W3C home > Mailing lists > Public > public-ws-chor-comments@w3.org > August 2005

RE: W3C WS-Choreo WG - Issue 958,

From: Martin Chapman <martin.chapman@oracle.com>
Date: Wed, 3 Aug 2005 14:58:47 +0100
To: "'Bjoern Hoehrmann'" <derhoermi@gmx.net>
Cc: <public-ws-chor-comments@w3.org>
Message-ID: <006301c59833$79841320$0901a8c0@ie.oracle.com>


We discussed  968  on our con call last night:

With respect to registering the MIME type, we have checked with Phillipe
and it is acceptable to register after LC.
Also with respect to having Yves as the contact point, again this was
checked and is acceptable to W3C staff.

On the remaining aspect of this issue, regarding security, the WG felt
that there was not much to add wrt to cdl being an xml document; it has
the same considerations as any other xml document. There are other
security considerations related to using the document to "compile" into
end point behaviour, and this is outlined in its own section (7.1).
In addition we have followed what the WSD WG said on this topic, since
CDL is of a similar nature to ESDL. We will raise this as a discussion
point at the next WS Coordination Group Call.


>-----Original Message-----
>From: public-ws-chor-comments-request@w3.org 
>[mailto:public-ws-chor-comments-request@w3.org] On Behalf Of 
>Bjoern Hoehrmann
>Sent: Thursday, July 28, 2005 6:58 AM
>To: Martin Chapman
>Cc: public-ws-chor-comments@w3.org
>Subject: Re: W3C WS-Choreo WG - Issue 958,
>* Martin Chapman wrote:
>>The following WS-Choreo last call issues that you raised have been 
>>resolved as follows. Please confirm you agree with the resolutions 
>>asap. All editorial changes can be found in the latest 
>editorial draft: 
>>Issue 958: http://www.w3.org/Bugs/Public/show_bug.cgi?id=958
>>Issue 961: http://www.w3.org/Bugs/Public/show_bug.cgi?id=961
>>Issue 962: http://www.w3.org/Bugs/Public/show_bug.cgi?id=962
>>Issue 965: http://www.w3.org/Bugs/Public/show_bug.cgi?id=965
>>Issue 969: http://www.w3.org/Bugs/Public/show_bug.cgi?id=969
>>Issue 970: http://www.w3.org/Bugs/Public/show_bug.cgi?id=970
>>Issue 972: http://www.w3.org/Bugs/Public/show_bug.cgi?id=972
>Sounds good, thanks.
>>Issue 963: http://www.w3.org/Bugs/Public/show_bug.cgi?id=963
>I don't really see a difference in style?
>>Issue 968: http://www.w3.org/Bugs/Public/show_bug.cgi?id=968
>Note that http://www.w3.org/2002/06/registering-mediatype 
>ietf-types review is required for these types to be 
>registered. Normally this would be done along with the last 
>call announcement, I am not sure whether there is a process 
>for doing it later, W3C's IETF Liaisons Dan Connolly and 
>Philippe Le Hégaret might be able to provide guidance here.
>I am not satisfied by the current registration template, there 
>should probably be a "." after "This document", the "Person 
>and email address to contact for further information" should 
>probably not be Yves but a more generic address (like 
>web-human@) or a mailing list, and the "Security 
>considerations" are inadequate.
>I would expect the security considerations section to conform 
>to http://www.ietf.org/rfc/rfc3552.txt section 5 and discuss 
>e.g. whether application/cdl+xml documents may have a 
http://w3.org/TR/xmldsig-core/ digital signature and how
application/cdl+xml implementations that do not support XML DSig behave
when processing a document (e.g., would the signature be ignored, would
the implementation refuse to process the document, etc.) Simply saying
that CDL users don't have to consider any security issue but those that
apply to all XML formats is probably worse than having no security
considerations section at all.

Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Wednesday, 3 August 2005 13:58:17 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:46:25 UTC