- From: Henry S. Thompson <ht@cogsci.ed.ac.uk>
- Date: 06 Aug 2002 13:12:40 +0100
- To: noah_mendelsohn@us.ibm.com
- Cc: Cliff Schmidt <cschmidt@microsoft.com>, Dare Obasanjo <dareo@microsoft.com>, "'Jeni Tennison'" <jeni@jenitennison.com>, Xan Gregg <xan@tibco.com>, xmlschema-dev@w3.org
noah_mendelsohn@us.ibm.com writes:
> Henry Thompson writes:
>
> >> As previously noted, I believe we can easily
> >> implement this at 'compile time' via coontent
> >> model FSM subsumption checking.
>
> Have we proven that this is possible in all cases without combinatorial
> blow-up of the FSMs for maxOccurs = notSmallInteger? I don't think it's
> generally acceptable, from a security and denial of service point of view,
> to have rules which have as their only practical embodiment such
> characteristics (of course, there is still the option to make compile time
> checking optional, and to allow successive validations against derived and
> parent types at run time -- that's not entirely pleasing from a
There is linear cost in FSM size for top-level numeric exponents.
Nested numeric exponents are geometricallhy expensive. Matt Fuchs
once alleged he knew how to beat this. If so, great. If not, I'd
prefer to legislate it out of existence, i.e. rule out numeric min/max
(other than 0 and 1) except at the top-level of content models.
ht
--
Henry S. Thompson, HCRC Language Technology Group, University of Edinburgh
W3C Fellow 1999--2002, part-time member of W3C Team
2 Buccleuch Place, Edinburgh EH8 9LW, SCOTLAND -- (44) 131 650-4440
Fax: (44) 131 650-4587, e-mail: ht@cogsci.ed.ac.uk
URL: http://www.ltg.ed.ac.uk/~ht/
[mail really from me _always_ has this .sig -- mail without it is forged spam]
Received on Tuesday, 6 August 2002 08:14:54 UTC