[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ws-sx] WS-Policy and WS-Trust
There are questions raised about the availability of the current CR version if there is a newer WD/CR/REC in the future. The CR version (and schema) that currently exists has a stable dated URI which will always be available. Every published WD/LC/CR/PR/REC document in W3C has a stable URI on W3C's website and those documents are not going to go away. The same is true for Member Submission/Notes. So I don't think availability of either the CR or Member Submission is an issue. To me, the WS-Policy WG has already made changes to the Member Submission on its way to CR, including a change to the schema NS. I think, it is highly unlikely, though possible, that there would be non-backward compatible changes between CR and REC. But as of now there *are* non-backward compatible changes between the Member Submission and CR and there will be non-backward compatible changes between Member Submission and REC. If we want to future-proof the spec, using Member Submission is a really bad idea. Either we should wait for the PR/REC, or if we are in a hurry use the CR. There is also an interesting dimension to this: All the WS-* specs are meant to be composible. WS-ReliableMessaging is using the CR version. If the specs produced by this TC use the Member Submission, how will a reliable-secure policy look like? -Anish -- Tony Gullotta wrote: > Ok. So I know this is ugly, may not be allowed, and most likely everyone > will hate it but I'll throw it out there. Can we host that version of > the ws-policy xsd along with the ws-sx xsds and just change the > schemaLocation attribute so consumers would pull that version of the > ws-policy xsd? Does that require a formal submission? > > We are locked in on that version so we won't get any fixes to issues > that may be raised but I think that's ok. > > Tony > > -----Original Message----- > From: Greg Whitehead [mailto:greg.whitehead@hp.com] > Sent: Thursday, March 08, 2007 12:28 PM > To: Tony Gullotta; Michael McIntosh > Cc: Anthony Nadalin; ws-sx > Subject: Re: [ws-sx] WS-Policy and WS-Trust > > As stated below, my concerns with referencing the member submission at > W3C > are: > > 1) Is that a stable reference? Does W3C keep member submissions around > and publicly accessible in perpetuity? > > 2) What is the errata process for a member submission at W3C? Is the > WS-Policy working group going to respond to issues with that document or > manage errata? > > I guess another question is: > > 3) What is the IPR policy for a member submission at W3C (as compared to > what the IPR policy will be on the final output of the WS-Policy working > group)? > > -Greg > > On 3/8/07 9:55 AM, "Tony Gullotta" <tony.gullotta@soa.com> wrote: > >> I don't think 1) is good considering the input of the ws-policy >> representatives on the call. If they don't feel like ws-policy is >> close to completion, we shouldn't wait for it. >> >> 3) might be ok for ws-trust, but it won't work for ws-securitypolicy. >> >> I agree with what you are saying in principal for 2. I'm not sure why >> we need to "submit" that spec to OASIS though. By referencing it in >> our spec's and by approving our spec's, isn't that enough? When you >> approve ws-trust or ws-securitypolicy, you are approving the use of >> that ws-policy spec already. >> >> Tony >> >> -----Original Message----- >> From: Greg Whitehead [mailto:greg.whitehead@hp.com] >> Sent: Thursday, March 08, 2007 12:35 AM >> To: Michael McIntosh >> Cc: Anthony Nadalin; ws-sx >> Subject: Re: [ws-sx] WS-Policy and WS-Trust >> >> I realize it's painful to be having this discussion at this late stage > >> in the process, but the fact of the matter is that the process is >> there to ensure the quality of the work that this TC produces. >> >> I, for one, had lost track of this issue and I share the concern >> raised with the no vote about having a normative reference in an Oasis > >> spec to another spec that is not itself the final product of Oasis or >> any other standards body. Is there even any precedent for this in > Oasis? >> My concerns are largely practical: where will people go to obtain the >> authoritative copy of the version of the WS-Policy spec that we are >> referencing? Who will manage errata for that version of the WS-Policy >> spec if we discover problems down the road? >> >> I think there are several responsible options: >> >> 1) Wait for W3C to finalize WS-Policy and reference that final > version. >> 2) Solicit the submission of the version of WS-Policy that we are >> referencing to Oasis WSSX and vote it to CS along with our specs. >> We're implicitly doing this anyway by including a normative reference > to it. >> 3) Copy the schema for wsp:AppliesTo into WS-Trust (as wst:AppliesTo) >> and drop the references to wsp:Policy and wsp:PolicyReference until >> W3C finalizes WS-Policy, at which time we can come out with a new >> version of WS-Trust that adds them back. >> >> -Greg >> >> On 3/7/07 6:23 PM, "Michael McIntosh" <mikemci@us.ibm.com> wrote: >> >>> I think its clear that the intended effect of the commented out part >>> of the WS-Trust schema is to match with what the specification >>> describes in text. >>> It was commented to avoid an overly strict interpretation of ordering > >>> of elements. >>> It is also clear that, for any hope of interoperability, message >>> producer and message consumer must use/expect same namespace. >>> We cannot include a vague reference to an undefined WS-Policy >>> namespace - or implementions will not be interoperable. >>> We cannot change to a new namespace and in good faith claim to have >>> demonstrated interoperability. >>> If we decide to change now to the latest WS-Policy draft - what do we > >>> do when by the time we get around to last day of next member vote >>> WS-Policy's latest draft has changed again? >>> We cannot continue this cycle until WS-Policy completes its work - we > >>> should put stake in ground now with what we have proven works now and > >>> revise later when WS-Policy reaches closure. >>> Members of this TC were aware of or should have been aware of this >>> issue all along, one no vote by non-participant member on issue that >>> was discussed and addressed in the TC should not cause TC >>> dramatically >>> change its plans and schedule for delivery. >>> >>> Regards, >>> Mike >>> >>> Greg Whitehead <greg.whitehead@hp.com> wrote on 03/07/2007 06:00:32 >> PM: >>>> If you look more carefully you?ll notice that the wsp namespace >>>> declaration is not used (outside of comments), so it has no impact >>>> on >>>> the schema. >>>> >>>> -Greg >>>> >>>> On 3/7/07 4:39 PM, "Anthony Nadalin" <drsecure@us.ibm.com> wrote: >>>> I just looked at the schema on the web site and I show it there >>>> ----------------- >>>> Sent from my BlackBerry Handheld. >>>> >>>> ----- Original Message ----- >>>> From: Greg Whitehead [greg.whitehead@hp.com] >>>> Sent: 03/07/2007 03:36 PM >>>> To: Anthony Nadalin >>>> Cc: ws-sx <ws-sx@lists.oasis-open.org> >>>> Subject: Re: [ws-sx] WS-Policy and WS-Trust >>>> >>>> As I said before, there is no wsp:Policy element declared in the WS- > >>>> Trust schema file (the only mention of wsp:Policy is in a comment). >>>> The content model of RST and RSTR is xs:any. >>>> >>>> -Greg >>>> >>>> >>>> On 3/7/07 4:32 PM, "Anthony Nadalin" <drsecure@us.ibm.com> wrote: >>>> In the namespace declaration to resolve the wsp:Policy element >>>> ----------------- >>>> Sent from my BlackBerry Handheld. >>>> >>>> ----- Original Message ----- >>>> From: Greg Whitehead [greg.whitehead@hp.com] >>>> Sent: 03/07/2007 03:24 PM >>>> To: Anthony Nadalin >>>> Cc: ws-sx <ws-sx@lists.oasis-open.org> >>>> Subject: Re: [ws-sx] WS-Policy and WS-Trust >>>> >>>> Perhaps you can point to where it is expressed in the schema. I >>>> certainly don?t see it. >>>> >>>> -Greg >>>> >>>> >>>> On 3/7/07 4:22 PM, "Anthony Nadalin" <drsecure@us.ibm.com> wrote: >>>> They are expressed in the schema so I'm not following your claim as >>>> it has to resolve the scheama use of wsp:Policy >>>> ----------------- >>>> Sent from my BlackBerry Handheld. >>>> >>>> ----- Original Message ----- >>>> From: Greg Whitehead [greg.whitehead@hp.com] >>>> Sent: 03/07/2007 03:13 PM >>>> To: Anthony Nadalin >>>> Cc: <ws-sx@lists.oasis-open.org> >>>> Subject: Re: [ws-sx] WS-Policy and WS-Trust >>>> >>>> I?m just saying that the only normative reference to the WS-Policy >>>> namespace, or even that wsp:Policy is legal content in an RST, is in > >>>> the text of the spec. >>>> >>>> On the call today it was claimed that these dependencies were >>>> expressed in the WS-Trust schema and that doesn?t seem to be the >> case. >>>> -Greg >>>> >>>> On 3/7/07 1:55 PM, "Anthony Nadalin" <drsecure@us.ibm.com> wrote: >>>> I don't think that is quite the case, we need a normative reference >>>> to resolve wsp:Policy, so where are we to find this, so the binding >>>> is normative now as an explicit namespace is used >>>> >>>> Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122 [image >>>> removed] Greg Whitehead <greg.whitehead@hp.com> >>>> >>>> Greg Whitehead <greg.whitehead@hp.com> 03/07/2007 12:01 PM [image >>>> removed] To [image removed] <ws-sx@lists.oasis-open.org> [image >>>> removed] cc [image removed] [image removed] Subject [image removed] >>>> [ws-sx] WS-Policy and WS-Trust [image removed] [image removed] I >>>> just >>>> took a look at ws-trust-1.3.xsd and the content model for RST and >>>> RSTR is already <xs:any> (the wsp namespace is declared in the xsd >>>> file, >>> but >>>> it is ONLY used in comments). >>>> >>>> So, for what it's worth, the only binding to a particular version of > >>>> WS-Policy is in the normative text of the spec. >>>> >>>> -Greg >>>> >>>> >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]