I'm somewhat against changing the status quo. QNames do provide a convenient short-hand instead of URIs. In the cases that you've listed, I don't think there is an security vulnerability or ambiguity that is introduced by the use of QNames. I think it is significantly easier to use the Service QName rather the Service URI, especially since WSDL 1.1 doesn't define a Qname to URI mapping. Dave > -----Original Message----- > From: public-ws-addressing-request@w3.org [mailto:public-ws-addressing- > request@w3.org] On Behalf Of Rich Salz > Sent: Tuesday, November 23, 2004 10:06 AM > To: public-ws-addressing@w3.org > Subject: NEW ISSUE: Replace QName's with anyURI > > > Description: There are several places where we use QName's for attribute > values (e.g., RelatesTo/@RelationshipType) and for content (e.g., > ServiceName). Should we replace those with URI's? > > Justification: Everyone else is doing it. :) The TAG finding can be > interpreted as encouraging it. > > Target: all specs > > Proposal: Convert or consider providing rationale. > > /r$ > > -- > Rich Salz, Chief Security Architect > DataPower Technology http://www.datapower.com > XS40 XML Security Gateway http://www.datapower.com/products/xs40.html > XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.htmlReceived on Tuesday, 23 November 2004 18:37:13 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:34:59 GMT