This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
The purpose of the proposal is to provide additional example in the Primer (probably in the section 2.5 Combining Policy Assertions or 3.3 Policy Data Model) about dealing with requirements and capabilities of entities as [optional] behaviors in the most basic use case for requester and provider. I am suggesting the outline of the use case. I can come up with the actual text if the WG will agree with the approach. The example may describe policy design for the WS-Security token authentication scheme when only two entities requester and provider are involved. Policy subject for this case may be simplified lets say the subject is request URL. The following four policy assertions with respect to the corresponding entities and the subject may be considered: 1. The provider only accepts WS-Security tokens as means of the authentication 2. The provider may accept WS-Security tokens as means of the authentication (optional="true") 3. The requester must attach the WS-Security token to a message 4. The requester may attach the WS-Security token to a message (optional="true") I think that briefly describing some combinations of one or more assertions above will provide policy designers with a good understanding of policy assertion choices and possible policy enforcement implications. The example would also show that typically any policy assertion should deal with one entity at a time, and that combinations of assertions (behaviors) would allow the designers to cover relationships/dependencies between entities.
RESOLUTION: close with no action and point to resolutions to 3789 and 3721 http://www.w3.org/2006/11/15-ws-policy-irc#T18-44-18 3789- http://www.w3.org/Bugs/Public/show_bug.cgi?id=3789 3721- http://www.w3.org/Bugs/Public/show_bug.cgi?id=3721 The resolutions to 3789 and 3721 combined with the editor's actions to update the primer and guidelines accordingly, effectively render this issue moot