RE: Appropriate XML processing in extensibility consideration (Was rfc2518bis DAV DTD) from Julian Reschke on 2003-10-16 (w3c-dist-auth@w3.org from October to December 2003)

From: Julian Reschke <julian.reschke@gmx.de>
Date: Thu, 16 Oct 2003 21:50:53 +0200
To: "Stanley Guan" <stanley.guan@oracle.com>, "Julian Reschke" <julian.reschke@gmx.de>, <w3c-dist-auth@w3.org>
Message-ID: <JIEGINCHMLABHJBIGKBCEEELINAA.julian.reschke@gmx.de>

> From: w3c-dist-auth-request@w3.org
> [mailto:w3c-dist-auth-request@w3.org]On Behalf Of Stanley Guan
> Sent: Thursday, October 16, 2003 6:47 PM
> To: Julian Reschke; w3c-dist-auth@w3.org
> Subject: Appropriate XML processing in extensibility consideration (Was
> rfc2518bis DAV DTD)
>
>
>
> Julian,
>
> I am getting more clear on what the true issues are.  Thanks!
>
> However, it seems to me that there are different options to resolve the
> extensibility issue and WG seems to choose the following approach:
>
>    1. For client implementations, ignore XML elements they do not
>        understand.
>
>        "Older clients will not break when they encounter extensions
>        because they will still have the data specified in the original
>        schema and will ignore elements they do not understand."

Right.

>    2. For server implementations, ignore any unknown  XML
>        element and all its children encountered.
>
>        "All DAV compliant resources MUST ignore any unknown
>         XML element and all its children encountered while processing
>         a DAV method that uses XML as its command language."
>
>        As told by you, this rule will be extended to include any unknown
>        XML attribute.  Right?

Actually, that's not obvious. RFC2518 so far hasn't used attributes at all
(except for some wording about xml:lang's role). But I'd assume that yes,
extensibility applies to attributes as well.

> To summarize what I understand so far:
>
>     1. WG is seeking a formal notation to describe the XML components
>         contained in any message body that need to be minimally understood
>         by all DAV-compliant (including DAV's extensions) implementations.
>
>         Any bogus (or should be called "alien") XML elements (or
attributes)
>         will be simply ignored without even raising a flag.  So, to avoid
>         hackers using this feature to launch denial-of-access attacks is
to limit
>         the size of XML data allowed in the request body.

Right.

Side note: it would be interesting to explore a mechanism for mandatory
extensions (I think RFC2774 can help here).

>         Additionally, there is no need for any implementation to use any
schema
>         to check whether received XML data is valid or not. What it needs
>         to do is just walking through the XML elements and check if it is
what
>         the implementation can understand or not.   If yes, take action;
>         otherwise, ignore it.

Yes. However, "understanding" is a bit vague. For instance, PROPFIND uses:

<!ELEMENT propfind (allprop | propname | prop) >

So for instance servers SHOULD reject requests such as

<propfind xmlns="DAV:"><prop>...</prop><prop>...</prop></propfind>

>     2. The DAV response header (and new proposed DAV request
>         header is just informational and has no constraining power.

I wouldn't call it "just informational", but it doesn't affect the validaty
of a message body.

Julian

--
<green/>bytes GmbH -- http://www.greenbytes.de -- tel:+492512807760

Received on Thursday, 16 October 2003 15:51:24 UTC