or the earlier CR version of Policy 1.5. Again fairly
straight forward. For WS-Trust the situation is more complicated. The standard
version of WS-Trust 1.3 pointed only to WS-Policy 1.2. We need to identify a
way to move forward that allows adding the use of WS-Policy 1.5 to WS-Trust
that facilitates backwards compatibility for existing clients and services that
are deployed today. I think the best way to do that is to add Policy 1.5 to
Trust 1.4 but not forbid Policy 1.2. We can then add a property and nested
assertion to the Trust 1.3 assertion to control which version of policy is
required/supported. The proposal below details my thinking on this. Proposal: SC Remove references to [WS-Policy] and [WS-PolicyAttachment],
add a reference to [WS-SecurityPolicy] 1.3 which is more relevant for where
this non-normative reference occurs. Section 2 Current The behavior is specified by the services policy [WS-Policy]
[WS-PolicyAttachment]. Proposed The behavior is specified by the services
[WS-SecurityPolicy]. Trust Section 1.3 Namespace Current The [URI] that MUST be used by implementations of this specification
is: 52 http://docs.oasis-open.org/ws-sx/ws-trust/200512 Proposed Implementations of this specification MUST use the following
URIs http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://docs.oasis-open.org/ws-sx/ws-trust/yyyymm When using a URI to indicate that this version of Trust is
being used http://docs.oasis-open.org/ws-sx/ws-trust/yyyymm
MUST be used. Current wst http://docs.oasis-open.org/ws-sx/ws-trust/200512
This specification wsp http://schemas.xmlsoap.org/ws/2004/09/policy
[WS-Policy] Proposed wst http://docs.oasis-open.org/ws-sx/ws-trust/200512
This specification wst14 http://docs.oasis-open.org/ws-sx/ws-trust/200709
This specification wsp http://schemas.xmlsoap.org/ws/2004/09/policy
or
http://www.w3.org/ns/ws-policy
[WS-Policy] Section 1.6 Normative References Current [WS-Policy] W3C Member Submission, "Web Services Policy
1.2 - Framework", 25 April 2006. http://www.w3.org/Submission/2006/SUBM-WS-Policy-20060425/
[WS-PolicyAttachment] W3C Member Submission, "Web
Services Policy 1.2 - Attachment", 25 April 2006. http://www.w3.org/Submission/2006/SUBM-WS-PolicyAttachment-16820060425/
Proposed [WS-Policy] W3C Recommendation, "Web Services Policy
1.5 - Framework", 04 September 2007. http://www.w3.org/TR/2007/REC-ws-policy-20070904/ W3C Member Submission, "Web Services Policy 1.2 -
Framework", 25 April 2006. http://www.w3.org/Submission/2006/SUBM-WS-Policy-20060425/
[WS-PolicyAttachment] W3C Recommendation, "Web Services
Policy 1.5 - Attachment", 04 September 2007. http://www.w3.org/TR/2007/REC-ws-policy-attach-20070904/ W3C Member Submission, "Web Services Policy 1.2 -
Attachment", 25 April 2006. http://www.w3.org/Submission/2006/SUBM-WS-PolicyAttachment-16820060425/
4.4.1 wsp:AppliesTo in RST and RSTR Proposed Add a new rule to the rules covering combinations of
provided scope: The requestor and issuer MUST agree on the version of
[WS-Policy] used to specify the scope of the issued token. The Trust13
assertion in [WS-SecurityPolicy] provides a mechanism to communicate which
version of [WS-Policy] is to be used. SP Section 1 Current The assertions defined within this specification have been
designed to work independently of a specific version of WS-Policy. At the time
of the publication of this specification the versions of WS-Policy known to
correctly compose with this specification are WS-Policy 1.2 and 1.5. Within
this specification the use of the namespace prefix wsp refers generically to
the WS-Policy namespace, not a specific version. Proposed Within this specification the use of the namespace prefix
wsp refers to the WS-Policy 1.5 namespace. Section 1.2 Add wsp to the namespace table. wsp http://www.w3.org/ns/ws-policy
[WS-Policy] Section 1.5 Normative References Current [WS-Policy] W3C Member Submission "Web Services Policy
1.2 - Framework", 25 April 2006. http://www.w3.org/Submission/2006/SUBM-WS-Policy-20060425/ W3C Candidate Recommendation “Web Services Policy 1.5 –
Framework”, 28 February 2007 http://www.w3.org/TR/2007/CR-ws-policy-framework-20070228/ *errata* The CR link does not resolve, correct
pointer is http://www.w3.org/TR/2007/CR-ws-policy-20070228/
[WS-PolicyAttachment] W3C Member Submission "Web
Services Policy 1.2 - Attachment", 25 April 2006. http://www.w3.org/Submission/2006/SUBM-WS-PolicyAttachment-20060425/ W3C Candidate Recommendation “Web Services Policy 1.5 –
Attachment”, 28 February 2007 http://www.w3.org/TR/2007/CR-ws-policy-attach-20070228/ Proposed [WS-Policy] W3C Recommendation, "Web Services Policy
1.5 - Framework", 04 September 2007. http://www.w3.org/TR/2007/REC-ws-policy-20070904/ W3C Member Submission, "Web Services Policy 1.2 -
Framework", 25 April 2006. http://www.w3.org/Submission/2006/SUBM-WS-Policy-20060425/ [WS-PolicyAttachment] W3C Recommendation, "Web Services
Policy 1.5 - Attachment", 04 September 2007. http://www.w3.org/TR/2007/REC-ws-policy-attach-20070904/ W3C Member Submission, "Web Services Policy 1.2 -
Attachment", 25 April 2006. http://www.w3.org/Submission/2006/SUBM-WS-PolicyAttachment-16820060425/
Section 5.4.2 IssuedToken Assertion Current /sp:IssuedToken/sp:RequestSecurityTokenTemplate/@TrustVersion This optional attribute contains a WS-Trust specification
namespace URI identifying the version of WS-Trust referenced by the contents of
this element. Proposed /sp:IssuedToken/sp:RequestSecurityTokenTemplate/@TrustVersion This optional attribute contains a WS-Trust specification
namespace URI identifying the version of WS-Trust referenced by the contents of
this element. For example, when using Trust 1.3 the URI http://docs.oasis-open.org/ws-sx/ws-trust/200512
should be used and when using Trust 1.4 the URI http://docs.oasis-open.org/ws-sx/ws-trust/yyyymm
should be used. Section 10 WS-Trust Options Change WS-Trust 1.3 Properties to WS-Trust Properties Add new properties and nested assertion to section 10.1
Trust 13 Assertion [Scope Policy 1.5] This boolean property indicates whether the wsp:AppliesTo element
in the [WS-Policy] 1.5 namespace is supported as described in [WS-Trust]. A
value of 'true' indicates that the wsp:AppliesTo element in the [WS-Policy] 1.5
namespace is supported. A value of 'false' indicates that the wsp:AppliesTo
element in the [WS-Policy] 1.5 namespace is not supported, the [WS-Policy] 1.2
namespace is used instead in this case. This property has a default value of
'false'. /sp:Trust13/wsp:Policy/sp13:ScopePolicy15 This optional element is a policy assertion indicates that
the [Scope Policy 1.5] property is set to 'true'. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]