OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: Issue PR037: Questions on Versioning Problems ofWS-SecureConversation

Including the public comment list on this issue as it was adopted as the resolution on the Nov. 12th TC call.

-----Original Message-----
From: Greg Carpenter 
Sent: Tuesday, November 11, 2008 4:30 PM
To: ws-sx@lists.oasis-open.org
Cc: Marc Goodner; Chris Kaler; Kelvin Lawrence
Subject: RE: Issue PR037: Questions on Versioning Problems of WS-SecureConversation

Proposed response to the PR comment captured as issue PR037:

There isn't any difference between a SC 1.3 and SC 1.4 message-the SC namespace, elements  and semantics are identical in both versions. The TC decided to update the version number of the SC spec even though there were no normative changes to be consistent with the new versions of SP and Trust. There was discussion about this around the resolution of issue 152 where we added new namespaces for new content in SP 1.3 and Trust 1.4. The following meeting minutes contain the initial discussion and decision.

http://lists.oasis-open.org/archives/ws-sx/200802/msg00010.html 
http://lists.oasis-open.org/archives/ws-sx/200802/msg00021.html 
Regarding your specific questions:

- How can I tell which version of WS-SC should be use for amending, renewing and canceling by looking into the policy? 

The additional text you noted in section 5.4.7 was added for clarification and does not change any behavior.  As there no differences in the SC 1.3 and 1.4 amend renew and cancel messages, there is no need to differentiate between them and no need for  a policy assertion to do so.

- How can I tell which version of WS-SC should be use from the incoming amend, renew and cancel requests?
There are no differences in the SC 1.3 and 1.4 amend renew and cancel messages, so there is no need to differentiate between them on the wire.
 
 More questions on the schema for both specifications: 
- In WS-SP v1.3, there is only <sp:SC13SecurityContextToken>. Why there is no <sp:SC14SecurityContextToken> for WS-SC v1.4?  

There were no new elements added to 1.4 and no changes to existing elements and therefore no changes to the schema.

- In WS-SC v1.4, why the section 4 Amending Contexts still use old URI of http://docs-oasis-open.org/ws-sx/ws-trust/200512/RST/SCR/Amend. Why not change to: http://docs-oasis-open.org/ws-sx/ws-trust/200809/RST/SCR/Amend for new version of WS-SC?  
- Same questions for Renewing and Canceling Contexts. Why not change the prefix on these two URIs as well?  

The Amend Renew and Cancel operations are unchanged so there is no need for additional URIs.

> -----Original Message-----
> From: Greg Carpenter [mailto:gregcarp@microsoft.com]
> Sent: Wednesday, September 24, 2008 10:42 AM
> To: ws-sx@lists.oasis-open.org
> Cc: Marc Goodner; Chris Kaler; Kelvin Lawrence
> Subject: [ws-sx] Issue PR037: Questions on Versioning Problems of WS-
> SecureConversation
> 
> Issue PR037
> 
> -----Original Message-----
> From: eclogue chang [mailto:e1bridge@yahoo.com]
> Sent: Sunday, September 21, 2008 12:33 AM
> To: eclogue chang; ws-sx-comment@lists.oasis-open.org
> Subject: Re: [ws-sx-comment] Questions on Versioning Problems of WS-
> SecureConversation
> 
> Further looking into the WS-SecurityPolicy (WS-SP) V1.3 spec, I found some
> changes on WS-SecureConversation under Section 5.4.7
> SecureConversationToken Assertion.
> There are some new descriptions on Amending, Renewing, and Canceling
> Context for the WS-SecureConversation (WS-SC). Looks like the way to
> handle amend, renew and cancel has been changed from WS-SC v1.3 to v1.4.
> Again this is just some text descriptions added without any schema changes
> to the schema of either WS-SP or WS-SC.
> If this is the case, then this is very bad design for versioning.
> 
> My questions are:
> - How can I tell which version of WS-SC should be use for amending,
> renewing and canceling by looking into the policy?
> - How can I tell which version of WS-SC should be use from the incoming
> amend, renew and cancel requests?
>  More questions on the schema for both specifications:
> - In WS-SP v1.3, there is only <sp:SC13SecurityContextToken>. Why there is
> no <sp:SC14SecurityContextToken> for WS-SC v1.4?
> - In WS-SC v1.4, why the section 4 Amending Contexts still use old URI of
> http://docs-oasis-open.org/ws-sx/ws-trust/200512/RST/SCR/Amend. Why not
> change to: http://docs-oasis-open.org/ws-sx/ws-trust/200809/RST/SCR/Amend
> for new version of WS-SC?
> 
> - Same questions for Renewing and Canceling Contexts. Why not change the
> prefix on these two URIs as well?
> 
> 
> 
> Eclogue Chang
> 
> 
> 
> ----- Original Message ----
> From: eclogue chang <e1bridge@yahoo.com>
> To: ws-sx-comment@lists.oasis-open.org
> Sent: Sunday, September 14, 2008 8:28:20 PM
> Subject: [ws-sx-comment] Questions on Versioning Problems of WS-
> SecureConversation
> 
> It looks like the new version of WS-SecureConversation (WS-SC) v1.4 does
> not have any schema changes. The schema link points to ws-
> secureconversation-1.3.xsd.  If this is the case, then this is a very bad
> design for this standard on the versioning. There is no way to tell from
> the incoming message whether this is a WS-SC v1.4 message or a WS-SC v1.3
> message. We cannot use namespace in the message to make the
> differentiation. The question is: why to publish a new version without
> schema change?
> 
> 
> Eclogue Chang
> 
> 
> 
> 
> --
> This publicly archived list offers a means to provide input to the
> OASIS Web Services Secure Exchange (WS-SX) TC.
> 
> In order to verify user consent to the Feedback License terms and
> to minimize spam in the list archive, subscription is required
> before posting.
> 
> Subscribe: ws-sx-comment-subscribe@lists.oasis-open.org
> Unsubscribe: ws-sx-comment-unsubscribe@lists.oasis-open.org
> List help: ws-sx-comment-help@lists.oasis-open.org
> List archive: http://lists.oasis-open.org/archives/ws-sx-comment/
> Feedback License: http://www.oasis-open.org/who/ipr/feedback_license.pdf
> List Guidelines: http://www.oasis-open.org/maillists/guidelines.php
> Committee: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-
> sx
> 
> 
> 
> 
> --
> This publicly archived list offers a means to provide input to the
> OASIS Web Services Secure Exchange (WS-SX) TC.
> 
> In order to verify user consent to the Feedback License terms and
> to minimize spam in the list archive, subscription is required
> before posting.
> 
> Subscribe: ws-sx-comment-subscribe@lists.oasis-open.org
> Unsubscribe: ws-sx-comment-unsubscribe@lists.oasis-open.org
> List help: ws-sx-comment-help@lists.oasis-open.org
> List archive: http://lists.oasis-open.org/archives/ws-sx-comment/
> Feedback License: http://www.oasis-open.org/who/ipr/feedback_license.pdf
> List Guidelines: http://www.oasis-open.org/maillists/guidelines.php
> Committee: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ws-
> sx
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]