OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [dss] Namespace inheritance, other approach

Hi!

AFAIK, PIs may appear anywhere in the document. Only the XML declaration
(<?XML ... ) and the document type declaration may only appear in the
prolog. However, those two types do not appear in the XPath data model
so, they cannot be sigend anyway. Thus, they could simply be omitted
when transmitting the whole document withing the <dss:XMLData> element.
When the document type declaration has to be evaluated (ex. for proper
recognition of xsd:Id-attributes) the document has to be re-parsed
anyway. So, why not transmitting it using base64 encoding in this case?

martin

Edward Shallow wrote:
> Sorry I did not explain myself, but similar to the "binding the content to
> the rendering technique and artifacts" example provided by Rich, posting PI
> lines also explicitly declares the rendering engine being used which a DSS
> service can log and even bind cryptograhically, as part of the transport
> binding, or better as is illustrated in a vendor-neutral way in Rich's
> excellent example.  
> 
> -----Original Message-----
> From: Edward Shallow [mailto:ed.shallow@rogers.com] 
> Sent: May 19, 2005 10:44 AM
> To: 'Rich Salz'; 'Trevor Perrin'
> Cc: dss@lists.oasis-open.org
> Subject: RE: [dss] Namespace inheritance, other approach
> 
> Here is a snip of sample PI with the vendor obscured.
> 
> <?xml version="1.0" encoding="UTF-8"?>
> <?acme-AcmeSignerSolution PIVersion="1.0.0.0" solutionVersion="1.0.0.1" 
>  
> name="urn:schemas-Acme-com:office:AcmeSigner:oob:TravelRequest:1033" 
>              productVersion="11.0.6357" ?> <?acme-application
> progid="AcmeSigner.Document"?>
> 
> 
> Ed 
> 
> -----Original Message-----
> From: Rich Salz [mailto:rsalz@datapower.com]
> Sent: May 19, 2005 10:24 AM
> To: 'Trevor Perrin'
> Cc: dss@lists.oasis-open.org
> Subject: Re: [dss] Namespace inheritance, other approach
> 
> 
>>Could you give examples of why we need to put Processing instructions 
>>and <?XML ...> lines in <dss:XMLData>?
> 
> 
> My document might have a reference to the XSL stylesheet that renders it,
> and I might want to have the source and the stylesheet signed, and proof
> that I intended them to be linked
> 	<? xml-stylesheet type="text/xml"
> 		 href="http://www.example.com/foo.xsl"; ?>
> 
> 
> 
> --
> Rich Salz, Chief Security Architect
> DataPower Technology                           http://www.datapower.com
> XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  You may a link to this group and all your TCs in OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  You may a link to this group and all your TCs in OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  You may a link to this group and all your TCs in OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]