W3C home > Mailing lists > Public > www-xkms@w3.org > June 2002

Re: SOAP Confidentiality and Integrity: Next Step?

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Wed, 19 Jun 2002 15:39:50 +0200
To: reagle@w3.org, "Dournaee, Blake" <bdournaee@rsasecurity.com>
Cc: www-xkms@w3.org
Message-ID: <109739286.1024501190@clouseau>

Hi Joseph,

you're right about that ID stuff. A nice reading on that is [1]. What I see 
from the feedback from users of the Apache XML Signature implementation is 
that a general ID-type attribute which can be applied even without 
DTD/Schema is really a problem for many users. IDs which refer e.g. to 
<ds:Object> often work in different implementations because a ds:*/@Id is 
(by implicit knowledge) of type ID.

If the W3C could make a proposal on how we can use IDs WITHOUT DTD/Schema, 
that would be a GREAT deal.

Regards,
Christian

[1] <http://www.xml.com/pub/a/2001/11/07/id.html>

--On Mittwoch, 19. Juni 2002 09:33 -0400 Joseph Reagle <reagle@w3.org> 
wrote:

>
> On Tuesday 18 June 2002 06:12 pm, you wrote:
>>  Given that it looks like SOAP security will be rolled into ws-arch, what
>>  will become of [1]?
>
> I don't know. Notes are merely informational so nothing has to become of
> them. The scope of it, just like [4] could be within ws-arch, in fact I
> believe [4] subsumes [1] except for its specification of the foo:id
> attribute that is always treated as an ID attribute, even without a DTD.
> I  think this is a clever idea -- and it would've been nice if the XML
> folks  had made xml:Id a reserved attribute and this sort of does the
> same for s  specific namespace) But they didn't, and if such a hack/fix
> is applied now,  I think it should be done as a general XML fix.
>
>>  [4]
>>  http://www-106.ibm.com/developerworks/security/library/ws-secure/?dwzon
>> e= sec urity
>>  http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnglob
>> sp ec/ html/ws-security.asp
>






Mit freundlichen Grüßen,

Christian Geuer-Pollmann


--------------------------------------------------------------------------
Institute for Data Communications Systems             University of Siegen
Hoelderlinstrasse 3                 D-57068 Siegen                 Germany

mail:  mailto:geuer-pollmann@nue.et-inf.uni-siegen.de
web:  <http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/>
Received on Wednesday, 19 June 2002 09:47:28 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:16 GMT