W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2009

RE: ACTION 176: Text for 1.1 on use of Transforms with RetrievalMethod

From: Scott Cantor <cantor.2@osu.edu>
Date: Mon, 26 Jan 2009 11:25:09 -0500
To: "'Frederick Hirsch'" <frederick.hirsch@nokia.com>
Cc: "'XMLSec WG Public List'" <public-xmlsec@w3.org>
Message-ID: <004301c97fd2$a7ee93e0$f7cbbba0$@2@osu.edu>

Frederick Hirsch wrote on 2009-01-26:
> (1) Maybe change this proposal text from:
> "A future version of this specification may deprecate or entirely
> remove this feature in favor of a simpler, less general referencing
> model more suitable for the specific purpose of key references. In the
> meantime,use of this feature may lead to interoperability issues."
> 
> to
> 
> "Use of transforms should be limited to the minimum case of extracting
> a single included element from KeyInfo."
> 
> ?

That's sort of like saying "use of sharp stick should be confined to left
eye". I suspect if you want to get specific, we would need to actually
specify an example of what you should explicitly support so that
implementers can actually hardcode a transform set to allow. Maybe somebody
could provide the XPath expressions that would be required? Assuming you had
an ID reference to KeyInfo, what would it be?

I'm fine with not including the deprecating text, though. I wasn't sure
whether the wording of the AI really was intending to have me write that, so
I just did it anyway.

> (2) Perhaps we can add an id attribute to KeyInfo content to avoid the
> need for a transform?

We can't.
 
-- Scott
Received on Monday, 26 January 2009 16:25:58 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT