- From: Harry Halpin <hhalpin@ibiblio.org>
- Date: Thu, 26 Jul 2007 09:27:23 -0400
- To: Jonathan Robie <jonathan.robie@redhat.com>
- Cc: "C. M. Sperberg-McQueen" <cmsmcq@acm.org>, Dan Connolly <connolly@w3.org>, Andrew Eisenberg <andrew.eisenberg@us.ibm.com>, public-grddl-comments@w3.org, w3c-xsl-query@w3.org, "Ogbuji, Chimezie" <OGBUJIC@ccf.org>
Jonathan Robie wrote:
>
> Harry Halpin wrote:
>> C. M. Sperberg-McQueen wrote:
>>
>>> On 24 Jul 2007, at 10:38 , Harry Halpin wrote:
>>>
>>>> ...
>>>> I understand that's a perfectly sensible use-case, but not for
>>>> GRDDL as
>>>> it stands. There is a technical difficulty: Since the schema is not at
>>>> the namespace document and not marked up in the document, how would
>>>> the
>>>> GRDDL processor ever discover your schema annotations by "following
>>>> its
>>>> nose" from the source document?
>>>>
>>> I imagine it happening the same way it happens for schema
>>> processors. Different schema processors do it differently;
>>> possible mechanisms include invocation-time parameters,
>>> catalogs, local repositories, well-known locations,
>>> dereferencing the namespace name, and of course hints in
>>> the document.
>>>
>>> From this discussion I understand that if a GRDDL processor
>>> allows me to specify where to find schema documents I'd like
>>> to use, then that processor doesn't conform to the GRDDL
>>> spec. That seems a shame to me.
>>>
>> We do not forbid GRDDL agents from allowing "local policy" to provide
>> additional parameters for GRDDL processing - in fact, we go through
>> great pains in the specification and the test-suite to allow local
>> policy to determine certain types of processing as regards security and
>> processing, and it is under this rubric that one could imagine a local
>> policy specifying that all documents of vocabulary X use transformation
>> associated with a schema at the non-namespace document location Y
>> through an additional parameter. However, as GRDDL is an intentionally
>> lightweight specification that purposively avoided adding additional
>> required parameters, we did not *require* GRDDL-aware agents to have
>> this parameter, as GRDDL-aware agents may have *no parameters*.
>>
>> So, a GRDDL-aware agent could have additional parameters specifying
>> schemas and transformations locations in accordance with local policy,
>> and *still be a conformant GRDDL specification* as long as it passes our
>> test-suite. However, we do not specify this sort of behavior in out
>> test-suite, as it would be local policy.
>>
>
> This may point to a solution. The W3C XML Schema spec allows
> implementations great freedom in how they do - or do not - locate a
> schema for a given namespace used in an XML document. This is
> specified in *http://www.w3.org/TR/xmlschema-1/#schema_reference.
>
> A GRDDL-aware agent could either dereference the URL directly to see
> if there is a schema there, or use any other means at its disposal to
> find a schema that governs a namespace used in a document. From what
> you say above, I don't think this would actually change the definition
> of GRDDL, but saying this would be helpful to those who use W3C XML
> Schema. Of course, you can't require GRDDL processors to use any
> particular strategy, or insist that they actually find a schema, but
> the XML Schema specification doesn't do that either.
>
> If you said this in the spec, I think I personally would be
> satisified. (I speak neither for Michael nor for the Working Group.)
This ability to use "3rd-party" schemas would clearly be an optional
feature of local policy. Now, the GRDDL specificiation only mentions
local policy briefly in regards to security. However, the GRDDL
Test-Cases Proposed Rec has a section on local policy[1].
Would adding the sentence in [brackets] satisfy both you, Michael, and
the Working Group:
"The GRDDL specification states that any transformation identified by an
author of a GRDDL source document will provide a Faithful Rendition
<http://www.w3.org/TR/grddl/#sec_rend> of the information expressed in
the source document. The specification also grants a GRDDL-aware agent
the license <http://www.w3.org/TR/2007/WD-grddl-20070302/#sec_agt> to
makes a determination of whether or not to apply a particular
transformation guided by user interaction, a local security policy, or
the agent's capabilities. [For example, a GRDDL-aware agent may have a
security policy that prevents it from accessing GRDDL transformations
located in untrusted domain names, it may be unable to apply
transformations given in a language it does not support, and it may
feature additional non-normative capabilities such as allowing
transformations to be found in schemas not specified at the namespace
document.] However, in defining these tests it was assumed that the
GRDDL-aware agent being tested is using a security policy which does
*not* prevent it from applying transformations identified in each test
[, supports XSLT 1.0, and does not rely on any capabilities outside
those defined in the GRDDL Specification]. Such an agent should produce
the GRDDL result associated with each normative test, except as
specified immediately below."
I think this clarifies things, and fits in the narrative we are trying
to tell in the GRDDL Test-Cases document.
Chime - do you agree with this informative edit?
thanks,
harry
[1] http://www.w3.org/TR/grddl-tests/#policy
> Jonathan
> *
>
--
-harry
Harry Halpin, University of Edinburgh
http://www.ibiblio.org/hhalpin 6B522426
Received on Thursday, 26 July 2007 13:28:02 UTC