W3C home > Mailing lists > Public > public-xmlsec-comments@w3.org > August 2009

Advice to Prefer XPath Filter 2 can be more encouraging

From: John Boyer <boyerj@ca.ibm.com>
Date: Mon, 3 Aug 2009 17:42:37 -0700
To: public-xmlsec-comments@w3.org
Message-ID: <OF7EFDE531.130504C0-ON88257608.00032AD6-88257608.0003E820@ca.ibm.com>
In [1], it is stated "Even though XPath Filter 2.0 is not recommended in 
XML Signatures 1.0..."

Actually, the performance issue with XPath Filter 1 was discovered rather 
late in the W3C process, and the co-chairs asked that we not hold up 
advancement of the core specification while taking on an upgraded filter 
as an additional work product of the group.

It is not so much that XPath Filter 2.0 is "not recommended" in XML 
Signatures 1.0.  It is more that only the original XPath filter was 
included in the XML Signatures 1.0 recommendation, and XPath Filter 2.0 
was *recommended* subsequently. 

Moreover, this section [1] would benefit from going beyond suggesting that 
"implementers may still be able to support it."  Instead, why not include 
informative citation of JSR 105 and/or the Apache XML Security library and 
indicate that due to this widespread implementation availability, 
implementers "should be able to support it." 

[1] 
http://www.w3.org/TR/2009/WD-xmldsig-bestpractices-20090730/#prefer-xpath-filter2

Thanks,
John M. Boyer, Ph.D.
STSM, Interactive Documents and Web 2.0 Applications
Chair, W3C Forms Working Group
Workplace, Portal and Collaboration Software
IBM Victoria Software Lab
E-Mail: boyerj@ca.ibm.com 

Blog: http://www.ibm.com/developerworks/blogs/page/JohnBoyer
Blog RSS feed: 
http://www.ibm.com/developerworks/blogs/rss/JohnBoyer?flavor=rssdw
Received on Tuesday, 4 August 2009 00:43:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 4 August 2009 00:43:20 GMT