W3C home > Mailing lists > Public > public-xmlsec@w3.org > December 2010

Further Changes to Xpath profile for XML Signature

From: Pratik Datta <pratik.datta@oracle.com>
Date: Sun, 12 Dec 2010 17:04:03 -0800 (PST)
Message-ID: <93d86628-31fb-4944-ba8c-2069fb79a44c@default>
To: Pratik Datta <pratik.datta@oracle.com>, public-xmlsec@w3c.org
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-xpath/  Dec 12th version.

1) Incorporated Meiko's grammar proposal ACTION-736.  The grammar is no longer a diff from XPAth 1.0 grammar.  It is a full grammar with some text explaining where we deviate from XPath 1.0
2) Split up the grammar into three parts "Top level XPath expressions", "LocationPaths", and "Predicates" for ACTION-686
3) Added a note for ACTION-691
Note: The descendant and related axes can be exploited by a denial of service attacks. See section "XPath selection that causes denial of service in streaming mode" in [XMLDSIG-BESTPRACTICES].


Pratik
Received on Monday, 13 December 2010 01:10:22 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 13 December 2010 01:10:23 GMT