W3C home > Mailing lists > Public > www-voice@w3.org > January to March 2005

Re: use namespaces and elements/attributes, not <?access-control?> PI (VBWG official response to last call issue)

From: Dan Connolly <connolly@w3.org>
Date: Thu, 10 Mar 2005 20:08:44 -0600
Message-Id: <2f41ffdc3f37e53374a5653fb9e3f693@w3.org>
Cc: <www-voice@w3.org>
To: "MattO" <matto@tellme.com>

On Mar 10, 2005, at 6:56 PM, MattO wrote:
[...formalities elided...]
 > In http://lists.w3.org/Archives/Public/www-voice/2004JulSep/0024.html 
you
> raised the following issue which was registered as change requests 
> R85. Our
> response is given inline:
>
> "I'm surprised by...
>
> 'If the XML document specifies an <?access-control?> processing 
> instruction,
> access to the data is allowed based on the following
> algorithm: ...'
>   -- 
> http://www.w3.org/TR/2004/WD-voicexml21-20040728/#sec-data-security
>
> Last time a processing instruction was used in a W3C spec,
> it was allowed only after considerable debate...
>
> 'The use of XML processing instructions in this specification should 
> not be
> taken as a precedent. The W3C does not anticipate recommending the use 
> of
> processing instructions in any future specification.'
>   -- http://www.w3.org/1999/06/REC-xml-stylesheet-19990629/
>
> I suggest using a namespace-qualified element or attribute instead."
>
> VBWG Response: Rejected
>
> The VBWG evaluated a number of mechanisms that would enforce the 
> security of
> the data retrieved by the <data/> element including domain-based
> restrictions, HTTP_REFERER, HTTP X-Header, XML security envelope, and
> XML-ENC. The use of a processing instruction to enforce security of 
> the data
> is a lightweight mechanism that is straightforward for data providers 
> and
> platform vendors to understand and to implement. The VBWG considered 
> the
> specification and practical implementation limitations of processing
> instructions and determined that these did not interfere with the 
> intended
> behavior of this mechanism.
>
> Upon further review, the VBWG acknowledged that specifying how security
> policy and resource sandboxing must be implemented went beyond the 
> scope of
> the working group and therefore chose not to mandate one particular
> mechanism.  However, because resource sandboxing is an important 
> principle
> for VoiceXML interpreters in certain deployment contexts, and
> interoperability among implementations should be encouraged, the group 
> chose
> to document this mechanism in an informative appendix.

Er... you moved something to an appendix? Can I have a look at a draft?

I can't tell from your response why a namespace-qualified element or
attribute won't work just as well if not better than a processing 
instruction,
so no, I'm not satisfied by this response. Can you give me an example
of something bad that would happen if you used a namespace qualified
element or attribute?

-- 
Dan Connolly, W3C http://www.w3.org/People/Connolly/
Received on Friday, 11 March 2005 02:08:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 30 October 2006 12:49:00 GMT