W3C home > Mailing lists > Public > public-xmlsec@w3.org > July 2008

Some strawman ideas concerning <ds:Transforms>

From: Thomas Roessler <tlr@w3.org>
Date: Mon, 21 Jul 2008 13:20:10 +0200
To: public-xmlsec@w3.org
Message-ID: <20080721112010.GM503@iCoaster.does-not-exist.org>

Some quick notes on some ideas that came up in the last hour or so
of the face-to-face, on how to use ds:Transforms as an extension
point:

- We could define an "assertion transform" that isn't really a
  transform, but permits an implementation to make certain
  assumptions -- either about the structure of the data, or about
  the structure of further transforms within the chain.

- Assuming that we define an extended transform model (which doesn't
  use node-sets, but operates on some other representation of
  subsets of the infoset), we could define a special-purpose
  transform that switches implementations into this model without
  breaking the compatibility story.
  
  More specifically, implementations could be entitled to lazily
  dereference the URI parameter in a ds:Reference, and not even
  generate a node-set when the transform in question is the first
  one.

- There's also the pattern of a dereferencing transform (known from
  WS-Security).

Thoughts?
-- 
Thomas Roessler, W3C  <tlr@w3.org>
Received on Monday, 21 July 2008 11:20:45 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:54 GMT