W3C home > Mailing lists > Public > xml-dist-app@w3.org > May 2003

RE: xbinc:Include and identity

From: Martin Gudgin <mgudgin@microsoft.com>
Date: Wed, 14 May 2003 08:17:10 -0700
Message-ID: <7C083876C492EB4BAAF6B3AE0732970E0B7401EB@red-msg-08.redmond.corp.microsoft.com>
To: "Marc Hadley" <Marc.Hadley@Sun.COM>, "Jeffrey Schlimmer" <jeffsch@windows.microsoft.com>
Cc: <xml-dist-app@w3.org>

 

> -----Original Message-----
> From: xml-dist-app-request@w3.org 
> [mailto:xml-dist-app-request@w3.org] On Behalf Of Marc Hadley
> Sent: 08 May 2003 17:34
> To: Jeffrey Schlimmer
> Cc: xml-dist-app@w3.org
> Subject: Re: xbinc:Include and identity
> 
> 
<SNIP/>
> > That invites the question: if we make this assumption, how does one 
> > reference content from within > 1 place within the Envelope? One 
> > approach is to have a named place within the Infoset where 
> the content 
> > is included, and have the other places within the Envelope refer to 
> > (ala xs:anyURI, not include) that place. The Representation 
> element in 
> > PASWA does this. This approach addresses concerns about on-the-wire 
> > efficiency as well as concerns about modeling shared 
> identity within 
> > the Infoset.
> >
> Yes, but it raises other questions.
> 
> 1) I'd like to be able to generate data binding code from 
> message schema. The proposed xmime:Binary type lets me 
> generate suitable mappings for the single place where the 
> data is included but doesn't cover the situation where I have 
> multiple references to the data. The current formulation 
> suggests use of an application specific referencing mechanism 
> for each additional reference to the binary data, a 
> standardized xmime:BinaryRef type would be more useful for 
> tooling purposes and would also allow for better verification 
> of references on message receipt.

Given that you have a schema for the message, you know which
elements/attribute are URIs. Would it not make sense therefore to turn
the xbinc:Include parent into an object representation of the
attachment, say Gudge.MimeTypes.Images.PNG and then have the URIs that
refer to that just be untyped references?

> 
> 2) The semantics of message security in the presence on 
> Include and references needs to be carefully considered. If I 
> sign part of a message containing an xbinc:Include then I 
> probably want to sign the actual data rather than the Include 
> EII itself. 

Yes, I would think the date should be signed. This raises a potential
security concern; how do I sign the href attribute on the xbinc:Include
( so that no-one can change the value of that attribute ). However,
enforcing xbinc:Include/@href to resolve to something inside the package
and signing the data would mitigate that attack.

> If I sign part of a message that includes 
> references to representation elements then presumably I'm 
> only signing the reference, not the referenced data ?

Yes, if I have j:RandomElement/@href and I sign that, I'm signing the
reference. I would also need to sign the swa:Representation header
element to ensure no one tampered with the data

Does this make sense?

Gudge
Received on Wednesday, 14 May 2003 11:17:22 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:59:14 GMT