- From: Sean Mullan <Sean.Mullan@Sun.COM>
- Date: Wed, 28 Jan 2009 12:00:06 -0500
- To: Scott Cantor <cantor.2@osu.edu>
- Cc: "'Frederick Hirsch'" <frederick.hirsch@nokia.com>, "'XMLSec WG Public List'" <public-xmlsec@w3.org>
Might this warning text be better for the Best Practices document for now? We could add it to Best Practice 5: Try to avoid or limit RetrievalMethod support with KeyInfo --Sean Scott Cantor wrote: > Frederick Hirsch wrote on 2009-01-26: >> (1) Maybe change this proposal text from: >> "A future version of this specification may deprecate or entirely >> remove this feature in favor of a simpler, less general referencing >> model more suitable for the specific purpose of key references. In the >> meantime,use of this feature may lead to interoperability issues." >> >> to >> >> "Use of transforms should be limited to the minimum case of extracting >> a single included element from KeyInfo." >> >> ? > > That's sort of like saying "use of sharp stick should be confined to left > eye". I suspect if you want to get specific, we would need to actually > specify an example of what you should explicitly support so that > implementers can actually hardcode a transform set to allow. Maybe somebody > could provide the XPath expressions that would be required? Assuming you had > an ID reference to KeyInfo, what would it be? > > I'm fine with not including the deprecating text, though. I wasn't sure > whether the wording of the AI really was intending to have me write that, so > I just did it anyway. > >> (2) Perhaps we can add an id attribute to KeyInfo content to avoid the >> need for a transform? > > We can't. > > -- Scott > > >
Received on Wednesday, 28 January 2009 17:00:55 UTC