Re: <any namespace="##any"> in Encryption 1.1 from MURATA Makoto (FAMILY Given) on 2010-03-09 (public-xmlsec@w3.org from March 2010)

From: MURATA Makoto (FAMILY Given) <eb2m-mrt@asahi-net.or.jp>
Date: Wed, 10 Mar 2010 07:20:45 +0900
To: <public-xmlsec@w3.org>
Cc: Murata <eb2m-mrt@asahi-net.or.jp>
Message-Id: <20100310072044.3466.B794FC04@asahi-net.or.jp>

> 
> I think that's intentional, the use of any is more consistent with the
> approaches taken in XML Signature for open content models. Open means open.

The choice of specific elements in the ns "http://www.w3.org/2009/xmlenc11#" and 
<any namespace="##other"/> would mean more sense.

I would argue that <any namespace="##any"> is always bad, since
something unnecessary will be allowed and the programmer will not 
consider such sick cases such as:

<KeyDerivationMethod Algorithm="">
  <DerivedKey>
    <KeyDerivationMethod  Algorithm=""/>
      <KeyDerivationMethod  Algorithm=""/>
        <ConcatKDFParams>...</ConcatKDFParams>
      </KeyDerivationMethod>
    </KeyDerivationMethod>
  </DerivedKey>
</KeyDerivationMethod>

Cheers,
Makoto

Received on Tuesday, 9 March 2010 22:21:18 UTC