W3C home > Mailing lists > Public > public-ws-addressing@w3.org > January 2005

Re: xml:id and opacity of refp's

From: Marc Hadley <Marc.Hadley@Sun.COM>
Date: Wed, 05 Jan 2005 16:18:46 -0500
To: Rich Salz <rsalz@datapower.com>
Cc: public-ws-addressing@w3.org
Message-id: <62A00A66-5F5F-11D9-AFB2-000A95BC8D92@Sun.COM>

The lack of opacity has also emerged on other threads (e.g. [1]). I 
think we need to accept that refps are anything but opaque in any real 
sense of the word.

Marc.

[1] http://www.w3.org/mid/684C1D92-3CB9-11D9-B7E8-000A95BC8D92@Sun.COM

On Dec 21, 2004, at 7:15 PM, Rich Salz wrote:

>
> Dims posted a message ("just thinking out loud here...") that included 
> a
> snippet of an EPR with a DSIG in it.  It just brought to mind an issue.
>
> One of XML's validity constraints is that attributes of type ID have
> unique values.  In order to not generate invalid XML, a program that 
> uses
> the refp's from an EPR must scan them to make sure that the ID 
> attributes
> that *it* generates are unique.  This violates opacity, but without 
> that
> violation a client cannot be sure of generating valid messages.
>
> Further, while xml:id is useful, there are still many ID attributes in
> other namespaces.  This requires even deeper knowledge and inspection
> by the EPR recipient, further ripping away opacity.  It's a hard 
> problem,
> of course, since there is no guarantee that the EPR recipient will even
> *know* what the ID attributes are inside a refp.
>
> Short of probabilistic values for ID attributes (viz., MIME separators 
> for
> multipart), opacity must be broken.
> 	/r$
> -- 
> Rich Salz                  Chief Security Architect
> DataPower Technology       http://www.datapower.com
> XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
> XML Security Overview      
> http://www.datapower.com/xmldev/xmlsecurity.html
>
>
>
---
Marc Hadley <marc.hadley at sun.com>
Web Technologies and Standards, Sun Microsystems.
Received on Wednesday, 5 January 2005 21:18:48 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:35:01 GMT