- From: Martin Chapman <martin.chapman@oracle.com>
- Date: Wed, 3 Aug 2005 14:58:47 +0100
- To: "'Bjoern Hoehrmann'" <derhoermi@gmx.net>
- Cc: <public-ws-chor-comments@w3.org>
Bjoern, We discussed 968 on our con call last night: http://www.w3.org/2005/08/02-ws-chor-irc With respect to registering the MIME type, we have checked with Phillipe and it is acceptable to register after LC. Also with respect to having Yves as the contact point, again this was checked and is acceptable to W3C staff. On the remaining aspect of this issue, regarding security, the WG felt that there was not much to add wrt to cdl being an xml document; it has the same considerations as any other xml document. There are other security considerations related to using the document to "compile" into end point behaviour, and this is outlined in its own section (7.1). In addition we have followed what the WSD WG said on this topic, since CDL is of a similar nature to ESDL. We will raise this as a discussion point at the next WS Coordination Group Call. Cheers, Martin. >-----Original Message----- >From: public-ws-chor-comments-request@w3.org >[mailto:public-ws-chor-comments-request@w3.org] On Behalf Of >Bjoern Hoehrmann >Sent: Thursday, July 28, 2005 6:58 AM >To: Martin Chapman >Cc: public-ws-chor-comments@w3.org >Subject: Re: W3C WS-Choreo WG - Issue 958, > > > >* Martin Chapman wrote: >>The following WS-Choreo last call issues that you raised have been >>resolved as follows. Please confirm you agree with the resolutions >>asap. All editorial changes can be found in the latest >editorial draft: >>http://www.w3.org/2002/ws/chor/edcopies/cdl/cdl.html > >>Issue 958: http://www.w3.org/Bugs/Public/show_bug.cgi?id=958 >>Issue 961: http://www.w3.org/Bugs/Public/show_bug.cgi?id=961 >>Issue 962: http://www.w3.org/Bugs/Public/show_bug.cgi?id=962 >>Issue 965: http://www.w3.org/Bugs/Public/show_bug.cgi?id=965 >>Issue 969: http://www.w3.org/Bugs/Public/show_bug.cgi?id=969 >>Issue 970: http://www.w3.org/Bugs/Public/show_bug.cgi?id=970 >>Issue 972: http://www.w3.org/Bugs/Public/show_bug.cgi?id=972 > >Sounds good, thanks. > >>Issue 963: http://www.w3.org/Bugs/Public/show_bug.cgi?id=963 > >I don't really see a difference in style? > >>Issue 968: http://www.w3.org/Bugs/Public/show_bug.cgi?id=968 > >Note that http://www.w3.org/2002/06/registering-mediatype >ietf-types review is required for these types to be >registered. Normally this would be done along with the last >call announcement, I am not sure whether there is a process >for doing it later, W3C's IETF Liaisons Dan Connolly and >Philippe Le Hégaret might be able to provide guidance here. > >I am not satisfied by the current registration template, there >should probably be a "." after "This document", the "Person >and email address to contact for further information" should >probably not be Yves but a more generic address (like >web-human@) or a mailing list, and the "Security >considerations" are inadequate. > >I would expect the security considerations section to conform >to http://www.ietf.org/rfc/rfc3552.txt section 5 and discuss >e.g. whether application/cdl+xml documents may have a http://w3.org/TR/xmldsig-core/ digital signature and how application/cdl+xml implementations that do not support XML DSig behave when processing a document (e.g., would the signature be ignored, would the implementation refuse to process the document, etc.) Simply saying that CDL users don't have to consider any security issue but those that apply to all XML formats is probably worse than having no security considerations section at all. regards, -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de 68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Wednesday, 3 August 2005 13:58:17 UTC