- From: Hugo Haas <hugo@w3.org>
- Date: Mon, 22 Nov 2004 19:07:15 +0100
- To: Martin Gudgin <mgudgin@microsoft.com>
- Cc: Glen Daniels <gdaniels@sonicsoftware.com>, public-ws-addressing@w3.org
Received on Monday, 22 November 2004 18:07:16 UTC
* Martin Gudgin <mgudgin@microsoft.com> [2004-11-22 07:02-0800] > > The WS-Addressing submission states that reference properties and > > parameters are "assumed to be opaque to consuming applications". > > > > In these conditions, how can I decide whether I like them or not? > > The same way you decide whether or not you like a URI? There's a slight difference though: you know that the destination URI is an identifier for the destination, whereas reference properties could be abused by making you insert XML that does additional processing which looks like it's been requested by the service client. > The fact that some XML can be assumed to be opaque does not preclude > someone from making decisions based on aspects of that XML. People have > posited that they might have reasons for not wanting to use certain > reference property/parameter elements. If this is the case, then they > need to *not* treat the data as opaque and rather use whatever criteria > they choose to deterimine whether the data does or does not fit those > criteria. I think that it's weird to define them as opaque and then, in the yet-to-be-written security portion of our spec, advice people not to treat those as opaque, especially as this XML could really be anything. Cheers, Hugo -- Hugo Haas - W3C mailto:hugo@w3.org - http://www.w3.org/People/Hugo/
Received on Monday, 22 November 2004 18:07:16 UTC