hi,
thanks
i will look into it
abbie
> -----Original Message-----
> From: Hugo Haas [mailto:hugo@w3.org]
> Sent: Thursday, June 26, 2003 12:07 PM
> To: public-wsawg-security-tf@w3.org
> Cc: Michael Champion; Dave Hollander
> Subject: Interesting thread to harvest about schema
> validation, digital signature, etc.
>
>
>
> Hi Abbie and all.
>
> [ Mike and Dave, I am sending this to the security task force in order
> not to distract the WG from concepts and relationships, but am happy
> to resend it to www-ws-arch if you think it's best. ]
>
> While going through old emails in my www-ws-arch folder, I
> found an interesting thread to harvest that isn't covered by
> the current security framework:
>
http://www.w3.org/2002/02/mid/7FCB5A9F010AAE419A79A54B44F3718E2EAE6D@bocnte2
k3.boc.chevrontexaco.net
There are, I think, several thing to point out in here:
- the meaning of signing a message.
- the dangers on relying on external processing (e.g. schema
validation when the schema isn't attached to the message).
- maybe other things that I have missed.
It seems that the first point could go in the section about signature, and
the second one about a good practice or threats section.
Comments?
Regards,
Hugo
--
Hugo Haas - W3C
mailto:hugo@w3.org - http://www.w3.org/People/Hugo/