- From: David Orchard <dorchard@bea.com>
- Date: Tue, 23 Nov 2004 10:37:07 -0800
- To: "Rich Salz" <rsalz@datapower.com>, <public-ws-addressing@w3.org>
I'm somewhat against changing the status quo. QNames do provide a convenient short-hand instead of URIs. In the cases that you've listed, I don't think there is an security vulnerability or ambiguity that is introduced by the use of QNames. I think it is significantly easier to use the Service QName rather the Service URI, especially since WSDL 1.1 doesn't define a Qname to URI mapping. Dave > -----Original Message----- > From: public-ws-addressing-request@w3.org [mailto:public-ws-addressing- > request@w3.org] On Behalf Of Rich Salz > Sent: Tuesday, November 23, 2004 10:06 AM > To: public-ws-addressing@w3.org > Subject: NEW ISSUE: Replace QName's with anyURI > > > Description: There are several places where we use QName's for attribute > values (e.g., RelatesTo/@RelationshipType) and for content (e.g., > ServiceName). Should we replace those with URI's? > > Justification: Everyone else is doing it. :) The TAG finding can be > interpreted as encouraging it. > > Target: all specs > > Proposal: Convert or consider providing rationale. > > /r$ > > -- > Rich Salz, Chief Security Architect > DataPower Technology http://www.datapower.com > XS40 XML Security Gateway http://www.datapower.com/products/xs40.html > XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
Received on Tuesday, 23 November 2004 18:37:13 UTC