XML Validity and DTD dependance from Rich Salz on 2005-04-13 (public-xml-core-wg@w3.org from April 2005)

From: Rich Salz <rsalz@datapower.com>
Date: Wed, 13 Apr 2005 14:53:06 -0400 (EDT)
To: public-xml-core-wg@w3.org
cc: Rich Salz <rsalz@datapower.com>
Message-ID: <Pine.LNX.4.44L0.0504131450440.8491-100000@smtp.datapower.com>

I am not a member of this WG, and therefore not on this list.
Thanks to the WG and W3C staff for letting me post while any
discussion on this thread takes place.  Please CC me explicitly.

The following is a slight edit of a note I originally posted to
the TAG; the thread starts at
    http://lists.w3.org/Archives/Public/www-tag/2005Apr/0008
They suggested I contact this WG first, so here I am...

DTD's are ignorant of namespaces.  This means that you cannot write a
normative DTD for a namespace (as you might do with XML Schema). The
best you can hope to do is write something for expository purposes,
using particular namespace prefixes as an example.  Each instance of
a document would then have to rewrite the DTD to use the namespace
prefixes that are used in the document.

If the document uses elements from multiple namespaces, however,
and even if you can collect all the DTD's and rewrite them to map
the prefixes used in a particular document instance, you can't do
this for every case.  Viz:

    <tns:Foo xmlns:tns="http://example.com/1999">
        <tns:Foo xmlns:tns="http://example.com/2002">
            content
        </tns:Foo>
    </tns:Foo>

It seems to me, then, that DTDs are not useful, and maybe not
even possible, for XML standards or documents that use namespaces.
The problem with this is that XML validity requires a DTD (see [1]).
For my particular concern, the uniqueness of ID attributes,
part of validity, is crucial for using XML Signatures or Encryption
on SOAP messages.

XML Schema, in a round-about way, enforces ID attribute uniqueness,
but only for that part of the document that is being validated;
if the schema does not start at the document root, there is no
guarantee.  The desire for composability means comparatively few
schemas (at least horizontal ones, such as developed by standards
organizations) will cover the entire document.  XML Schema may
also enforce other aspects of XML validity; I am not familiar enough
with the specs to say.

XML validity is important, and perhaps should be separated from DTD's.

        /r$

-- 
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html

Received on Wednesday, 13 April 2005 18:53:12 UTC