W3C home > Mailing lists > Public > public-ws-addressing@w3.org > November 2004

RE: NEW ISSUE: Replace QName's with anyURI

From: David Orchard <dorchard@bea.com>
Date: Tue, 23 Nov 2004 10:37:07 -0800
Message-ID: <32D5845A745BFB429CBDBADA57CD41AF0BF3BEA8@ussjex01.amer.bea.com>
To: "Rich Salz" <rsalz@datapower.com>, <public-ws-addressing@w3.org>

I'm somewhat against changing the status quo.  QNames do provide a
convenient short-hand instead of URIs.  In the cases that you've listed,
I don't think there is an security vulnerability or ambiguity that is
introduced by the use of QNames.  

I think it is significantly easier to use the Service QName rather the
Service URI, especially since WSDL 1.1 doesn't define a Qname to URI
mapping.

Dave

> -----Original Message-----
> From: public-ws-addressing-request@w3.org
[mailto:public-ws-addressing-
> request@w3.org] On Behalf Of Rich Salz
> Sent: Tuesday, November 23, 2004 10:06 AM
> To: public-ws-addressing@w3.org
> Subject: NEW ISSUE: Replace QName's with anyURI
> 
> 
> Description: There are several places where we use QName's for
attribute
> values (e.g., RelatesTo/@RelationshipType) and for content (e.g.,
> ServiceName).  Should we replace those with URI's?
> 
> Justification:  Everyone else is doing it. :)  The TAG finding can be
> interpreted as encouraging it.
> 
> Target: all specs
> 
> Proposal: Convert or consider providing rationale.
> 
> 	/r$
> 
> --
> Rich Salz, Chief Security Architect
> DataPower Technology
http://www.datapower.com
> XS40 XML Security Gateway
http://www.datapower.com/products/xs40.html
> XML Security Overview
http://www.datapower.com/xmldev/xmlsecurity.html
Received on Tuesday, 23 November 2004 18:37:13 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:34:59 GMT