ws-sx message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [ws-sx] Issue 48: Revised proposal
- From: Anthony Nadalin <drsecure@us.ibm.com>
- To: "Tony Gullotta" <tony.gullotta@soa.com>
- Date: Thu, 13 Apr 2006 09:22:58 -0500
I think that we should just make a general statement which would be along the lines of:
Assertions MAY only apply to one [Policy Subject].
and then have the change in the specific assertion changed to:
This assertion SHOULD apply to [Endpoint Policy Subject].
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
"Tony Gullotta" <tony.gullotta@soa.com>
"Tony Gullotta" <tony.gullotta@soa.com>
04/12/2006 01:24 PM
|
|
I have refined my initial proposal based on discussions at the F2F. To avoid the complexities of defining special rules for merging multiple binding assertions I propose that binding assertions should apply to either the endpoint or the operation, but not both. I've included some proposed text based on the ws-securitypolicy spec version http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/16289/ws-securitypolicy-1.2-spec-ed-01-r04.pdf.
Section 7.4 lines 1529 - 1530 should be changed from:
This assertion MUST apply to [Endpoint Policy Subject].
to:
This assertion SHOULD apply to [Endpoint Policy Subject]. This assertion MAY apply to [Operation Policy Subject]. If this assertion is applied to [Operation Policy Subject] it MUST NOT also be applied to [Endpoint Policy Subject].
Section 7.5 lines 1606 - 1607 should be changed from:
This assertion MUST apply to [Endpoint Policy Subject].
to:
This assertion SHOULD apply to [Endpoint Policy Subject]. This assertion MAY apply to [Operation Policy Subject]. If this assertion is applied to [Operation Policy Subject] it MUST NOT also be applied to [Endpoint Policy Subject].
The following should be added after line 2201 in Appendix A:
A.2.2 Security Binding Assertions
SymmetricBindingAssertion (8.4)
AsymmetricBindingAssertion (8.5)
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]