W3C home > Mailing lists > Public > public-xmlsec@w3.org > January 2009

Re: ACTION 176: Text for 1.1 on use of Transforms with RetrievalMethod

From: Sean Mullan <Sean.Mullan@Sun.COM>
Date: Wed, 28 Jan 2009 12:00:06 -0500
To: Scott Cantor <cantor.2@osu.edu>
Cc: "'Frederick Hirsch'" <frederick.hirsch@nokia.com>, "'XMLSec WG Public List'" <public-xmlsec@w3.org>
Message-id: <49808F16.8020309@sun.com>

Might this warning text be better for the Best Practices document for now? We 
could add it to Best Practice 5: Try to avoid or limit RetrievalMethod support 
with KeyInfo

--Sean

Scott Cantor wrote:
> Frederick Hirsch wrote on 2009-01-26:
>> (1) Maybe change this proposal text from:
>> "A future version of this specification may deprecate or entirely
>> remove this feature in favor of a simpler, less general referencing
>> model more suitable for the specific purpose of key references. In the
>> meantime,use of this feature may lead to interoperability issues."
>>
>> to
>>
>> "Use of transforms should be limited to the minimum case of extracting
>> a single included element from KeyInfo."
>>
>> ?
> 
> That's sort of like saying "use of sharp stick should be confined to left
> eye". I suspect if you want to get specific, we would need to actually
> specify an example of what you should explicitly support so that
> implementers can actually hardcode a transform set to allow. Maybe somebody
> could provide the XPath expressions that would be required? Assuming you had
> an ID reference to KeyInfo, what would it be?
> 
> I'm fine with not including the deprecating text, though. I wasn't sure
> whether the wording of the AI really was intending to have me write that, so
> I just did it anyway.
> 
>> (2) Perhaps we can add an id attribute to KeyInfo content to avoid the
>> need for a transform?
> 
> We can't.
>  
> -- Scott
> 
> 
> 
Received on Wednesday, 28 January 2009 17:00:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT