W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2005

Re: Test Case with xml-dsig

From: Joseph Reagle <reagle@mit.edu>
Date: Tue, 8 Feb 2005 13:23:05 -0500
To: Rich Salz <rsalz@datapower.com>
Cc: public-xml-id@w3.org, w3c-ietf-xmldsig@w3.org
Message-Id: <200502081323.05555.reagle@mit.edu>

On Tuesday 08 February 2005 12:47, Rich Salz wrote:
> It is amazingly ironic that many people in the XML Security community
> (e.g. WS-Security, the SAML committee, etc) were looking forward to
> xml:id as a global way to define an ID attribute, so that each standard
> can begin to phase out their own specific attribute.  And now, that very
> community runs the risk of signatures failing to validate.

From what I recall, while it was a wanted feature, we had no expectation of 
it happening anytime soon because of the implications it would have for 
data models (i.e., the Infoset for others and Xpath for ourselves) and the 
controversial notion -- at the time ... is it presumed now? -- that the XML 
namespace can keep changing. (xml:base was introduced while we are working 
and had to do some tweaks on that to incorporate it.) Similarly, qualifying 
attribute values was thought to be nifty, but the muddle introduced by 
schema to achieve it was questionable -- again, at the time it seemed so, 
perhaps things are different now?

In any case, I'm not current with the XML state of the world on such topics 
to know what to propose. Perhaps there's a clever hack for the xml:id 
attribute specifically, or if the versioning/namespace/semantic issues of 
XML are well understood and stable now, perhaps its time for a new version 
based on Schema and XPath 2.0 (still a WD?!). But I'd be surprised if that 
was the case ;) and expect that's a lot of pain/effort...
Received on Tuesday, 8 February 2005 18:23:14 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.30 : Tuesday, 8 February 2005 18:23:14 GMT