- From: Asir Vedamuthu <asirveda@microsoft.com>
- Date: Tue, 15 Aug 2006 18:17:34 -0700
- To: "Yalcinalp, Umit" <umit.yalcinalp@sap.com>, <public-ws-policy@w3.org>
There is one other piece. > 2. Repeat last example in Section 4.2 using xml:id in > addition to wsu:id (last paragraph of Section 4.2) to > illustrate the form. This is purely editorial. Don't know what example would be safe to use with Canonical XML 1.0. I think it is premature to add an example. Regards, Asir S Vedamuthu Microsoft Corporation -----Original Message----- From: Yalcinalp, Umit [mailto:umit.yalcinalp@sap.com] Sent: Monday, August 14, 2006 5:37 PM To: Asir Vedamuthu; public-ws-policy@w3.org Subject: RE: NEW ISSUE: The framework specification should enable usage of xml:id > -----Original Message----- > From: Asir Vedamuthu [mailto:asirveda@microsoft.com] > Sent: Friday, Aug 11, 2006 4:55 PM > To: Yalcinalp, Umit; public-ws-policy@w3.org > Subject: RE: NEW ISSUE: The framework specification should > enable usage of xml:id > > > We could also add a note in the framework/primer when it is not > > desirable to use xml:id but rely on wsu:id > > Good point. > > The xml:id Version 1.0 specification says, 'The Canonical XML > Version 1.0 specification describes a process whereby > attributes in the xml: namespace are inherited in a > canonicalized document. While this produces a reasonable > result with xml:lang or xml:space attributes, processing > xml:id attributes in this way is likely to produce documents > that contain xml:id errors, specifically xml:id attribute > values that are not unique.'[1] > > An illustrative description of the above technical issue can > be found in [2]. The XML Core Working Group is chartered [3] > to produce a new version of Canonical XML to address this > inconsistency. > > 'XML Signature Syntax and Processing' requires > implementations to support C14N 1.0 [4]. C14N 1.0 is widely > supported [5] and used. In many cases, users only have access > to C14N 1.0 support. > > If the WG wants to adopt the xml:id attribute in addition to > the wsu:Id attribute, we suggest amending the proposal to > include the following note of caution to Section 4.2: > > "The use of xml:id attribute in conjunction with Canonical > XML 1.0 is inappropriate as described in Appendix C of xml:id > Version 1.0 [XMLID] and thus this combination must be avoided > (see [C14NNOTE]). For example, a policy expression identified > using xml:id attribute should not be signed using XML Digital > Signature when Canonical XML 1.0 is being used as the > canonicalization method." Where, C14NNOTE is a non-normative > reference to [2]. > It appears you are adding a friendly amendement to the proposal. That is fine with me. > [1] http://www.w3.org/TR/2005/REC-xml-id-20050909/#impact > [2] http://www.w3.org/2006/04/c14n-note/c14n-note.html#S3 > [3] http://www.w3.org/2005/02/xml-core-wg-charter.html#deliverables > [4] http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/#sec-c14nAlg > [5] http://www.w3.org/Signature/2001/04/05-xmldsig-interop.html > http://www.w3.org/Signature/2000/10/10-c14n-interop.html > > Regards, > > Asir S Vedamuthu > Microsoft Corporation > --umit > ________________________________________ > From: public-ws-policy-request@w3.org > [mailto:public-ws-policy-request@w3.org] On Behalf Of Yalcinalp, Umit > Sent: Tuesday, July 25, 2006 1:54 PM > To: public-ws-policy@w3.org > Subject: NEW ISSUE: The framework specification should enable > usage of xml:id > > > Title: The framework specification should also enable the > usage of xml:id > Description: > The WS-Policy Framework specification uses wsu:id element to > designate identification for elements[WS-Policy]. W3C also > published xml:id document that allows the same use [XMLID] > that is a recommendation. Currently, the WS-Policy > specification does not use the xml:id mechanism for uniquely > identifying XML elements and relies on the WSS definition of > id mechanism. > Justification: > The purpose of the xml:id specification is to have unique > element identifiers to be recognized by all conformant XML > processors. Currently, WS-Policy relies on WS-Security > specification for generating URI references instead and > requires the framework providers to recognize this alternate > mechanism for processing references. As xml:id will be > adopted, the support of xml:id in all XML processors may > require WS-Policy to also allow utilization of xml:id. > Further, the specification does not clarify whether the > xml:id is permissable as an identification mechanism for a > WS-Policy expression. > Target: Section 4.2 of the WS-Policy, Appendix A. > Proposal: > Allow xml:id as a permissible mechanism for identifying > policy expressions in addition to wsu:Id > 1. Replace > {/wsp:Policy/@wsu:Id > The identity of the policy expression as an ID within the > enclosing XML document. If omitted, there is no implied > value. To refer to this policy expression, a URI-reference > MAY be formed using this value per Section 4.2 of WS-Security > [WS-Security 2004].} > > > With > /wsp:Policy/{@wsu:Id | @xml:id} > The identity of the policy expression as an ID within the > enclosing XML document. If omitted, there is no implied > value. To refer to this policy expression, a URI-reference > MAY be formed using this value per Section 4.2 of WS-Security > [WS-Security 2004] when @wsu:Id is used. > 2. Repeat last example in Section 4.2 using xml:id in > addition to wsu:id (last paragraph of Section 4.2) to > illustrate the form. This is purely editorial. > 3. Add normative reference to xml:id [XMLID] in A.1. > Personal Note: > I have chosen to retain the reference on wsu:Id given the > expected schedule of the publication rather than removing it > due to existing support on this attribute in the existing > implementations. > We could also add a note in the framework/primer when it is > not desirable to use xml:id but rely on wsu:id if the wg > feels that is necessary. > --umit > [XMLID] http://www.w3.org/TR/xml-id/ > [WS-Policy] > http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-f ramework.html?content-type=text/html;%20charset=utf-8 > > ---------------------- > Dr. Umit Yalcinalp > Architect > NetWeaver Industry Standards > SAP Labs, LLC > Email: umit.yalcinalp@sap.com Tel: (650) 320-3095 > SDN: https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/u/36238 >
Received on Wednesday, 16 August 2006 01:17:47 UTC