- From: Dan Connolly <connolly@w3.org>
- Date: Thu, 10 Mar 2005 20:08:44 -0600
- To: "MattO" <matto@tellme.com>
- Cc: <www-voice@w3.org>
On Mar 10, 2005, at 6:56 PM, MattO wrote: [...formalities elided...] > In http://lists.w3.org/Archives/Public/www-voice/2004JulSep/0024.html you > raised the following issue which was registered as change requests > R85. Our > response is given inline: > > "I'm surprised by... > > 'If the XML document specifies an <?access-control?> processing > instruction, > access to the data is allowed based on the following > algorithm: ...' > -- > http://www.w3.org/TR/2004/WD-voicexml21-20040728/#sec-data-security > > Last time a processing instruction was used in a W3C spec, > it was allowed only after considerable debate... > > 'The use of XML processing instructions in this specification should > not be > taken as a precedent. The W3C does not anticipate recommending the use > of > processing instructions in any future specification.' > -- http://www.w3.org/1999/06/REC-xml-stylesheet-19990629/ > > I suggest using a namespace-qualified element or attribute instead." > > VBWG Response: Rejected > > The VBWG evaluated a number of mechanisms that would enforce the > security of > the data retrieved by the <data/> element including domain-based > restrictions, HTTP_REFERER, HTTP X-Header, XML security envelope, and > XML-ENC. The use of a processing instruction to enforce security of > the data > is a lightweight mechanism that is straightforward for data providers > and > platform vendors to understand and to implement. The VBWG considered > the > specification and practical implementation limitations of processing > instructions and determined that these did not interfere with the > intended > behavior of this mechanism. > > Upon further review, the VBWG acknowledged that specifying how security > policy and resource sandboxing must be implemented went beyond the > scope of > the working group and therefore chose not to mandate one particular > mechanism. However, because resource sandboxing is an important > principle > for VoiceXML interpreters in certain deployment contexts, and > interoperability among implementations should be encouraged, the group > chose > to document this mechanism in an informative appendix. Er... you moved something to an appendix? Can I have a look at a draft? I can't tell from your response why a namespace-qualified element or attribute won't work just as well if not better than a processing instruction, so no, I'm not satisfied by this response. Can you give me an example of something bad that would happen if you used a namespace qualified element or attribute? -- Dan Connolly, W3C http://www.w3.org/People/Connolly/
Received on Friday, 11 March 2005 02:08:46 UTC