WS Policy WG Teleconference
11 Oct 2006


See also: IRC log


Charlton_Barreto, maryann, Felix, Frederick_Hirsch, Chris_Ferris, Mark_Temple-Raston, PaulC, Yakov_Sverdlov, Abbie_Barbir, Dan_Roth, Dale_Moberg, Fabian, Monica, Prasad_Yendluri, DOrchard, Sanka, Umit, Tony_Nadalin, GlenD, DaveO
Asir, Sergey, Toufic, Vladislav, William


Roll call done

PaulC: Review minutes from next call
... No objections, adopt minutes
... Although WS-I Plenary overlaps next weeks meeting, we will still hold our meeting on 10/18
... Editorial team report

Editorial team report

prasad: Status and walk through action items

PaulC: Item A - 3720

prasad: One of the two that's still pending
... Item B is done, in draft, not yet available to group

PaulC: i.e. pending review

prasad: Item C pending editor's draft also
... Item D in progress

PaulC: Two weeks est. for this AI

Maryann: Took AI for adopted guidelines, requested clarification regarding it (#3577); there's a draft guide in CVS, but whether it drifts into Item E, whether it needs material from the primer...

Umit: I believe we can provide a copy of the guidelines to you next week

PaulC: Looks like we're still on schedule

Maryann: Will talk with editors re: #3577, any clarification from the chairs would be helpful as well

PaulC: I'll try to look at this after this meeting (AI #43)

Maryann: I think we're on track, but need clarification to know how much work is involved (#3577)

PaulC: If don't have clarification, provide draft to editors with the #3577 material marked as TBD so as to provide a draft for review
... Let's get something to the WG
... Item E, I think I completed AI #124

<PaulC> http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0085.html

PaulC: AI #124 - provided a status section which I think is comparable to our 1st pub of the FW and Guidelines - transcriptions of orig contribs, etc.

See http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0085.html for details

PaulC: Saw several +1 (acks) for this text
... Any other comments?
... AFAIK this is the only item I think was blocking us for publishing the primer editors draft....
... Any objection from the WG for publishing this primer eds draft?

<umit> as long as everyone is clear we are adopting those two sections, I am fine.

<scribe> ACTION: Felix to publish primer editors draft [recorded in http://www.w3.org/2006/10/11-ws-policy-minutes.html#action01]

<trackbot> Created ACTION-126 - Publish primer editors draft [on Felix Sasaki - due 2006-10-18].

Review action items

<sanka> guys I am dialing from the hotel in Austin, and I can't figure out my phone number

<sanka> but I am in the call ..

Action-96 in progress - owner: GlenD

<PaulC> Action 48 closed with proposal at http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0093.html [recorded in http://www.w3.org/2006/10/11-ws-policy-minutes.html#action02]

That is, AI #48

<sanka> so can any one help me out register this phone no ..

<umit> +1 to assign to editors, I thought I replied to this apparently not.

<Yakov> http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0096.html

PaulC: Explicitly place this item on next week's agenda
... Queue Action-7B for next week
... Action-108 - owner: Maryann
... Action-108 pending - owner: Maryann
... Maryann waiting from input from editors
... Action-110 pending - owner: Editors
... Get a response from #58 - owner: Dan Roth

danroth: Action item done

PaulC: Need to queue this as a WG discussion

danroth: Yes, to determine whether we are in agreement on it

<danroth> Here is Paul's most recent mail: http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0066.html

PaulC: Open an item under any other business for this
... Title for this issue: Resolving external references
... Action-124 is done

Liaison items

<fsasaki> http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0106.html

PaulC: I think our action for this item (New C14N/1.1 WD and Web Services Policy 1.5 - Framework) is done

<fsasaki> ACTION: Paul to review C14N/1.1 WD on behalf of the WG - due to 2006-10-26 [recorded in http://www.w3.org/2006/10/11-ws-policy-minutes.html#action03]

<trackbot> Created ACTION-127 - review C14N/1.1 WD on behalf of the WG [on Paul Cotton - due 2006-10-11].

Open issues with pending actions

<sanka> Glen , I am having the same problem of registering my phone no ..

PaulC: External WS-Policy Attachment to WSDL 2.0 components; Ashok provided a new proposal for this, but as he is not here....
... ...on the phone, propose to hold discussion next week

<cferris> http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0069.html

PaulC: #3730

<sanka> yes .. it seems to be the case ...


PaulC: Chris to respond by email to this before next week's telecon
... Item B - definition of interaction, deferred a week
... Item C - coordination with other WGs (e.g. WS-A) - can we defer to next week

GlenD: Will write up my part on this

PaulC: Item D - levels of indirection for policy references - done; partially related to item we added to "any other new business", but not directly
... Item E - Policy alternative

danroth: initiated thread, received response from Ashok

<PaulC> Issue 3639

<PaulC> Ashok's reply: http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0072.html

PaulC: Issue #3639: from Ashok's email: willing to close the issue with no action
... Discuss any other opinions on #3639....
... Fabian responded http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0077.html

Sanka's response http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0092.html

<cferris> glen would like it to say that there are cases where it is not easily determined from the wire which alternative was selected...

<cferris> umit suggests that glen propose some actual text

Umit: Action to propose text for this

<PaulC> rssagent, where are we?

RESOLUTION: Close #3639 with no change to the policy spec but ensure that guidelines document provides adequate explanation of our logic for not dealing with this in 1.5

<umit> I think we also agreed that we will deal with this in v.next...

<cferris> also mark 3639 as v.next

RESOLUTION: [continued for #3639] mark #3639 for futureConsideration

<cferris> 3639 is all set

<fsasaki> ACTION: Glen [PaulC] to review the guidelines document to confirm that we have appropriate caution regarding assertions that do not have good wire-wraps [recorded in http://www.w3.org/2006/10/11-ws-policy-minutes.html#action06]

<trackbot> Created ACTION-128 - [PaulC] to review the guidelines document to confirm that we have appropriate caution regarding assertions that do not have good wire-wraps [on Glen Daniels - due 2006-10-18].

PaulC: Item F

<PaulC> Current discussion is at http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0095.html

PaulC: Need URI structure to refer to WSDL 1.0 definitions
... Let's carry this over, Chris - prompt Ashok with items in http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0095.html

Optionality items (Agenda Item 10)

PaulC: Three issues here: #3789, #3721, #3564

<cferris> 10. Optionality tar ball

<cferris> Status from Oct 04: not discussed

<cferris> a) Policy expressions with no wire manifestation, Sergey

<cferris> http://lists.w3.org/Archives/Public/public-ws-policy/2006Sep/0111.html

<cferris> Status: Sergey has opened an issue

PaulC: Chairs linked these three in one agenda item - are these separable? One thing need consensus on is how to process these three issues....

<cferris> http://www.w3.org/Bugs/Public/show_bug.cgi?id=3789

<cferris> http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0026.html

<cferris> http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0027.html

<cferris> b) New Attribute keyword to identify 'local' policies

<cferris> http://www.w3.org/Bugs/Public/show_bug.cgi?id=3721

<cferris> c) Optional Assertions may not be usable in all circumstances

<cferris> http://www.w3.org/Bugs/Public/show_bug.cgi?id=3564

<cferris> Status: WG members to review proposed text in Guidelines document.

<cferris> See thread started by Dan:

<cferris> http://lists.w3.org/Archives/Public/public-ws-policy/2006Sep/0146.html

<cferris> See proposal from Umit:

<cferris> http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0018.html

<cferris> See also this email from Umit:

<cferris> http://lists.w3.org/Archives/Public/public-ws-policy/2006Sep/0216.html

Umit: Problem can be decomposed w.r.t. the vocabulary determined for two parties attempting to interact with one another
... If client can ignore a vocabulary - can that vocabulary then be optional?

<danroth> Here is Umit's mail on optional vocab: http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0016.html

PaulC: If all assertions contained in a policy expression, they should be understood - no unknowns for the client

Umit: Yes and provide for marking a certain subset of the vocabulary to be understood only by the provider's side

PaulC: Does the policy spec clearly state this assumption?

ChrisF: Does the policy spec clearly state this assumption?

PaulC: This is in the scope of #3721 - is this a proposal on how to handle this issue by itself?

Umit: Yes
... Vocabulary decision guides us on path on how to handle optionality question - resolve #3721 first, after that discuss optional behaviours

PaulC: What about #3789 (http://lists.w3.org/Archives/Public/public-ws-policy/2006Sep/0111.html)
... So Umit is proposing that we deal with #3721 (as stated above), then #3564, then #3789

danroth: I think Umit's response is very app. to #3789; think app to #3721 is subtly different - that such assertions are something that the client should never care about....

Umit: What I'm asserting is the opposite - the moment the vocab is there, it binds as a contract bet. consumer and provider - to use the optional assertion is a workaround to get around problems with vocab that a provider may emit but a consumer may not understand....

<umit> +1 to Chris

danroth: Optional s/n be used to marked an assertion that maybe some consumer may not recognise

PaulC: Can you step us through your message http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0016.html?

Yakov: I need to understand how we proceed, since the three issues in this item are tightly connected; in terms of whether we can connect assertions and policy in the context of consumer and provider - ignoring requirements on part of consumer or provider; behaviour may express relationships between consumer and provider, requirements of one particular entity, etc.
... We need to agree on whether to maintain the three issues as tightly bound as one item or not

<Yakov> http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0002.html

Yakov: We need to address these questions (http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0002.html) to resolve these fundamental issue(s)

GlenD: Agree with Yakov, we're going to find cross-cutting aspects of each of these three issues, so it's better to maintain as a tarball
... Think this is actually a simpler item - see use of optional as analogous to use of mustUnderstand in SOAP

Umit: Yakov is right in a lot of the points he has raised - however, we have a general mechanism, and given our deadlines, we can address this problem within our existing constraints

PaulC: Let's go over Yakov's http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0002.html and have discussion on it to determine how these questions might impact our decisions on this

<PaulC> Yakov's email: http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0002.html

<PaulC> 1. Presence of intermediaries between requester and provider (always)

<PaulC> 2. Multiple entities, requester and provider consist of (almost always)

<PaulC> 3. Bidirectional nature of messages/transactions (always)

<Zakim> GlenD, you wanted to discuss intermediaries

GlenD: When using intermediaries, have to deal with how it may adjust the policy in some way - I don't care about the policy behind the intermediary, since from my perspective, the party in question is the intermediary, not what's behind it

Yakov: Glen's point is valid; client doesn't necessarily know about policies; one can create policies dynamically, so the client may not necessarily know anything about the intermediary.
... How you enforce the policy is out of scope

GlenD: My point is that I don't know how this causes us problems in Policy-FW, since how policy is determined is based on who is talking to whom

Yakov: I think Policy-FW is sufficient right now [for dealing with this issue]

<GlenD> +1 Maryann

Maryann: There are certain things about WS that are outside the scope of our WG, so we need to think of this as a logical consumer and provider

<umit> thanks for expressing it much better Maryann

Maryann: Umit's approach for focussing on what we can do with available constructs in policy vocab - what are a party's responsibilities regarding understanding a vocabulary
... Contract between consumer and provider

danroth: W/b most productive to speak to the issues on the table - I don't think three tarballed issues are as entagled as others may think they be
... Can we talk specifically to the three issues?

PaulC: Asked that question already and that we need to have some introductory discussion at least around the tarball

Fabian: Are we to limit the sphere of the policy [based on what vocabularies are understood]

Yakov: Actually not. The spec is generic enough to cover the aforementioned domains. If we have a case where a provider publishes a particular policy, the question is whether the client should honour it/them based on whether they are optional - i think FW handles the cases [we are concerned with]

Maryann: I would claim that a client with privacy req would place it in its vocabulary and seek services that support such a capability - to establish a common vocabulary is composable in several steps, and the first would involve vocabulary - whether shared or not - and next would be policy alternatives

Yakov: We could have a privacy policy that no one else knows about
... Who is consumer and provider here makes a different - and [the scenarios] could be complex
... How vocabulary, alternatives and scope are handled are entirely different things

Umit: If a client would like to impose a part. privacy policy, than for anyone with whom the client interacts with, we need to drive via the vocabulary what is commonly understood and what is not

<PaulC> 2. Multiple entities, requester and provider consist of (almost always)

PaulC: Move on to point 2

Yakov: Scenario not exactly same as that for intermediary; any service in the chain can act as consumer or provider; also, as Maryann mentioned, these can be exposed as logical entities; say we have code on browser and on a mobile device - may have different policies due to security reqs, etc.

Point 3/3a

<PaulC> 3. Bidirectional nature of messages/transactions (always)

PaulC: At some point need to have further discussion on Chris' statement

<sanka> I need to leave bit early .. sorry guys ..

Paul: Umit to walk through her email http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0016.html - elaborate on difference between optional behaviour and optional vocabulary

Umit: All assertions in policy comprise vocabulary
... Assume someone who will look at that particular policy understands that policy
... Distinction is impt since #3721 addresses whether party looking at a vocabulary can selectively ignore part of that vocab
... Also w.r.t. optional tag - expression optional behaviour - may not be engaged in any way, but must be understood
... Whomever expresses that vocabulary must also understand whether it may be provided in an optional way
... If believe optional vocab is needed and want to advertise that it may be not understood by [certain] other parties, then that vocab won't be part of the consuming party's environment
... Optional behaviour is different - overlapping the way to address optional vocabulary and optional behaviour is what is causing concern among people [in the WG]
... Spec says here is a policy and here are all the assertions underneath it - including those vocabs with an optional marker
... After decide that every assertion is part of the vocabulary, then we can address what are optional behaviours

GlenD: So you are saying that if we adjust text on what 'optional' is, we could resolve this?

Umit: All of the assertions expressed in a policy is part of the vocab, and that there's nothing specified for marking a vocab as optional

Maryann: Our defn of vocab is all assertion types used in a policy

danroth: Use of WSP optional on assertions today as a way to support optional vocabulary - affects meaning of policy if you save an assertion is optional when it is really not; changing what policy is saying about the subject, and thus policy is no longer accurate

<GlenD> IMHO, if we made wsp:Optional mean "ignorable" more clearly, this problem would go away.

danroth: saying that we shouldn't do this
... to support different vocabs, can do this, but not at the policy level - different vocabularies imply different policies altogether

Fabian: I like the distinction between optional vocabularies and behaviour
... But vocabulary must always be understood
... Client reading policy of a service needs to understand all assertions of that policy

<GlenD> Optional assertions should not be required to be understood. Assertions not marked as optional must be both understood and agreed upon.

<monica> c/needs to understand/does not need to understand

<umit> could you clarify that Fabian?

Fabian: Second point - can't treat policy alternatives completely independently of one another - have to understand the vocabulary regardless

Maryann: In the context of that comment, want to reiterate that we may be getting confused on whether we're dealing with the vocabulary of ??? and that of the policy alternative

<Yakov> +1

<umit> +1

Umit: Agree with danroth's point
... Provider has the option to publish diff endpoints and understanding diff policies/vocabularies for each endpoint
... If alternatives apply to same subject, entire vocabulary must be consistent
... Responding to Fabian that there exists that the subject and scope must not be forgotten in this

<Zakim> dorchard, you wanted to say vocabulary on required policies

<prasad> Spec says: Note that an entity may be able to support a policy even if the entity does not understand the type of each assertion in the vocabulary of the policy; the entity only has to understand the type of each assertion in the vocabulary of a policy alternative the entity supports.

dorchard: Definition of vocabulary includes optional assertions, and that causes certain difficulties - if we add defn for required vocabulary, would that address this?

<Nadalin> Nadalin = IPCaller

PaulC: In other words, we shouldn't overload "optional" for vocab and behaviour
... Would Umit like to see attrib that takes a value from a domain that explains a characteristic beyond a boolean?

<prasad> So, if an assertion is marked "optional", and the alternate w/o the assertion is picked, the entity need not understand the assertion (or the vocabulary that includes that assertion)

PaulC: Umit is saying that we want to describe 'notRequired' vocabularies - it is right to make it boolean or should it take a value from the domain that explains why it is not required?

Umit: Actually having it boolean may be sufficient, but a more general mechanism may be preferred - I would consider that

danroth: Processing alternatives independently of one another - the vocabulary provides additional information, but I think you can still do that - you don't need to consider vocabulary information

Fabian: I have impression that not everybody in WG reads the spec that way, but maybe the spec is unclear in this respect

Umit: Wanted to also cover proposal on guidelines assumes that vocabulary, even with optional attrib, is understood by both parties

<Fabian> correction: I have impression that not everybody in WG reads the spec that way, therefore the spec may be unclear

<PaulC> http://lists.w3.org/Archives/Public/public-ws-policy/2006Oct/0018.html

GlenD: Umit, can you explain the diff between something that is optional-not done, and optional-not understood?
... Is problem about needing to understand vocabulary?

Umit: Yes, there's a difference, but there seems to be a set of problems that we've lumped together here.

GlenD: Is it "you must fail to process a policy if you don't understand x"?
... Is that a bug?

danroth: No - it's not a bug - a process' vocab should always be understood

correction: cferris: No - it's not a bug - a process' vocab should always be understood

GlenD: I understand the differing opinions but not the rationale behind Umit's and Chris' perspective

prasad: If something is marked optional, it need not be understood - I think the spec is clear on this

[see Prasad's postings earlier on in the minutes]

<cferris> q_

Spec says: Note that an entity may be able to support a policy even if the entity does not understand the type of each assertion in the vocabulary of the policy; the entity only has to understand the type of each assertion in the vocabulary of a policy alternative the entity supports. So, if an assertion is marked "optional", and the alternate w/o the assertion is picked, the entity need not understand the assertion (or the vocabulary that includes

that assertion)

<umit> +1 to chris

cferris: I think section prasad highlights says you need to understand the type for things to work, but you may not understand how to implement that type

<umit> that is how I read it too

cferris: You need to know what a type is, but not necessarily how to make it work

Maryann: Related to Prasad's text, it's important to clarify a part of the text: "an entity may be able to support a [effective] policy" (resulting from comparing/merging policy elements)...?

PaulC: References to policy may need to be more appropriately qualified

Maryann: Yes

PaulC: Is this an issue?

cferris: I think it definitely needs to be clarified as there's misinterpretation of that text

PaulC: Should we raise an issue?

<umit> +1 to raise an issue

PaulC: We need to get to points and counterpoints on tarball and discuss on the list
... Out of time

<MTR> quit

<MTR> -

correct: DOrchard = DaveO

PaulC: Out of time, meeting adjourned

Summary of Action Items

[NEW] ACTION: fsasaki to publish primer editors draft [recorded in http://www.w3.org/2006/10/11-ws-policy-minutes.html#action01]
[NEW] ACTION: Glen [PaulC] to review the guidelines document to confirm that we have appropriate caution regarding assertions that do not have good wire-wraps [recorded in http://www.w3.org/2006/10/11-ws-policy-minutes.html#action06]
[NEW] ACTION: Paul to review C14N/1.1 WD on behalf of the WG - due to 2006-10-26 [recorded in http://www.w3.org/2006/10/11-ws-policy-minutes.html#action03]
  [End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.127 (CVS log)
$Date: 2006/10/18 16:18:20 $