W3C home > Mailing lists > Public > www-ws-arch@w3.org > August 2002

Re: Security Question

From: Mark Baker <distobj@acm.org>
Date: Tue, 6 Aug 2002 10:04:23 -0400
To: "Cutler, Roger (RogerCutler)" <RogerCutler@ChevronTexaco.com>
Cc: www-ws-arch@w3.org
Message-ID: <20020806100423.C16341@www.markbaker.ca>

On Mon, Aug 05, 2002 at 12:17:18PM -0700, Cutler, Roger (RogerCutler) wrote:
> I think my example was not a good one.  Basically, I am concerned that
> schema validation may add to the data in an XML document and thus that there
> are two linked "things" -- so how is that linkage made reliable?

IMO, making the meaning of a message depend on something external to a
message is a bad idea for lots of reasons.

FWIW, I contributed this to the ietf-xml-use work;

4.13 External References

   When using XML in the context of a stateless protocol, be it the
   protocol itself (e.g., SOAP), or simply as content transferred by an
   existing protocol (e.g., XML/HTTP), care must be taken to not make
   the meaning of a message depend on information outside the message
   itself.  XML provides external entities (see Section 4.12), which are
   an easy way to make the meaning of a message depend on something
   external.  Using schema languages that can change the Infoset, like
   XML Schema, is another way.

See;

http://www.imc.org/ietf-xml-use/draft-hollenbeck-ietf-xml-guidelines-05.txt

So my answer would be; don't do that. 8-)

MB
-- 
Mark Baker, CTO, Idokorro Mobile (formerly Planetfred)
Ottawa, Ontario, CANADA.               distobj@acm.org
http://www.markbaker.ca        http://www.idokorro.com
Received on Tuesday, 6 August 2002 10:04:07 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:25:03 GMT