W3C home > Mailing lists > Public > public-rdf-in-xhtml-tf@w3.org > July 2009

Re: HTML+RDFa Issues (update)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Thu, 09 Jul 2009 10:52:42 -0400
Message-ID: <4A56043A.3080504@digitalbazaar.com>
To: RDFa mailing list <public-rdf-in-xhtml-tf@w3.org>
Julian Reschke wrote:
> Manu Sporny wrote:
>> Julian Reschke wrote:
>>>> The technical issue is that it is theoretically possible to construct
>>>> a rel value which has a list of URIs which could be accidentally
>>>> interpreted as a list of CURIEs.  Consider the following:
>>>> <a xmlns:urn="http://purl.org/dc/terms/"
>>>>    rel="urn:rights urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a"
>>>>    href="http://example.com/terms_of_service.html" >
>>>> My take: while it is possible to construct such examples, in practice
>>>> they would be rare enough to not be an issue.  That being said, it is
>>>> nearly impossible to legislate against, as it would require people to
>>>> avoid declaring namespaces prefix that matches any current or future
>>>> URI scheme.  Perhaps a "SHOULD avoid well known URI schemes" might be
>>>> in order.
>>> That would deal with collisions; but not with the fact that existing,
>>> non-RDFa consumers, will not expect that an indirection mechanism has
>>> been added.
>> Julian, assume that we adopt the language the Sam has specified above.
>> Why would existing non-RDFa consumers need to know or care? Does it
>> create any sort of technical issue with pre-existing HTML consumers that
>> we know about? Wouldn't existing consumers merely ignore the CURIE
>> values or do nothing with them? Which current HTML parser or toolchain
>> implementation are we concerned about affecting?
> I'm concerned about consumers that treat the contents of @rel as a set
> of whitespace-separated tokens, thus seeing "urn:rights" (incorrect) and
> "urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a" (correct) in the example
> above.

What is the worst thing that could happen, as far as you are concerned,
if a consumer saw/stored both "urn:rights" and
"urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a", verbatim? What is the
damage done to the Web if the practice becomes widespread?

Also, what is in your set of acceptable solutions to the issue -
assuming that we adopt Sam's "SHOULD avoid well known URI schemes"
language, and ensuring that there is backwards compatability for RDFa?
Similarly, what is your ideal solution?

-- manu

Manu Sporny
President/CEO - Digital Bazaar, Inc.
blog: Bitmunk 3.1 Released - Browser-based P2P Commerce
Received on Thursday, 9 July 2009 14:53:19 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:02:03 UTC