W3C is pleased to receive the WS-Policy Submission from Adobe Systems, BEA Systems, CA, Ericsson, IBM, IONA, Layer 7 Technologies, Microsoft, Nokia, Oracle, Ricoh Company, SAP, Sonic Software, Sun Microsystems, Inc., Systinet, A Mercury Division, TIBCO Software, VeriSign, webMethods and WSO2.
Web Services Policy provides a way to describe the policies (capabilities and requirements) of Web service agents. The Web Services Policy Framework (WS-Policy) defines a general purpose abstract model and corresponding XML-based syntax to describe policies, and Web Services Policy Attachment (WS-PolicyAttachment) defines ways to associate those policies with their subjects.
WS-Policy defines composition of mandatory and optional policy assertions, as well as an algorithm of policy intersection to determine assertions that are mutually compatible.
It defines two ways of naming policy expressions: with a URI and with an
XML ID. WS-Policy uses WS-Security's
wsu:Id attribute to specify
the XML ID. The use of the
Version 1.0 specification, which now is a W3C Recommendation, should be
considered instead of
wsu:Id in future versions of WS-Policy;
Canonical XML Version 1.1, developed by the W3C XML Core Working Group, will
address the impact of
xml:id on canonicalization, specifically problems with Canonical XML Version
1.0 producing non-unique
xml:id attribute values. In
addition, this dual naming (ID/URI) should be used carefully to avoid name
WS-PolicyAttachment defines how to associate a policy with its subject, either directly in the XML representation of the subject (element policy) or externally (external policy attachment). It does so for the Web Services Description Language (WSDL) 1.1 Member Submission, whose next version, WSDL 2.0, is under standardization at W3C and is a Candidate Recommendation, and UDDI version 2 and 3.
For external attachment to deployed Web services endpoints,
WS-PolicyAttachment specifies how to use
with an endpoint reference (EPR) construct defined in the WS-Addressing
Member Submission. Although not called out by the specification, this
seems to be semantically equivalent to a policy expression in the [policy]
property of an EPR. WS-Addressing 1.0 is a W3C Proposed
Recommendation which is built on top of the WS-Addressing Member
Submission. One can draw a similar parallel with the WS-Addressing 1.0 EPR's
Capabilities and requirements of Web services was the topic of a W3C Workshop in October 2004, which highlighted the interest in this area.
The Web Services Description Language (WSDL) 2.0 also defines a way to express capabilities and requirements. The features and properties framework, which has been the subject of dissent in the Web Services Description Working Group, allows one to make assertions similiar to WS-Policy policy assertions.
The difference mainly lies in the fact that WS-Policy policy assertions' type is determined by the XML Infoset [namespace name] and [local name] properties of the root element information item representing the assertion, while features use IRIs as their names.
In particular, the scoping rules defined by WS-PolicyAttachment to calculate the effective policy in WSDL 1.1 are similar to the feature and property composition models defined in WSDL 2.0.
The relationship between features and properties statements and WS-Policy expressions in a WSDL document is not defined in the WS-Policy framework. Mechanisms may be defined to compose those two models, which would for example allow to use the declaration of support of the HTTP SOAP Transmission Optimization Feature defined by MTOM to be used as a policy assertion.
The W3C Team is working on a charter to address capabilities and requirements of Web services using this submission as a starting point, which was sent out for informal review to W3C Members on 23 March 2006.