W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2009

Proposed text for Action Item 122: draft best practice around xpath filter 2

From: Sean Mullan <Sean.Mullan@Sun.COM>
Date: Mon, 26 Jan 2009 14:21:25 -0500
To: Sean.Mullan@Sun.COM, XMLSec W3C <public-xmlsec@w3.org>
Message-id: <497E0D35.4090103@sun.com>

Best Practice X: Prefer the XPath Filter 2 Transform to the XPath Filter 

Applications should prefer the <a 
href="http://www.w3.org/TR/xmldsig-filter2/">XPath Filter 2 
Transform</a> to the <a 
href="http://www.w3.org/TR/xmldsig-core/#sec-XPath">XPath Filter 
Transform</a> when generating XML Signatures. The XPath Filter 2 
Transform was designed to improve the performance issues associated with 
the XPath Filter Transform and allow signing operations to be expressed 
more clearly and efficiently, as well as helping to mitigate the denial 
of service attacks discussed in section 2.1.2. See 
http://www.w3.org/TR/xmldsig-filter2/#sec-Intro for more information.

Received on Monday, 26 January 2009 19:22:17 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:10 UTC